CodeQL library for Python
codeql/python-all 0.10.5 ( changelog , source )
Search

Module RegexInjection

Provides default sources, sinks and sanitizers for detecting “regular expression injection” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.RegexInjectionCustomizations

Classes

RegexEscapingAsSanitizer

A regex escaping, considered as a sanitizer.

RemoteFlowSourceAsSource

A source of remote user input, considered as a flow source.

Sanitizer

A sanitizer for “regular expression injection” vulnerabilities.

SanitizerGuard

DEPRECATED: Use Sanitizer instead.

Sink

A sink for “regular expression injection” vulnerabilities is the execution of a regular expression. If you have a custom way to execute regular expressions, you can extend RegexExecution::Range.

Source

A data flow source for “regular expression injection” vulnerabilities.