CodeQL library for Python
codeql/python-all 0.6.4 (changelog, source)
Search

Class StringEvaluationNode

A taint sink that represents an argument to exec or eval that is vulnerable to malicious input. The vuln in exec(vuln) or similar.

Import path

import semmle.python.security.injection.Exec

Direct supertypes

Indirect supertypes

Predicates

sinks

Holds if this “sinks” taint kind kind Typically this means that this is vulnerable to taint kind kind.

toString

Gets a textual representation of this element.

Inherited predicates

getLocationfrom TaintSink
hasLocationInfo

Holds if this element is at the specified location. The location spans column startcolumn of line startline to column endcolumn of line endline in file filepath. For more information, see Locations.

from TaintSink

Charpred