Class Decoding
A data-flow node that decodes data from a binary or textual format. This is intended to include deserialization, unmarshalling, decoding, unpickling, decompressing, decrypting, parsing etc.
A decoding (automatically) preserves taint from input to output. However, it can also be a problem in itself, for example if it allows code execution or could result in denial-of-service.
Extend this class to refine existing API models. If you want to model new APIs,
extend Decoding::Range
instead.
Import path
import semmle.python.Concepts
Direct supertypes
Indirect supertypes
Known direct subtypes
Predicates
getAnInput |
Gets an input that is decoded by this function. |
getFormat |
Gets an identifier for the format this function decodes from, such as “JSON”. |
getOutput |
Gets the output that contains the decoded data produced by this function. |
mayExecuteInput |
Holds if this call may execute code embedded in its input. |
Inherited predicates
asCfgNode |
Gets the control-flow node corresponding to this node, if any. |
from Node |
asExpr |
Gets the expression corresponding to this node, if any. |
from Node |
asVar |
Gets the ESSA variable corresponding to this node, if any. |
from Node |
getALocalSource |
Gets a local source node from which data may flow to this node in zero or more local data-flow steps. |
from Node |
getEnclosingCallable |
Gets the enclosing callable of this node. |
from Node |
getLocation |
Gets the location of this node |
from Node |
getScope |
Gets the scope of this node. |
from Node |
hasLocationInfo |
Holds if this element is at the specified location. The location spans column |
from Node |
toString |
Gets a textual representation of this element. |
from Node |