CodeQL library for Python
codeql/python-all 0.12.0 (changelog, source)
Index
Search

Module RegExpTracking

Provides predicates that track strings to where they are used as regular expressions. This is implemented using TypeTracking in two phases:

1: An exploratory backwards analysis that imprecisely tracks all nodes that may be used as regular expressions. The exploratory phase ends with a forwards analysis from string constants that were reached by the backwards analysis. This is similar to the exploratory phase of the JavaScript global DataFlow library.

2: A precise type tracking analysis that tracks constant strings to where they are used as regular expressions. This phase keeps track of which strings and regular expressions end up in which places.

Import path

import semmle.python.regexp.internal.RegExpTracking

Imports

python

Predicates

regExpSource

Gets a node holding a value for the regular expression that is evaluated at re.

strStart

Gets a constant string value that may be used as a regular expression.

Classes

RegExpSink

A node where regular expressions that flow to the node are used.