CodeQL library for Python
codeql/python-all 0.6.4 (changelog, source)
Search

Module LogInjection

Provides default sources, sinks and sanitizers for detecting “log injection” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.LogInjectionCustomizations

Classes

LoggingAsSink

A logging operation, considered as a flow sink.

RemoteFlowSourceAsSource

A source of remote user input, considered as a flow source.

ReplaceLineBreaksSanitizer

A call to replace line breaks, considered as a sanitizer.

Sanitizer

A sanitizer for “log injection” vulnerabilities.

SanitizerGuard

DEPRECATED: Use Sanitizer instead.

Sink

A data flow sink for “log injection” vulnerabilities.

Source

A data flow source for “log injection” vulnerabilities.

StringConstCompareAsSanitizerGuard

A comparison with a constant string, considered as a sanitizer-guard.