A string constructed from a string-literal (e.g. f'foo {sink}'
),
where the resulting string ends up being executed as a shell command.
Import path
import semmle.python.security.dataflow.UnsafeShellCommandConstructionCustomizations
Direct supertypes
Predicates
describe | Gets a description of how the string in this sink was constructed. |
getCommandExecution | Gets the dataflow node that executed the string as a shell command. |
getStringConstruction | Gets the dataflow node where the string is constructed. |
Inherited predicates
asCfgNode | Gets the control-flow node corresponding to this node, if any. | from Node |
asExpr | Gets the expression corresponding to this node, if any. | from Node |
getALocalSource | Gets a local source node from which data may flow to this node in zero or more local data-flow steps. | from Node |
getEnclosingCallable | Gets the enclosing callable of this node. | from Node |
getLocation | Gets the location of this node | from Node |
getScope | Gets the scope of this node. | from Node |
hasLocationInfo | Holds if this element is at the specified location. The location spans column | from Node |
toString | Gets a textual representation of this element. | from Node |