CodeQL library for Python
codeql/python-all 3.0.1-dev (changelog, source)
Search

Module NoSqlInjectionCustomizations

Provides default sources, sinks and sanitizers for detecting “NoSql injection” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.NoSqlInjectionCustomizations

Imports

Concepts

Provides abstract classes representing generic concepts such as file system access or system command execution, for which individual framework libraries provide concrete subclasses.

DataFlow

Provides a library for local (intra-procedural) and global (inter-procedural) data flow analysis: deciding whether data can flow from a source to a sink.

RemoteFlowSources

Provides an extension point for modeling user-controlled data. Such data is often used as data-flow sources in security queries.

python

Modules

NoSqlInjection

Provides default sources, sinks and sanitizers for detecting “NoSql injection” vulnerabilities, as well as extension points for adding your own.