CodeQL library for Python
codeql/python-all 0.6.4 (changelog, source)
Search

Module RegexInjection

Provides default sources, sinks and sanitizers for detecting “regular expression injection” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.RegexInjectionCustomizations

Classes

RegexEscapingAsSanitizer

A regex escaping, considered as a sanitizer.

RemoteFlowSourceAsSource

A source of remote user input, considered as a flow source.

Sanitizer

A sanitizer for “regular expression injection” vulnerabilities.

SanitizerGuard

DEPRECATED: Use Sanitizer instead.

Sink

A sink for “regular expression injection” vulnerabilities is the execution of a regular expression. If you have a custom way to execute regular expressions, you can extend RegexExecution::Range.

Source

A data flow source for “regular expression injection” vulnerabilities.