Query module ConditionalBypass

name
User-controlled bypass of sensitive method
description
User-controlled bypassing of sensitive methods may allow attackers to avoid passing through authentication systems.
kind
path-problem
problem.severity
error
precision
high
id
java/user-controlled-bypass
tags
security external/cwe/cwe-807 external/cwe/cwe-290

Imports

Dominance

Provides classes and predicates for control-flow graph dominance.

FlowSources

Provides classes representing various flow sources for taint tracking.

Guards
PathGraph

Provides the query predicates needed to include a graph in a path-problem query.

SensitiveActions

Sensitive data and methods for security.

java

Provides all default Java QL imports.

Predicates

conditionControlsMethod

Calls to a sensitive method that are controlled by a condition on the given expression.

Classes