CodeQL library for Python
codeql/python-all 4.0.7 (changelog, source)
Search

Module CodeInjection

Provides default sources, sinks and sanitizers for detecting “code injection” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.CodeInjectionCustomizations

Classes

CodeExecutionAsSink

A code execution, considered as a flow sink.

ConstCompareAsSanitizerGuard

A comparison with a constant, considered as a sanitizer-guard.

RemoteFlowSourceAsSource

DEPRECATED: Use ActiveThreatModelSource from Concepts instead!

Sanitizer

A sanitizer for “code injection” vulnerabilities.

Sink

A data flow sink for “code injection” vulnerabilities.

Source

A data flow source for “code injection” vulnerabilities.

Aliases

StringConstCompareAsSanitizerGuard

DEPRECATED: Use ConstCompareAsSanitizerGuard instead.