A taint-tracking configuration for detecting “shell command constructed from library input” vulnerabilities.
Import path
import semmle.python.security.dataflow.UnsafeShellCommandConstructionQuery
Predicates
getAFeature | Gets a data flow configuration feature to add restrictions to the set of valid flow paths. |
isBarrier | Holds if data flow through |
isSink | Holds if |
isSource | Holds if |