Module SqlUnescapedLib

Import path

semmle.code.java.security.SqlUnescapedLib

Imports

ControlledString
TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

Predicates

builtFromUncontrolledConcat

A string concatenation that includes a string not known to be programmer controlled.

uncontrolledStringBuilderQuery

A query built with a StringBuilder, where one of the items appended is uncontrolled.