CodeQL library for Python
codeql/python-all 2.1.1-dev (changelog, source)
Search

Module Implementation

Import path

import semmle.python.dataflow.old.Implementation

Imports

Predicates

iterable_unpacking_descent

Helper predicate for taintedMultiAssignment

Classes

AttributePath

The attribute of the tracked value holding the taint. This is usually “no attribute”. Used for tracking tainted attributes of objects.

NamedAttributePath

The AttributePath for an attribute.

NoAttribute

The AttributePath for no attribute.

TaintTrackingContext

The context for taint-tracking. There are two types of contexts: * No context; the context at a source. * Tainted parameter; tracks the taint and attribute-path for a parameter Used to track taint through calls accurately and reasonably efficiently.

TaintTrackingImplementation

The implementation of taint-tracking Each TaintTrackingImplementation is also a TaintTracking::Configuration It is implemented as a separate class for clarity and to keep the code in TaintTracking::Configuration simpler.

TaintTrackingNode

A class representing the (node, context, path, kind) tuple. Used for context-sensitive path-aware taint-tracking.

Datatypes

TTaintTrackingContext
TTaintTrackingNode

Type representing the (node, context, path, kind) tuple. Construction of this type is mutually recursive with TaintTrackingImplementation.flowStep(...)

Modules