Skip to content
You signed in with another tab or window.
Reload
to refresh your session.
You signed out in another tab or window.
Reload
to refresh your session.
You switched accounts on another tab or window.
Reload
to refresh your session.
Dismiss alert
{{ message }}
github
/
codeql
Public
Notifications
You must be signed in to change notification settings
Fork
1.5k
Star
7.6k
Code
Issues
794
Pull requests
356
Discussions
Actions
Projects
0
Security
Insights
Additional navigation options
Code
Issues
Pull requests
Discussions
Actions
Projects
Security
Insights
Files
main
Breadcrumbs
codeql
/
python
/
ql
/
src
/
Security
/
CWE-094
/
CodeInjection.ql
Blame
Blame
Latest commit
History
History
24 lines (22 loc) · 769 Bytes
main
Breadcrumbs
codeql
/
python
/
ql
/
src
/
Security
/
CWE-094
/
CodeInjection.ql
Top
File metadata and controls
Code
Blame
24 lines (22 loc) · 769 Bytes
Raw
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
/**
* @name Code injection
* @description Interpreting unsanitized user input as code allows a malicious user to perform arbitrary
* code execution.
* @kind path-problem
* @problem.severity error
* @security-severity 9.3
* @sub-severity high
* @precision high
* @id py/code-injection
* @tags security
* external/cwe/cwe-094
* external/cwe/cwe-095
* external/cwe/cwe-116
*/
import
python
import
semmle.python.security.dataflow.CodeInjectionQuery
import
CodeInjectionFlow
::
PathGraph
from
CodeInjectionFlow
::
PathNode
source
,
CodeInjectionFlow
::
PathNode
sink
where
CodeInjectionFlow
::
flowPath
(
source
,
sink
)
select
sink
.
getNode
(
)
,
source
,
sink
,
"This code execution depends on a $@."
,
source
.
getNode
(
)
,
"user-provided value"
You can’t perform that action at this time.