CodeQL library for Python
codeql/python-all 0.6.4 (changelog, source)
Search

Module Path

Import path

import semmle.python.security.injection.Path

Imports

Classes

AbsPath
NormalizedPath

A path that has been normalized, but not verified to be safe

NormalizedPathSanitizer
OpenNode

A taint sink that is vulnerable to malicious paths. The vuln in open(vuln) and similar.

PathSanitizer

Prevents taint flowing through ntpath.normpath() NormalizedPath below handles that case.