CodeQL library for Python
codeql/python-all 3.1.2-dev (changelog, source)
Search

Module UnsafeDeserialization

Provides default sources, sinks and sanitizers for detecting “code execution from deserialization” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.UnsafeDeserializationCustomizations

Classes

ConstCompareAsSanitizerGuard

A comparison with a constant, considered as a sanitizer-guard.

InsecureDecodingAsSink

An insecure decoding, considered as a flow sink.

RemoteFlowSourceAsSource

DEPRECATED: Use ActiveThreatModelSource from Concepts instead!

Sanitizer

A sanitizer for “code execution from deserialization” vulnerabilities.

Sink

A data flow sink for “code execution from deserialization” vulnerabilities.

Source

A data flow source for “code execution from deserialization” vulnerabilities.

Aliases

StringConstCompareAsSanitizerGuard

DEPRECATED: Use ConstCompareAsSanitizerGuard instead.