mirror of
https://github.com/github/codeql.git
synced 2026-05-30 19:11:23 +02:00
Python: rebless toString churn from shared-CFG migration
The shared CFG library overrides ControlFlowNode.toString() as 'final' (shared/controlflow/codeql/controlflow/Cfg.qll:1217), so the legacy 'ControlFlowNode for X' prefix is gone — the new toString returns just 'X' for normal nodes and 'After X' for after-nodes. This produces a large cosmetic diff in test expected files with no semantic change. Mass-rebless 78 .expected files whose actual output differs from the checked-in expected only by this rename. Each file was verified to be identical after normalising 'ControlFlowNode for ' and 'After ' away from both sides. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
yoff
@@ -1,3 +1,3 @@
|
||||
| test.py:8:5:8:12 | Raise | Raising a $@ will result in the first element (recursively) being raised and all other elements being discarded. | test.py:7:10:7:29 | ControlFlowNode for Tuple | tuple |
|
||||
| test.py:11:5:11:32 | Raise | Raising a $@ will result in the first element (recursively) being raised and all other elements being discarded. | test.py:11:12:11:31 | ControlFlowNode for Tuple | tuple |
|
||||
| test.py:15:5:15:23 | Raise | Raising a $@ will result in the first element (recursively) being raised and all other elements being discarded. | test.py:14:10:14:19 | ControlFlowNode for Tuple | tuple |
|
||||
| test.py:8:5:8:12 | Raise | Raising a $@ will result in the first element (recursively) being raised and all other elements being discarded. | test.py:7:10:7:29 | After Tuple | tuple |
|
||||
| test.py:11:5:11:32 | Raise | Raising a $@ will result in the first element (recursively) being raised and all other elements being discarded. | test.py:11:12:11:31 | After Tuple | tuple |
|
||||
| test.py:15:5:15:23 | Raise | Raising a $@ will result in the first element (recursively) being raised and all other elements being discarded. | test.py:14:10:14:19 | After Tuple | tuple |
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
| UseofApply.py:19:3:19:17 | ControlFlowNode for apply() | Call to the obsolete builtin function 'apply'. |
|
||||
| expressions_test.py:2:5:2:21 | ControlFlowNode for apply() | Call to the obsolete builtin function 'apply'. |
|
||||
| UseofApply.py:19:3:19:17 | After apply() | Call to the obsolete builtin function 'apply'. |
|
||||
| expressions_test.py:2:5:2:21 | After apply() | Call to the obsolete builtin function 'apply'. |
|
||||
|
||||
@@ -1 +1 @@
|
||||
| expressions_test.py:6:12:6:18 | ControlFlowNode for input() | The unsafe built-in function 'input' is used in Python 2. |
|
||||
| expressions_test.py:6:12:6:18 | After input() | The unsafe built-in function 'input' is used in Python 2. |
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
| test.py:10:1:10:9 | ControlFlowNode for Attribute | test.py:10:1:10:5 | ControlFlowNode for myobj | foo |
|
||||
| test.py:13:1:13:21 | ControlFlowNode for getattr() | test.py:13:9:13:13 | ControlFlowNode for myobj | foo |
|
||||
| test.py:10:1:10:9 | After Attribute | test.py:10:1:10:5 | myobj | foo |
|
||||
| test.py:13:1:13:21 | After getattr() | test.py:13:9:13:13 | myobj | foo |
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
| test.py:5:9:5:16 | ControlFlowNode for __init__ | test.py:4:1:4:20 | ControlFlowNode for ClassExpr | __init__ | test.py:5:5:5:28 | ControlFlowNode for FunctionExpr |
|
||||
| test.py:6:9:6:16 | ControlFlowNode for Attribute | test.py:6:9:6:12 | ControlFlowNode for self | foo | test.py:6:20:6:22 | ControlFlowNode for foo |
|
||||
| test.py:9:1:9:9 | ControlFlowNode for Attribute | test.py:0:0:0:0 | ModuleVariableNode in Module test for myobj | foo | test.py:9:13:9:17 | ControlFlowNode for StringLiteral |
|
||||
| test.py:9:1:9:9 | ControlFlowNode for Attribute | test.py:9:1:9:5 | ControlFlowNode for myobj | foo | test.py:9:13:9:17 | ControlFlowNode for StringLiteral |
|
||||
| test.py:12:1:12:25 | ControlFlowNode for setattr() | test.py:12:9:12:13 | ControlFlowNode for myobj | foo | test.py:12:23:12:24 | ControlFlowNode for IntegerLiteral |
|
||||
| test.py:5:9:5:16 | __init__ | test.py:4:1:4:20 | After ClassExpr | __init__ | test.py:5:5:5:28 | FunctionExpr |
|
||||
| test.py:6:9:6:16 | After Attribute | test.py:6:9:6:12 | self | foo | test.py:6:20:6:22 | foo |
|
||||
| test.py:9:1:9:9 | After Attribute | test.py:0:0:0:0 | ModuleVariableNode in Module test for myobj | foo | test.py:9:13:9:17 | StringLiteral |
|
||||
| test.py:9:1:9:9 | After Attribute | test.py:9:1:9:5 | myobj | foo | test.py:9:13:9:17 | StringLiteral |
|
||||
| test.py:12:1:12:25 | After setattr() | test.py:12:9:12:13 | myobj | foo | test.py:12:23:12:24 | IntegerLiteral |
|
||||
|
||||
@@ -1,235 +1,235 @@
|
||||
edges
|
||||
| TarSlipImprov.py:15:1:15:3 | ControlFlowNode for tar | TarSlipImprov.py:17:5:17:10 | ControlFlowNode for member | provenance | |
|
||||
| TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:15:1:15:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:17:5:17:10 | ControlFlowNode for member | TarSlipImprov.py:20:19:20:24 | ControlFlowNode for member | provenance | |
|
||||
| TarSlipImprov.py:20:5:20:10 | [post] ControlFlowNode for result | TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | provenance | |
|
||||
| TarSlipImprov.py:20:19:20:24 | ControlFlowNode for member | TarSlipImprov.py:20:5:20:10 | [post] ControlFlowNode for result | provenance | list.append |
|
||||
| TarSlipImprov.py:26:21:26:27 | ControlFlowNode for tarfile | TarSlipImprov.py:28:9:28:14 | ControlFlowNode for member | provenance | |
|
||||
| TarSlipImprov.py:28:9:28:14 | ControlFlowNode for member | TarSlipImprov.py:35:23:35:28 | ControlFlowNode for member | provenance | |
|
||||
| TarSlipImprov.py:35:9:35:14 | [post] ControlFlowNode for result | TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result | provenance | |
|
||||
| TarSlipImprov.py:35:23:35:28 | ControlFlowNode for member | TarSlipImprov.py:35:9:35:14 | [post] ControlFlowNode for result | provenance | list.append |
|
||||
| TarSlipImprov.py:38:1:38:3 | ControlFlowNode for tar | TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:38:1:38:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | TarSlipImprov.py:26:21:26:27 | ControlFlowNode for tarfile | provenance | |
|
||||
| TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | provenance | list.append |
|
||||
| TarSlipImprov.py:43:6:43:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:43:43:43:45 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:43:43:43:45 | ControlFlowNode for tar | TarSlipImprov.py:44:9:44:13 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:44:9:44:13 | ControlFlowNode for entry | TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:54:6:54:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:54:43:54:45 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:54:43:54:45 | ControlFlowNode for tar | TarSlipImprov.py:56:9:56:13 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:56:9:56:13 | ControlFlowNode for entry | TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:88:6:88:43 | ControlFlowNode for Attribute() | TarSlipImprov.py:88:48:88:50 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:88:48:88:50 | ControlFlowNode for tar | TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:111:1:111:3 | ControlFlowNode for tar | TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:111:7:111:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:111:1:111:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:123:6:123:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:123:34:123:36 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:123:34:123:36 | ControlFlowNode for tar | TarSlipImprov.py:124:9:124:13 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:124:9:124:13 | ControlFlowNode for entry | TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:129:31:129:33 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:129:31:129:33 | ControlFlowNode for tar | TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:133:1:133:3 | ControlFlowNode for tar | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:133:1:133:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:141:34:141:36 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:141:34:141:36 | ControlFlowNode for tar | TarSlipImprov.py:142:9:142:13 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:142:9:142:13 | ControlFlowNode for entry | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:151:14:151:50 | ControlFlowNode for closing() | TarSlipImprov.py:151:55:151:56 | ControlFlowNode for tf | provenance | |
|
||||
| TarSlipImprov.py:151:22:151:49 | ControlFlowNode for Attribute() | TarSlipImprov.py:151:14:151:50 | ControlFlowNode for closing() | provenance | Config |
|
||||
| TarSlipImprov.py:151:55:151:56 | ControlFlowNode for tf | TarSlipImprov.py:152:13:152:20 | ControlFlowNode for Yield | provenance | |
|
||||
| TarSlipImprov.py:151:55:151:56 | ControlFlowNode for tf | TarSlipImprov.py:152:19:152:20 | ControlFlowNode for tf | provenance | |
|
||||
| TarSlipImprov.py:152:13:152:20 | ControlFlowNode for Yield | TarSlipImprov.py:157:18:157:40 | ControlFlowNode for py2_tarxz() | provenance | |
|
||||
| TarSlipImprov.py:152:19:152:20 | ControlFlowNode for tf | TarSlipImprov.py:157:18:157:40 | ControlFlowNode for py2_tarxz() | provenance | |
|
||||
| TarSlipImprov.py:157:9:157:14 | ControlFlowNode for tar_cm | TarSlipImprov.py:162:20:162:23 | ControlFlowNode for tarc | provenance | |
|
||||
| TarSlipImprov.py:157:18:157:40 | ControlFlowNode for py2_tarxz() | TarSlipImprov.py:157:9:157:14 | ControlFlowNode for tar_cm | provenance | |
|
||||
| TarSlipImprov.py:159:9:159:14 | ControlFlowNode for tar_cm | TarSlipImprov.py:162:20:162:23 | ControlFlowNode for tarc | provenance | |
|
||||
| TarSlipImprov.py:159:18:159:52 | ControlFlowNode for closing() | TarSlipImprov.py:159:9:159:14 | ControlFlowNode for tar_cm | provenance | |
|
||||
| TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:159:18:159:52 | ControlFlowNode for closing() | provenance | Config |
|
||||
| TarSlipImprov.py:162:20:162:23 | ControlFlowNode for tarc | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | provenance | |
|
||||
| TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:176:36:176:38 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:176:36:176:38 | ControlFlowNode for tar | TarSlipImprov.py:177:9:177:13 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:177:9:177:13 | ControlFlowNode for entry | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:182:36:182:38 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:182:36:182:38 | ControlFlowNode for tar | TarSlipImprov.py:183:9:183:13 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:183:9:183:13 | ControlFlowNode for entry | TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:188:1:188:3 | ControlFlowNode for tar | TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | TarSlipImprov.py:188:1:188:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:193:6:193:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:193:36:193:38 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:193:36:193:38 | ControlFlowNode for tar | TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:210:6:210:43 | ControlFlowNode for Attribute() | TarSlipImprov.py:210:48:210:50 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:210:48:210:50 | ControlFlowNode for tar | TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:231:6:231:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:231:43:231:52 | ControlFlowNode for corpus_tar | provenance | |
|
||||
| TarSlipImprov.py:231:43:231:52 | ControlFlowNode for corpus_tar | TarSlipImprov.py:233:9:233:9 | ControlFlowNode for f | provenance | |
|
||||
| TarSlipImprov.py:233:9:233:9 | ControlFlowNode for f | TarSlipImprov.py:235:28:235:28 | ControlFlowNode for f | provenance | |
|
||||
| TarSlipImprov.py:235:13:235:19 | [post] ControlFlowNode for members | TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | provenance | |
|
||||
| TarSlipImprov.py:235:28:235:28 | ControlFlowNode for f | TarSlipImprov.py:235:13:235:19 | [post] ControlFlowNode for members | provenance | list.append |
|
||||
| TarSlipImprov.py:258:6:258:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:258:31:258:33 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:258:31:258:33 | ControlFlowNode for tar | TarSlipImprov.py:259:9:259:13 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:259:9:259:13 | ControlFlowNode for entry | TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:264:6:264:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:264:43:264:45 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:264:43:264:45 | ControlFlowNode for tar | TarSlipImprov.py:265:9:265:13 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:265:9:265:13 | ControlFlowNode for entry | TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:271:6:271:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:271:44:271:46 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:271:44:271:46 | ControlFlowNode for tar | TarSlipImprov.py:272:9:272:13 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:272:9:272:13 | ControlFlowNode for entry | TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:276:6:276:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:276:43:276:45 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:276:43:276:45 | ControlFlowNode for tar | TarSlipImprov.py:277:9:277:13 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:277:9:277:13 | ControlFlowNode for entry | TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry | provenance | |
|
||||
| TarSlipImprov.py:283:6:283:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:283:56:283:58 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:283:56:283:58 | ControlFlowNode for tar | TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:287:1:287:3 | ControlFlowNode for tar | TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:287:7:287:28 | ControlFlowNode for Attribute() | TarSlipImprov.py:287:1:287:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:292:1:292:3 | ControlFlowNode for tar | TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:292:7:292:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:292:1:292:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:300:6:300:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:300:56:300:58 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:300:56:300:58 | ControlFlowNode for tar | TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:304:1:304:3 | ControlFlowNode for tar | TarSlipImprov.py:306:5:306:10 | ControlFlowNode for member | provenance | |
|
||||
| TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:304:1:304:3 | ControlFlowNode for tar | provenance | |
|
||||
| TarSlipImprov.py:306:5:306:10 | ControlFlowNode for member | TarSlipImprov.py:309:19:309:24 | ControlFlowNode for member | provenance | |
|
||||
| TarSlipImprov.py:309:5:309:10 | [post] ControlFlowNode for result | TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | provenance | |
|
||||
| TarSlipImprov.py:309:19:309:24 | ControlFlowNode for member | TarSlipImprov.py:309:5:309:10 | [post] ControlFlowNode for result | provenance | list.append |
|
||||
| TarSlipImprov.py:15:1:15:3 | tar | TarSlipImprov.py:17:5:17:10 | member | provenance | |
|
||||
| TarSlipImprov.py:15:7:15:39 | After Attribute() | TarSlipImprov.py:15:1:15:3 | tar | provenance | |
|
||||
| TarSlipImprov.py:17:5:17:10 | member | TarSlipImprov.py:20:19:20:24 | member | provenance | |
|
||||
| TarSlipImprov.py:20:5:20:10 | [post] result | TarSlipImprov.py:22:35:22:40 | result | provenance | |
|
||||
| TarSlipImprov.py:20:19:20:24 | member | TarSlipImprov.py:20:5:20:10 | [post] result | provenance | list.append |
|
||||
| TarSlipImprov.py:26:21:26:27 | tarfile | TarSlipImprov.py:28:9:28:14 | member | provenance | |
|
||||
| TarSlipImprov.py:28:9:28:14 | member | TarSlipImprov.py:35:23:35:28 | member | provenance | |
|
||||
| TarSlipImprov.py:35:9:35:14 | [post] result | TarSlipImprov.py:36:12:36:17 | result | provenance | |
|
||||
| TarSlipImprov.py:35:23:35:28 | member | TarSlipImprov.py:35:9:35:14 | [post] result | provenance | list.append |
|
||||
| TarSlipImprov.py:38:1:38:3 | tar | TarSlipImprov.py:39:65:39:67 | tar | provenance | |
|
||||
| TarSlipImprov.py:38:7:38:39 | After Attribute() | TarSlipImprov.py:38:1:38:3 | tar | provenance | |
|
||||
| TarSlipImprov.py:39:65:39:67 | tar | TarSlipImprov.py:26:21:26:27 | tarfile | provenance | |
|
||||
| TarSlipImprov.py:39:65:39:67 | tar | TarSlipImprov.py:39:49:39:68 | After members_filter1() | provenance | list.append |
|
||||
| TarSlipImprov.py:43:6:43:38 | After Attribute() | TarSlipImprov.py:43:43:43:45 | tar | provenance | |
|
||||
| TarSlipImprov.py:43:43:43:45 | tar | TarSlipImprov.py:44:9:44:13 | entry | provenance | |
|
||||
| TarSlipImprov.py:44:9:44:13 | entry | TarSlipImprov.py:47:21:47:25 | entry | provenance | |
|
||||
| TarSlipImprov.py:54:6:54:38 | After Attribute() | TarSlipImprov.py:54:43:54:45 | tar | provenance | |
|
||||
| TarSlipImprov.py:54:43:54:45 | tar | TarSlipImprov.py:56:9:56:13 | entry | provenance | |
|
||||
| TarSlipImprov.py:56:9:56:13 | entry | TarSlipImprov.py:58:21:58:25 | entry | provenance | |
|
||||
| TarSlipImprov.py:88:6:88:43 | After Attribute() | TarSlipImprov.py:88:48:88:50 | tar | provenance | |
|
||||
| TarSlipImprov.py:88:48:88:50 | tar | TarSlipImprov.py:91:5:91:7 | tar | provenance | |
|
||||
| TarSlipImprov.py:111:1:111:3 | tar | TarSlipImprov.py:115:9:115:11 | tar | provenance | |
|
||||
| TarSlipImprov.py:111:7:111:39 | After Attribute() | TarSlipImprov.py:111:1:111:3 | tar | provenance | |
|
||||
| TarSlipImprov.py:123:6:123:29 | After Attribute() | TarSlipImprov.py:123:34:123:36 | tar | provenance | |
|
||||
| TarSlipImprov.py:123:34:123:36 | tar | TarSlipImprov.py:124:9:124:13 | entry | provenance | |
|
||||
| TarSlipImprov.py:124:9:124:13 | entry | TarSlipImprov.py:125:36:125:40 | entry | provenance | |
|
||||
| TarSlipImprov.py:129:6:129:26 | After Attribute() | TarSlipImprov.py:129:31:129:33 | tar | provenance | |
|
||||
| TarSlipImprov.py:129:31:129:33 | tar | TarSlipImprov.py:130:5:130:7 | tar | provenance | |
|
||||
| TarSlipImprov.py:133:1:133:3 | tar | TarSlipImprov.py:134:1:134:3 | tar | provenance | |
|
||||
| TarSlipImprov.py:133:7:133:39 | After Attribute() | TarSlipImprov.py:133:1:133:3 | tar | provenance | |
|
||||
| TarSlipImprov.py:141:6:141:29 | After Attribute() | TarSlipImprov.py:141:34:141:36 | tar | provenance | |
|
||||
| TarSlipImprov.py:141:34:141:36 | tar | TarSlipImprov.py:142:9:142:13 | entry | provenance | |
|
||||
| TarSlipImprov.py:142:9:142:13 | entry | TarSlipImprov.py:143:36:143:40 | entry | provenance | |
|
||||
| TarSlipImprov.py:151:14:151:50 | After closing() | TarSlipImprov.py:151:55:151:56 | tf | provenance | |
|
||||
| TarSlipImprov.py:151:22:151:49 | After Attribute() | TarSlipImprov.py:151:14:151:50 | After closing() | provenance | Config |
|
||||
| TarSlipImprov.py:151:55:151:56 | tf | TarSlipImprov.py:152:13:152:20 | After Yield | provenance | |
|
||||
| TarSlipImprov.py:151:55:151:56 | tf | TarSlipImprov.py:152:19:152:20 | tf | provenance | |
|
||||
| TarSlipImprov.py:152:13:152:20 | After Yield | TarSlipImprov.py:157:18:157:40 | After py2_tarxz() | provenance | |
|
||||
| TarSlipImprov.py:152:19:152:20 | tf | TarSlipImprov.py:157:18:157:40 | After py2_tarxz() | provenance | |
|
||||
| TarSlipImprov.py:157:9:157:14 | tar_cm | TarSlipImprov.py:162:20:162:23 | tarc | provenance | |
|
||||
| TarSlipImprov.py:157:18:157:40 | After py2_tarxz() | TarSlipImprov.py:157:9:157:14 | tar_cm | provenance | |
|
||||
| TarSlipImprov.py:159:9:159:14 | tar_cm | TarSlipImprov.py:162:20:162:23 | tarc | provenance | |
|
||||
| TarSlipImprov.py:159:18:159:52 | After closing() | TarSlipImprov.py:159:9:159:14 | tar_cm | provenance | |
|
||||
| TarSlipImprov.py:159:26:159:51 | After Attribute() | TarSlipImprov.py:159:18:159:52 | After closing() | provenance | Config |
|
||||
| TarSlipImprov.py:162:20:162:23 | tarc | TarSlipImprov.py:169:9:169:12 | tarc | provenance | |
|
||||
| TarSlipImprov.py:176:6:176:31 | After Attribute() | TarSlipImprov.py:176:36:176:38 | tar | provenance | |
|
||||
| TarSlipImprov.py:176:36:176:38 | tar | TarSlipImprov.py:177:9:177:13 | entry | provenance | |
|
||||
| TarSlipImprov.py:177:9:177:13 | entry | TarSlipImprov.py:178:36:178:40 | entry | provenance | |
|
||||
| TarSlipImprov.py:182:6:182:31 | After Attribute() | TarSlipImprov.py:182:36:182:38 | tar | provenance | |
|
||||
| TarSlipImprov.py:182:36:182:38 | tar | TarSlipImprov.py:183:9:183:13 | entry | provenance | |
|
||||
| TarSlipImprov.py:183:9:183:13 | entry | TarSlipImprov.py:184:21:184:25 | entry | provenance | |
|
||||
| TarSlipImprov.py:188:1:188:3 | tar | TarSlipImprov.py:189:1:189:3 | tar | provenance | |
|
||||
| TarSlipImprov.py:188:7:188:27 | After Attribute() | TarSlipImprov.py:188:1:188:3 | tar | provenance | |
|
||||
| TarSlipImprov.py:193:6:193:31 | After Attribute() | TarSlipImprov.py:193:36:193:38 | tar | provenance | |
|
||||
| TarSlipImprov.py:193:36:193:38 | tar | TarSlipImprov.py:194:49:194:51 | tar | provenance | |
|
||||
| TarSlipImprov.py:210:6:210:43 | After Attribute() | TarSlipImprov.py:210:48:210:50 | tar | provenance | |
|
||||
| TarSlipImprov.py:210:48:210:50 | tar | TarSlipImprov.py:211:5:211:7 | tar | provenance | |
|
||||
| TarSlipImprov.py:231:6:231:38 | After Attribute() | TarSlipImprov.py:231:43:231:52 | corpus_tar | provenance | |
|
||||
| TarSlipImprov.py:231:43:231:52 | corpus_tar | TarSlipImprov.py:233:9:233:9 | f | provenance | |
|
||||
| TarSlipImprov.py:233:9:233:9 | f | TarSlipImprov.py:235:28:235:28 | f | provenance | |
|
||||
| TarSlipImprov.py:235:13:235:19 | [post] members | TarSlipImprov.py:236:44:236:50 | members | provenance | |
|
||||
| TarSlipImprov.py:235:28:235:28 | f | TarSlipImprov.py:235:13:235:19 | [post] members | provenance | list.append |
|
||||
| TarSlipImprov.py:258:6:258:26 | After Attribute() | TarSlipImprov.py:258:31:258:33 | tar | provenance | |
|
||||
| TarSlipImprov.py:258:31:258:33 | tar | TarSlipImprov.py:259:9:259:13 | entry | provenance | |
|
||||
| TarSlipImprov.py:259:9:259:13 | entry | TarSlipImprov.py:261:25:261:29 | entry | provenance | |
|
||||
| TarSlipImprov.py:264:6:264:38 | After Attribute() | TarSlipImprov.py:264:43:264:45 | tar | provenance | |
|
||||
| TarSlipImprov.py:264:43:264:45 | tar | TarSlipImprov.py:265:9:265:13 | entry | provenance | |
|
||||
| TarSlipImprov.py:265:9:265:13 | entry | TarSlipImprov.py:268:21:268:25 | entry | provenance | |
|
||||
| TarSlipImprov.py:271:6:271:39 | After Attribute() | TarSlipImprov.py:271:44:271:46 | tar | provenance | |
|
||||
| TarSlipImprov.py:271:44:271:46 | tar | TarSlipImprov.py:272:9:272:13 | entry | provenance | |
|
||||
| TarSlipImprov.py:272:9:272:13 | entry | TarSlipImprov.py:274:25:274:29 | entry | provenance | |
|
||||
| TarSlipImprov.py:276:6:276:38 | After Attribute() | TarSlipImprov.py:276:43:276:45 | tar | provenance | |
|
||||
| TarSlipImprov.py:276:43:276:45 | tar | TarSlipImprov.py:277:9:277:13 | entry | provenance | |
|
||||
| TarSlipImprov.py:277:9:277:13 | entry | TarSlipImprov.py:280:21:280:25 | entry | provenance | |
|
||||
| TarSlipImprov.py:283:6:283:51 | After Attribute() | TarSlipImprov.py:283:56:283:58 | tar | provenance | |
|
||||
| TarSlipImprov.py:283:56:283:58 | tar | TarSlipImprov.py:284:5:284:7 | tar | provenance | |
|
||||
| TarSlipImprov.py:287:1:287:3 | tar | TarSlipImprov.py:288:49:288:51 | tar | provenance | |
|
||||
| TarSlipImprov.py:287:7:287:28 | After Attribute() | TarSlipImprov.py:287:1:287:3 | tar | provenance | |
|
||||
| TarSlipImprov.py:292:1:292:3 | tar | TarSlipImprov.py:293:1:293:3 | tar | provenance | |
|
||||
| TarSlipImprov.py:292:7:292:39 | After Attribute() | TarSlipImprov.py:292:1:292:3 | tar | provenance | |
|
||||
| TarSlipImprov.py:300:6:300:51 | After Attribute() | TarSlipImprov.py:300:56:300:58 | tar | provenance | |
|
||||
| TarSlipImprov.py:300:56:300:58 | tar | TarSlipImprov.py:301:49:301:51 | tar | provenance | |
|
||||
| TarSlipImprov.py:304:1:304:3 | tar | TarSlipImprov.py:306:5:306:10 | member | provenance | |
|
||||
| TarSlipImprov.py:304:7:304:39 | After Attribute() | TarSlipImprov.py:304:1:304:3 | tar | provenance | |
|
||||
| TarSlipImprov.py:306:5:306:10 | member | TarSlipImprov.py:309:19:309:24 | member | provenance | |
|
||||
| TarSlipImprov.py:309:5:309:10 | [post] result | TarSlipImprov.py:310:49:310:54 | result | provenance | |
|
||||
| TarSlipImprov.py:309:19:309:24 | member | TarSlipImprov.py:309:5:309:10 | [post] result | provenance | list.append |
|
||||
nodes
|
||||
| TarSlipImprov.py:15:1:15:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:17:5:17:10 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:20:5:20:10 | [post] ControlFlowNode for result | semmle.label | [post] ControlFlowNode for result |
|
||||
| TarSlipImprov.py:20:19:20:24 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | semmle.label | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:26:21:26:27 | ControlFlowNode for tarfile | semmle.label | ControlFlowNode for tarfile |
|
||||
| TarSlipImprov.py:28:9:28:14 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:35:9:35:14 | [post] ControlFlowNode for result | semmle.label | [post] ControlFlowNode for result |
|
||||
| TarSlipImprov.py:35:23:35:28 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result | semmle.label | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:38:1:38:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | semmle.label | ControlFlowNode for members_filter1() |
|
||||
| TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:43:6:43:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:43:43:43:45 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:44:9:44:13 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:54:6:54:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:54:43:54:45 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:56:9:56:13 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:88:6:88:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:88:48:88:50 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:111:1:111:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:111:7:111:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:123:6:123:29 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:123:34:123:36 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:124:9:124:13 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:129:31:129:33 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:133:1:133:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:141:34:141:36 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:142:9:142:13 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:151:14:151:50 | ControlFlowNode for closing() | semmle.label | ControlFlowNode for closing() |
|
||||
| TarSlipImprov.py:151:22:151:49 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:151:55:151:56 | ControlFlowNode for tf | semmle.label | ControlFlowNode for tf |
|
||||
| TarSlipImprov.py:152:13:152:20 | ControlFlowNode for Yield | semmle.label | ControlFlowNode for Yield |
|
||||
| TarSlipImprov.py:152:19:152:20 | ControlFlowNode for tf | semmle.label | ControlFlowNode for tf |
|
||||
| TarSlipImprov.py:157:9:157:14 | ControlFlowNode for tar_cm | semmle.label | ControlFlowNode for tar_cm |
|
||||
| TarSlipImprov.py:157:18:157:40 | ControlFlowNode for py2_tarxz() | semmle.label | ControlFlowNode for py2_tarxz() |
|
||||
| TarSlipImprov.py:159:9:159:14 | ControlFlowNode for tar_cm | semmle.label | ControlFlowNode for tar_cm |
|
||||
| TarSlipImprov.py:159:18:159:52 | ControlFlowNode for closing() | semmle.label | ControlFlowNode for closing() |
|
||||
| TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:162:20:162:23 | ControlFlowNode for tarc | semmle.label | ControlFlowNode for tarc |
|
||||
| TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | semmle.label | ControlFlowNode for tarc |
|
||||
| TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:176:36:176:38 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:177:9:177:13 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:182:36:182:38 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:183:9:183:13 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:188:1:188:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:193:6:193:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:193:36:193:38 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:210:6:210:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:210:48:210:50 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:231:6:231:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:231:43:231:52 | ControlFlowNode for corpus_tar | semmle.label | ControlFlowNode for corpus_tar |
|
||||
| TarSlipImprov.py:233:9:233:9 | ControlFlowNode for f | semmle.label | ControlFlowNode for f |
|
||||
| TarSlipImprov.py:235:13:235:19 | [post] ControlFlowNode for members | semmle.label | [post] ControlFlowNode for members |
|
||||
| TarSlipImprov.py:235:28:235:28 | ControlFlowNode for f | semmle.label | ControlFlowNode for f |
|
||||
| TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | semmle.label | ControlFlowNode for members |
|
||||
| TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:258:6:258:26 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:258:31:258:33 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:259:9:259:13 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:264:6:264:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:264:43:264:45 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:265:9:265:13 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:271:6:271:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:271:44:271:46 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:272:9:272:13 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:276:6:276:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:276:43:276:45 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:277:9:277:13 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:283:6:283:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:283:56:283:58 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:287:1:287:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:287:7:287:28 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:292:1:292:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:292:7:292:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:300:6:300:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:300:56:300:58 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:304:1:304:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:306:5:306:10 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:309:5:309:10 | [post] ControlFlowNode for result | semmle.label | [post] ControlFlowNode for result |
|
||||
| TarSlipImprov.py:309:19:309:24 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | semmle.label | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:15:1:15:3 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:15:7:15:39 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:17:5:17:10 | member | semmle.label | member |
|
||||
| TarSlipImprov.py:20:5:20:10 | [post] result | semmle.label | [post] result |
|
||||
| TarSlipImprov.py:20:19:20:24 | member | semmle.label | member |
|
||||
| TarSlipImprov.py:22:35:22:40 | result | semmle.label | result |
|
||||
| TarSlipImprov.py:26:21:26:27 | tarfile | semmle.label | tarfile |
|
||||
| TarSlipImprov.py:28:9:28:14 | member | semmle.label | member |
|
||||
| TarSlipImprov.py:35:9:35:14 | [post] result | semmle.label | [post] result |
|
||||
| TarSlipImprov.py:35:23:35:28 | member | semmle.label | member |
|
||||
| TarSlipImprov.py:36:12:36:17 | result | semmle.label | result |
|
||||
| TarSlipImprov.py:38:1:38:3 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:38:7:38:39 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:39:49:39:68 | After members_filter1() | semmle.label | After members_filter1() |
|
||||
| TarSlipImprov.py:39:65:39:67 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:43:6:43:38 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:43:43:43:45 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:44:9:44:13 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:47:21:47:25 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:54:6:54:38 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:54:43:54:45 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:56:9:56:13 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:58:21:58:25 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:88:6:88:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:88:48:88:50 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:91:5:91:7 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:111:1:111:3 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:111:7:111:39 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:115:9:115:11 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:123:6:123:29 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:123:34:123:36 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:124:9:124:13 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:125:36:125:40 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:129:6:129:26 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:129:31:129:33 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:130:5:130:7 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:133:1:133:3 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:133:7:133:39 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:134:1:134:3 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:141:6:141:29 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:141:34:141:36 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:142:9:142:13 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:143:36:143:40 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:151:14:151:50 | After closing() | semmle.label | After closing() |
|
||||
| TarSlipImprov.py:151:22:151:49 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:151:55:151:56 | tf | semmle.label | tf |
|
||||
| TarSlipImprov.py:152:13:152:20 | After Yield | semmle.label | After Yield |
|
||||
| TarSlipImprov.py:152:19:152:20 | tf | semmle.label | tf |
|
||||
| TarSlipImprov.py:157:9:157:14 | tar_cm | semmle.label | tar_cm |
|
||||
| TarSlipImprov.py:157:18:157:40 | After py2_tarxz() | semmle.label | After py2_tarxz() |
|
||||
| TarSlipImprov.py:159:9:159:14 | tar_cm | semmle.label | tar_cm |
|
||||
| TarSlipImprov.py:159:18:159:52 | After closing() | semmle.label | After closing() |
|
||||
| TarSlipImprov.py:159:26:159:51 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:162:20:162:23 | tarc | semmle.label | tarc |
|
||||
| TarSlipImprov.py:169:9:169:12 | tarc | semmle.label | tarc |
|
||||
| TarSlipImprov.py:176:6:176:31 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:176:36:176:38 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:177:9:177:13 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:178:36:178:40 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:182:6:182:31 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:182:36:182:38 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:183:9:183:13 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:184:21:184:25 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:188:1:188:3 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:188:7:188:27 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:189:1:189:3 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:193:6:193:31 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:193:36:193:38 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:194:49:194:51 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:210:6:210:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:210:48:210:50 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:211:5:211:7 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:231:6:231:38 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:231:43:231:52 | corpus_tar | semmle.label | corpus_tar |
|
||||
| TarSlipImprov.py:233:9:233:9 | f | semmle.label | f |
|
||||
| TarSlipImprov.py:235:13:235:19 | [post] members | semmle.label | [post] members |
|
||||
| TarSlipImprov.py:235:28:235:28 | f | semmle.label | f |
|
||||
| TarSlipImprov.py:236:44:236:50 | members | semmle.label | members |
|
||||
| TarSlipImprov.py:254:1:254:31 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:258:6:258:26 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:258:31:258:33 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:259:9:259:13 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:261:25:261:29 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:264:6:264:38 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:264:43:264:45 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:265:9:265:13 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:268:21:268:25 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:271:6:271:39 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:271:44:271:46 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:272:9:272:13 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:274:25:274:29 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:276:6:276:38 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:276:43:276:45 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:277:9:277:13 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:280:21:280:25 | entry | semmle.label | entry |
|
||||
| TarSlipImprov.py:283:6:283:51 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:283:56:283:58 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:284:5:284:7 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:287:1:287:3 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:287:7:287:28 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:288:49:288:51 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:292:1:292:3 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:292:7:292:39 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:293:1:293:3 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:300:6:300:51 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:300:56:300:58 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:301:49:301:51 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:304:1:304:3 | tar | semmle.label | tar |
|
||||
| TarSlipImprov.py:304:7:304:39 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TarSlipImprov.py:306:5:306:10 | member | semmle.label | member |
|
||||
| TarSlipImprov.py:309:5:309:10 | [post] result | semmle.label | [post] result |
|
||||
| TarSlipImprov.py:309:19:309:24 | member | semmle.label | member |
|
||||
| TarSlipImprov.py:310:49:310:54 | result | semmle.label | result |
|
||||
| TarSlipImprov.py:316:1:316:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
subpaths
|
||||
| TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | TarSlipImprov.py:26:21:26:27 | ControlFlowNode for tarfile | TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() |
|
||||
| TarSlipImprov.py:39:65:39:67 | tar | TarSlipImprov.py:26:21:26:27 | tarfile | TarSlipImprov.py:36:12:36:17 | result | TarSlipImprov.py:39:49:39:68 | After members_filter1() |
|
||||
#select
|
||||
| TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | ControlFlowNode for members_filter1() |
|
||||
| TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry | TarSlipImprov.py:43:6:43:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:43:6:43:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry | TarSlipImprov.py:54:6:54:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:54:6:54:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar | TarSlipImprov.py:88:6:88:43 | ControlFlowNode for Attribute() | TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:88:6:88:43 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar | TarSlipImprov.py:111:7:111:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:111:7:111:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry | TarSlipImprov.py:123:6:123:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:123:6:123:29 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | TarSlipImprov.py:151:22:151:49 | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:151:22:151:49 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | ControlFlowNode for tarc |
|
||||
| TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | ControlFlowNode for tarc |
|
||||
| TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar | TarSlipImprov.py:193:6:193:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:193:6:193:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar | TarSlipImprov.py:210:6:210:43 | ControlFlowNode for Attribute() | TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:210:6:210:43 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | TarSlipImprov.py:231:6:231:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:231:6:231:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | ControlFlowNode for members |
|
||||
| TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | TarSlipImprov.py:258:6:258:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:258:6:258:26 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry | TarSlipImprov.py:264:6:264:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:264:6:264:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry | TarSlipImprov.py:271:6:271:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:271:6:271:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry | TarSlipImprov.py:276:6:276:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:276:6:276:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar | TarSlipImprov.py:283:6:283:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:283:6:283:51 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar | TarSlipImprov.py:287:7:287:28 | ControlFlowNode for Attribute() | TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:287:7:287:28 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar | TarSlipImprov.py:292:7:292:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:292:7:292:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar | TarSlipImprov.py:300:6:300:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:300:6:300:51 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:22:35:22:40 | result | TarSlipImprov.py:15:7:15:39 | After Attribute() | TarSlipImprov.py:22:35:22:40 | result | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:15:7:15:39 | After Attribute() | After Attribute() | TarSlipImprov.py:22:35:22:40 | result | result |
|
||||
| TarSlipImprov.py:39:49:39:68 | After members_filter1() | TarSlipImprov.py:38:7:38:39 | After Attribute() | TarSlipImprov.py:39:49:39:68 | After members_filter1() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:38:7:38:39 | After Attribute() | After Attribute() | TarSlipImprov.py:39:49:39:68 | After members_filter1() | After members_filter1() |
|
||||
| TarSlipImprov.py:47:21:47:25 | entry | TarSlipImprov.py:43:6:43:38 | After Attribute() | TarSlipImprov.py:47:21:47:25 | entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:43:6:43:38 | After Attribute() | After Attribute() | TarSlipImprov.py:47:21:47:25 | entry | entry |
|
||||
| TarSlipImprov.py:58:21:58:25 | entry | TarSlipImprov.py:54:6:54:38 | After Attribute() | TarSlipImprov.py:58:21:58:25 | entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:54:6:54:38 | After Attribute() | After Attribute() | TarSlipImprov.py:58:21:58:25 | entry | entry |
|
||||
| TarSlipImprov.py:91:5:91:7 | tar | TarSlipImprov.py:88:6:88:43 | After Attribute() | TarSlipImprov.py:91:5:91:7 | tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:88:6:88:43 | After Attribute() | After Attribute() | TarSlipImprov.py:91:5:91:7 | tar | tar |
|
||||
| TarSlipImprov.py:115:9:115:11 | tar | TarSlipImprov.py:111:7:111:39 | After Attribute() | TarSlipImprov.py:115:9:115:11 | tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:111:7:111:39 | After Attribute() | After Attribute() | TarSlipImprov.py:115:9:115:11 | tar | tar |
|
||||
| TarSlipImprov.py:125:36:125:40 | entry | TarSlipImprov.py:123:6:123:29 | After Attribute() | TarSlipImprov.py:125:36:125:40 | entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:123:6:123:29 | After Attribute() | After Attribute() | TarSlipImprov.py:125:36:125:40 | entry | entry |
|
||||
| TarSlipImprov.py:130:5:130:7 | tar | TarSlipImprov.py:129:6:129:26 | After Attribute() | TarSlipImprov.py:130:5:130:7 | tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:129:6:129:26 | After Attribute() | After Attribute() | TarSlipImprov.py:130:5:130:7 | tar | tar |
|
||||
| TarSlipImprov.py:134:1:134:3 | tar | TarSlipImprov.py:133:7:133:39 | After Attribute() | TarSlipImprov.py:134:1:134:3 | tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:133:7:133:39 | After Attribute() | After Attribute() | TarSlipImprov.py:134:1:134:3 | tar | tar |
|
||||
| TarSlipImprov.py:143:36:143:40 | entry | TarSlipImprov.py:141:6:141:29 | After Attribute() | TarSlipImprov.py:143:36:143:40 | entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:141:6:141:29 | After Attribute() | After Attribute() | TarSlipImprov.py:143:36:143:40 | entry | entry |
|
||||
| TarSlipImprov.py:169:9:169:12 | tarc | TarSlipImprov.py:151:22:151:49 | After Attribute() | TarSlipImprov.py:169:9:169:12 | tarc | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:151:22:151:49 | After Attribute() | After Attribute() | TarSlipImprov.py:169:9:169:12 | tarc | tarc |
|
||||
| TarSlipImprov.py:169:9:169:12 | tarc | TarSlipImprov.py:159:26:159:51 | After Attribute() | TarSlipImprov.py:169:9:169:12 | tarc | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:159:26:159:51 | After Attribute() | After Attribute() | TarSlipImprov.py:169:9:169:12 | tarc | tarc |
|
||||
| TarSlipImprov.py:178:36:178:40 | entry | TarSlipImprov.py:176:6:176:31 | After Attribute() | TarSlipImprov.py:178:36:178:40 | entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:176:6:176:31 | After Attribute() | After Attribute() | TarSlipImprov.py:178:36:178:40 | entry | entry |
|
||||
| TarSlipImprov.py:184:21:184:25 | entry | TarSlipImprov.py:182:6:182:31 | After Attribute() | TarSlipImprov.py:184:21:184:25 | entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:182:6:182:31 | After Attribute() | After Attribute() | TarSlipImprov.py:184:21:184:25 | entry | entry |
|
||||
| TarSlipImprov.py:189:1:189:3 | tar | TarSlipImprov.py:188:7:188:27 | After Attribute() | TarSlipImprov.py:189:1:189:3 | tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:188:7:188:27 | After Attribute() | After Attribute() | TarSlipImprov.py:189:1:189:3 | tar | tar |
|
||||
| TarSlipImprov.py:194:49:194:51 | tar | TarSlipImprov.py:193:6:193:31 | After Attribute() | TarSlipImprov.py:194:49:194:51 | tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:193:6:193:31 | After Attribute() | After Attribute() | TarSlipImprov.py:194:49:194:51 | tar | tar |
|
||||
| TarSlipImprov.py:211:5:211:7 | tar | TarSlipImprov.py:210:6:210:43 | After Attribute() | TarSlipImprov.py:211:5:211:7 | tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:210:6:210:43 | After Attribute() | After Attribute() | TarSlipImprov.py:211:5:211:7 | tar | tar |
|
||||
| TarSlipImprov.py:236:44:236:50 | members | TarSlipImprov.py:231:6:231:38 | After Attribute() | TarSlipImprov.py:236:44:236:50 | members | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:231:6:231:38 | After Attribute() | After Attribute() | TarSlipImprov.py:236:44:236:50 | members | members |
|
||||
| TarSlipImprov.py:254:1:254:31 | After Attribute() | TarSlipImprov.py:254:1:254:31 | After Attribute() | TarSlipImprov.py:254:1:254:31 | After Attribute() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:254:1:254:31 | After Attribute() | After Attribute() | TarSlipImprov.py:254:1:254:31 | After Attribute() | After Attribute() |
|
||||
| TarSlipImprov.py:261:25:261:29 | entry | TarSlipImprov.py:258:6:258:26 | After Attribute() | TarSlipImprov.py:261:25:261:29 | entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:258:6:258:26 | After Attribute() | After Attribute() | TarSlipImprov.py:261:25:261:29 | entry | entry |
|
||||
| TarSlipImprov.py:268:21:268:25 | entry | TarSlipImprov.py:264:6:264:38 | After Attribute() | TarSlipImprov.py:268:21:268:25 | entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:264:6:264:38 | After Attribute() | After Attribute() | TarSlipImprov.py:268:21:268:25 | entry | entry |
|
||||
| TarSlipImprov.py:274:25:274:29 | entry | TarSlipImprov.py:271:6:271:39 | After Attribute() | TarSlipImprov.py:274:25:274:29 | entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:271:6:271:39 | After Attribute() | After Attribute() | TarSlipImprov.py:274:25:274:29 | entry | entry |
|
||||
| TarSlipImprov.py:280:21:280:25 | entry | TarSlipImprov.py:276:6:276:38 | After Attribute() | TarSlipImprov.py:280:21:280:25 | entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:276:6:276:38 | After Attribute() | After Attribute() | TarSlipImprov.py:280:21:280:25 | entry | entry |
|
||||
| TarSlipImprov.py:284:5:284:7 | tar | TarSlipImprov.py:283:6:283:51 | After Attribute() | TarSlipImprov.py:284:5:284:7 | tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:283:6:283:51 | After Attribute() | After Attribute() | TarSlipImprov.py:284:5:284:7 | tar | tar |
|
||||
| TarSlipImprov.py:288:49:288:51 | tar | TarSlipImprov.py:287:7:287:28 | After Attribute() | TarSlipImprov.py:288:49:288:51 | tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:287:7:287:28 | After Attribute() | After Attribute() | TarSlipImprov.py:288:49:288:51 | tar | tar |
|
||||
| TarSlipImprov.py:293:1:293:3 | tar | TarSlipImprov.py:292:7:292:39 | After Attribute() | TarSlipImprov.py:293:1:293:3 | tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:292:7:292:39 | After Attribute() | After Attribute() | TarSlipImprov.py:293:1:293:3 | tar | tar |
|
||||
| TarSlipImprov.py:301:49:301:51 | tar | TarSlipImprov.py:300:6:300:51 | After Attribute() | TarSlipImprov.py:301:49:301:51 | tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:300:6:300:51 | After Attribute() | After Attribute() | TarSlipImprov.py:301:49:301:51 | tar | tar |
|
||||
| TarSlipImprov.py:310:49:310:54 | result | TarSlipImprov.py:304:7:304:39 | After Attribute() | TarSlipImprov.py:310:49:310:54 | result | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:304:7:304:39 | After Attribute() | After Attribute() | TarSlipImprov.py:310:49:310:54 | result | result |
|
||||
| TarSlipImprov.py:316:1:316:46 | After Attribute() | TarSlipImprov.py:316:1:316:46 | After Attribute() | TarSlipImprov.py:316:1:316:46 | After Attribute() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:316:1:316:46 | After Attribute() | After Attribute() | TarSlipImprov.py:316:1:316:46 | After Attribute() | After Attribute() |
|
||||
|
||||
@@ -1,44 +1,44 @@
|
||||
edges
|
||||
| zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | zipslip_bad.py:8:36:8:39 | ControlFlowNode for zipf | provenance | |
|
||||
| zipslip_bad.py:8:36:8:39 | ControlFlowNode for zipf | zipslip_bad.py:10:13:10:17 | ControlFlowNode for entry | provenance | |
|
||||
| zipslip_bad.py:10:13:10:17 | ControlFlowNode for entry | zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | provenance | |
|
||||
| zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | zipslip_bad.py:14:33:14:36 | ControlFlowNode for zipf | provenance | |
|
||||
| zipslip_bad.py:14:33:14:36 | ControlFlowNode for zipf | zipslip_bad.py:16:13:16:17 | ControlFlowNode for entry | provenance | |
|
||||
| zipslip_bad.py:16:13:16:17 | ControlFlowNode for entry | zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | provenance | |
|
||||
| zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | zipslip_bad.py:20:32:20:35 | ControlFlowNode for zipf | provenance | |
|
||||
| zipslip_bad.py:20:32:20:35 | ControlFlowNode for zipf | zipslip_bad.py:22:13:22:17 | ControlFlowNode for entry | provenance | |
|
||||
| zipslip_bad.py:22:13:22:17 | ControlFlowNode for entry | zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | provenance | |
|
||||
| zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | zipslip_bad.py:27:27:27:34 | ControlFlowNode for filelist | provenance | |
|
||||
| zipslip_bad.py:27:27:27:34 | ControlFlowNode for filelist | zipslip_bad.py:29:13:29:13 | ControlFlowNode for x | provenance | |
|
||||
| zipslip_bad.py:29:13:29:13 | ControlFlowNode for x | zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | provenance | |
|
||||
| zipslip_bad.py:34:5:34:12 | ControlFlowNode for filelist | zipslip_bad.py:35:9:35:9 | ControlFlowNode for x | provenance | |
|
||||
| zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | zipslip_bad.py:34:5:34:12 | ControlFlowNode for filelist | provenance | |
|
||||
| zipslip_bad.py:35:9:35:9 | ControlFlowNode for x | zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | provenance | |
|
||||
| zipslip_bad.py:8:10:8:31 | After Attribute() | zipslip_bad.py:8:36:8:39 | zipf | provenance | |
|
||||
| zipslip_bad.py:8:36:8:39 | zipf | zipslip_bad.py:10:13:10:17 | entry | provenance | |
|
||||
| zipslip_bad.py:10:13:10:17 | entry | zipslip_bad.py:11:25:11:29 | entry | provenance | |
|
||||
| zipslip_bad.py:14:10:14:28 | After Attribute() | zipslip_bad.py:14:33:14:36 | zipf | provenance | |
|
||||
| zipslip_bad.py:14:33:14:36 | zipf | zipslip_bad.py:16:13:16:17 | entry | provenance | |
|
||||
| zipslip_bad.py:16:13:16:17 | entry | zipslip_bad.py:17:26:17:30 | entry | provenance | |
|
||||
| zipslip_bad.py:20:10:20:27 | After Attribute() | zipslip_bad.py:20:32:20:35 | zipf | provenance | |
|
||||
| zipslip_bad.py:20:32:20:35 | zipf | zipslip_bad.py:22:13:22:17 | entry | provenance | |
|
||||
| zipslip_bad.py:22:13:22:17 | entry | zipslip_bad.py:23:29:23:33 | entry | provenance | |
|
||||
| zipslip_bad.py:27:10:27:22 | After Attribute() | zipslip_bad.py:27:27:27:34 | filelist | provenance | |
|
||||
| zipslip_bad.py:27:27:27:34 | filelist | zipslip_bad.py:29:13:29:13 | x | provenance | |
|
||||
| zipslip_bad.py:29:13:29:13 | x | zipslip_bad.py:30:25:30:25 | x | provenance | |
|
||||
| zipslip_bad.py:34:5:34:12 | filelist | zipslip_bad.py:35:9:35:9 | x | provenance | |
|
||||
| zipslip_bad.py:34:16:34:28 | After Attribute() | zipslip_bad.py:34:5:34:12 | filelist | provenance | |
|
||||
| zipslip_bad.py:35:9:35:9 | x | zipslip_bad.py:37:32:37:32 | x | provenance | |
|
||||
nodes
|
||||
| zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| zipslip_bad.py:8:36:8:39 | ControlFlowNode for zipf | semmle.label | ControlFlowNode for zipf |
|
||||
| zipslip_bad.py:10:13:10:17 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| zipslip_bad.py:14:33:14:36 | ControlFlowNode for zipf | semmle.label | ControlFlowNode for zipf |
|
||||
| zipslip_bad.py:16:13:16:17 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| zipslip_bad.py:20:32:20:35 | ControlFlowNode for zipf | semmle.label | ControlFlowNode for zipf |
|
||||
| zipslip_bad.py:22:13:22:17 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| zipslip_bad.py:27:27:27:34 | ControlFlowNode for filelist | semmle.label | ControlFlowNode for filelist |
|
||||
| zipslip_bad.py:29:13:29:13 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
|
||||
| zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
|
||||
| zipslip_bad.py:34:5:34:12 | ControlFlowNode for filelist | semmle.label | ControlFlowNode for filelist |
|
||||
| zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| zipslip_bad.py:35:9:35:9 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
|
||||
| zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
|
||||
| zipslip_bad.py:8:10:8:31 | After Attribute() | semmle.label | After Attribute() |
|
||||
| zipslip_bad.py:8:36:8:39 | zipf | semmle.label | zipf |
|
||||
| zipslip_bad.py:10:13:10:17 | entry | semmle.label | entry |
|
||||
| zipslip_bad.py:11:25:11:29 | entry | semmle.label | entry |
|
||||
| zipslip_bad.py:14:10:14:28 | After Attribute() | semmle.label | After Attribute() |
|
||||
| zipslip_bad.py:14:33:14:36 | zipf | semmle.label | zipf |
|
||||
| zipslip_bad.py:16:13:16:17 | entry | semmle.label | entry |
|
||||
| zipslip_bad.py:17:26:17:30 | entry | semmle.label | entry |
|
||||
| zipslip_bad.py:20:10:20:27 | After Attribute() | semmle.label | After Attribute() |
|
||||
| zipslip_bad.py:20:32:20:35 | zipf | semmle.label | zipf |
|
||||
| zipslip_bad.py:22:13:22:17 | entry | semmle.label | entry |
|
||||
| zipslip_bad.py:23:29:23:33 | entry | semmle.label | entry |
|
||||
| zipslip_bad.py:27:10:27:22 | After Attribute() | semmle.label | After Attribute() |
|
||||
| zipslip_bad.py:27:27:27:34 | filelist | semmle.label | filelist |
|
||||
| zipslip_bad.py:29:13:29:13 | x | semmle.label | x |
|
||||
| zipslip_bad.py:30:25:30:25 | x | semmle.label | x |
|
||||
| zipslip_bad.py:34:5:34:12 | filelist | semmle.label | filelist |
|
||||
| zipslip_bad.py:34:16:34:28 | After Attribute() | semmle.label | After Attribute() |
|
||||
| zipslip_bad.py:35:9:35:9 | x | semmle.label | x |
|
||||
| zipslip_bad.py:37:32:37:32 | x | semmle.label | x |
|
||||
subpaths
|
||||
#select
|
||||
| zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | file system operation |
|
||||
| zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | file system operation |
|
||||
| zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | file system operation |
|
||||
| zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | file system operation |
|
||||
| zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | file system operation |
|
||||
| zipslip_bad.py:8:10:8:31 | After Attribute() | zipslip_bad.py:8:10:8:31 | After Attribute() | zipslip_bad.py:11:25:11:29 | entry | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:11:25:11:29 | entry | file system operation |
|
||||
| zipslip_bad.py:14:10:14:28 | After Attribute() | zipslip_bad.py:14:10:14:28 | After Attribute() | zipslip_bad.py:17:26:17:30 | entry | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:17:26:17:30 | entry | file system operation |
|
||||
| zipslip_bad.py:20:10:20:27 | After Attribute() | zipslip_bad.py:20:10:20:27 | After Attribute() | zipslip_bad.py:23:29:23:33 | entry | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:23:29:23:33 | entry | file system operation |
|
||||
| zipslip_bad.py:27:10:27:22 | After Attribute() | zipslip_bad.py:27:10:27:22 | After Attribute() | zipslip_bad.py:30:25:30:25 | x | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:30:25:30:25 | x | file system operation |
|
||||
| zipslip_bad.py:34:16:34:28 | After Attribute() | zipslip_bad.py:34:16:34:28 | After Attribute() | zipslip_bad.py:37:32:37:32 | x | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:37:32:37:32 | x | file system operation |
|
||||
|
||||
@@ -1,88 +1,88 @@
|
||||
edges
|
||||
| AsyncSsh.py:15:16:15:18 | ControlFlowNode for cmd | AsyncSsh.py:17:33:17:35 | ControlFlowNode for cmd | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:20:45:20:47 | ControlFlowNode for cmd | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:21:52:21:54 | ControlFlowNode for cmd | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:22:52:22:54 | ControlFlowNode for cmd | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:23:41:23:57 | ControlFlowNode for List | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:24:48:24:50 | ControlFlowNode for cmd | provenance | |
|
||||
| Pexpect.py:15:16:15:18 | ControlFlowNode for cmd | Pexpect.py:16:14:16:16 | ControlFlowNode for cmd | provenance | |
|
||||
| Pexpect.py:15:16:15:18 | ControlFlowNode for cmd | Pexpect.py:18:18:18:20 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | Scrapli.py:24:42:24:44 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | Scrapli.py:27:42:27:44 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | Scrapli.py:30:42:30:44 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | Scrapli.py:33:42:33:44 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | Scrapli.py:36:42:36:44 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:51:36:51:38 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:54:36:54:38 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:57:36:57:38 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:60:36:60:38 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:63:36:63:38 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:74:36:74:38 | ControlFlowNode for cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:84:36:84:38 | ControlFlowNode for cmd | provenance | |
|
||||
| Twisted.py:13:16:13:18 | ControlFlowNode for cmd | Twisted.py:16:5:16:7 | ControlFlowNode for cmd | provenance | |
|
||||
| Twisted.py:13:16:13:18 | ControlFlowNode for cmd | Twisted.py:24:9:24:11 | ControlFlowNode for cmd | provenance | |
|
||||
| paramiko.py:15:16:15:18 | ControlFlowNode for cmd | paramiko.py:16:62:16:64 | ControlFlowNode for cmd | provenance | |
|
||||
| paramiko.py:20:16:20:18 | ControlFlowNode for cmd | paramiko.py:21:70:21:72 | ControlFlowNode for cmd | provenance | |
|
||||
| ssh2.py:15:16:15:18 | ControlFlowNode for cmd | ssh2.py:17:21:17:23 | ControlFlowNode for cmd | provenance | |
|
||||
| AsyncSsh.py:15:16:15:18 | cmd | AsyncSsh.py:17:33:17:35 | cmd | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | cmd | Netmiko.py:20:45:20:47 | cmd | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | cmd | Netmiko.py:21:52:21:54 | cmd | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | cmd | Netmiko.py:22:52:22:54 | cmd | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | cmd | Netmiko.py:23:41:23:57 | After List | provenance | |
|
||||
| Netmiko.py:18:16:18:18 | cmd | Netmiko.py:24:48:24:50 | cmd | provenance | |
|
||||
| Pexpect.py:15:16:15:18 | cmd | Pexpect.py:16:14:16:16 | cmd | provenance | |
|
||||
| Pexpect.py:15:16:15:18 | cmd | Pexpect.py:18:18:18:20 | cmd | provenance | |
|
||||
| Scrapli.py:13:16:13:18 | cmd | Scrapli.py:24:42:24:44 | cmd | provenance | |
|
||||
| Scrapli.py:13:16:13:18 | cmd | Scrapli.py:27:42:27:44 | cmd | provenance | |
|
||||
| Scrapli.py:13:16:13:18 | cmd | Scrapli.py:30:42:30:44 | cmd | provenance | |
|
||||
| Scrapli.py:13:16:13:18 | cmd | Scrapli.py:33:42:33:44 | cmd | provenance | |
|
||||
| Scrapli.py:13:16:13:18 | cmd | Scrapli.py:36:42:36:44 | cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | cmd | Scrapli.py:51:36:51:38 | cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | cmd | Scrapli.py:54:36:54:38 | cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | cmd | Scrapli.py:57:36:57:38 | cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | cmd | Scrapli.py:60:36:60:38 | cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | cmd | Scrapli.py:63:36:63:38 | cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | cmd | Scrapli.py:74:36:74:38 | cmd | provenance | |
|
||||
| Scrapli.py:40:10:40:12 | cmd | Scrapli.py:84:36:84:38 | cmd | provenance | |
|
||||
| Twisted.py:13:16:13:18 | cmd | Twisted.py:16:5:16:7 | cmd | provenance | |
|
||||
| Twisted.py:13:16:13:18 | cmd | Twisted.py:24:9:24:11 | cmd | provenance | |
|
||||
| paramiko.py:15:16:15:18 | cmd | paramiko.py:16:62:16:64 | cmd | provenance | |
|
||||
| paramiko.py:20:16:20:18 | cmd | paramiko.py:21:70:21:72 | cmd | provenance | |
|
||||
| ssh2.py:15:16:15:18 | cmd | ssh2.py:17:21:17:23 | cmd | provenance | |
|
||||
nodes
|
||||
| AsyncSsh.py:15:16:15:18 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| AsyncSsh.py:17:33:17:35 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Netmiko.py:20:45:20:47 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Netmiko.py:21:52:21:54 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Netmiko.py:22:52:22:54 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Netmiko.py:23:41:23:57 | ControlFlowNode for List | semmle.label | ControlFlowNode for List |
|
||||
| Netmiko.py:24:48:24:50 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Pexpect.py:15:16:15:18 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Pexpect.py:16:14:16:16 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Pexpect.py:18:18:18:20 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:24:42:24:44 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:27:42:27:44 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:30:42:30:44 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:33:42:33:44 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:36:42:36:44 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:51:36:51:38 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:54:36:54:38 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:57:36:57:38 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:60:36:60:38 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:63:36:63:38 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:74:36:74:38 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Scrapli.py:84:36:84:38 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Twisted.py:13:16:13:18 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Twisted.py:16:5:16:7 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| Twisted.py:24:9:24:11 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| paramiko.py:15:16:15:18 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| paramiko.py:16:62:16:64 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| paramiko.py:20:16:20:18 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| paramiko.py:21:70:21:72 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| ssh2.py:15:16:15:18 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| ssh2.py:17:21:17:23 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| AsyncSsh.py:15:16:15:18 | cmd | semmle.label | cmd |
|
||||
| AsyncSsh.py:17:33:17:35 | cmd | semmle.label | cmd |
|
||||
| Netmiko.py:18:16:18:18 | cmd | semmle.label | cmd |
|
||||
| Netmiko.py:20:45:20:47 | cmd | semmle.label | cmd |
|
||||
| Netmiko.py:21:52:21:54 | cmd | semmle.label | cmd |
|
||||
| Netmiko.py:22:52:22:54 | cmd | semmle.label | cmd |
|
||||
| Netmiko.py:23:41:23:57 | After List | semmle.label | After List |
|
||||
| Netmiko.py:24:48:24:50 | cmd | semmle.label | cmd |
|
||||
| Pexpect.py:15:16:15:18 | cmd | semmle.label | cmd |
|
||||
| Pexpect.py:16:14:16:16 | cmd | semmle.label | cmd |
|
||||
| Pexpect.py:18:18:18:20 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:13:16:13:18 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:24:42:24:44 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:27:42:27:44 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:30:42:30:44 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:33:42:33:44 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:36:42:36:44 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:40:10:40:12 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:51:36:51:38 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:54:36:54:38 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:57:36:57:38 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:60:36:60:38 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:63:36:63:38 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:74:36:74:38 | cmd | semmle.label | cmd |
|
||||
| Scrapli.py:84:36:84:38 | cmd | semmle.label | cmd |
|
||||
| Twisted.py:13:16:13:18 | cmd | semmle.label | cmd |
|
||||
| Twisted.py:16:5:16:7 | cmd | semmle.label | cmd |
|
||||
| Twisted.py:24:9:24:11 | cmd | semmle.label | cmd |
|
||||
| paramiko.py:15:16:15:18 | cmd | semmle.label | cmd |
|
||||
| paramiko.py:16:62:16:64 | cmd | semmle.label | cmd |
|
||||
| paramiko.py:20:16:20:18 | cmd | semmle.label | cmd |
|
||||
| paramiko.py:21:70:21:72 | cmd | semmle.label | cmd |
|
||||
| ssh2.py:15:16:15:18 | cmd | semmle.label | cmd |
|
||||
| ssh2.py:17:21:17:23 | cmd | semmle.label | cmd |
|
||||
subpaths
|
||||
#select
|
||||
| AsyncSsh.py:17:33:17:35 | ControlFlowNode for cmd | AsyncSsh.py:15:16:15:18 | ControlFlowNode for cmd | AsyncSsh.py:17:33:17:35 | ControlFlowNode for cmd | This code execution depends on a $@. | AsyncSsh.py:15:16:15:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Netmiko.py:20:45:20:47 | ControlFlowNode for cmd | Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:20:45:20:47 | ControlFlowNode for cmd | This code execution depends on a $@. | Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Netmiko.py:21:52:21:54 | ControlFlowNode for cmd | Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:21:52:21:54 | ControlFlowNode for cmd | This code execution depends on a $@. | Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Netmiko.py:22:52:22:54 | ControlFlowNode for cmd | Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:22:52:22:54 | ControlFlowNode for cmd | This code execution depends on a $@. | Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Netmiko.py:23:41:23:57 | ControlFlowNode for List | Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:23:41:23:57 | ControlFlowNode for List | This code execution depends on a $@. | Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Netmiko.py:24:48:24:50 | ControlFlowNode for cmd | Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | Netmiko.py:24:48:24:50 | ControlFlowNode for cmd | This code execution depends on a $@. | Netmiko.py:18:16:18:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Pexpect.py:16:14:16:16 | ControlFlowNode for cmd | Pexpect.py:15:16:15:18 | ControlFlowNode for cmd | Pexpect.py:16:14:16:16 | ControlFlowNode for cmd | This code execution depends on a $@. | Pexpect.py:15:16:15:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Pexpect.py:18:18:18:20 | ControlFlowNode for cmd | Pexpect.py:15:16:15:18 | ControlFlowNode for cmd | Pexpect.py:18:18:18:20 | ControlFlowNode for cmd | This code execution depends on a $@. | Pexpect.py:15:16:15:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Scrapli.py:24:42:24:44 | ControlFlowNode for cmd | Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | Scrapli.py:24:42:24:44 | ControlFlowNode for cmd | This code execution depends on a $@. | Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Scrapli.py:27:42:27:44 | ControlFlowNode for cmd | Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | Scrapli.py:27:42:27:44 | ControlFlowNode for cmd | This code execution depends on a $@. | Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Scrapli.py:30:42:30:44 | ControlFlowNode for cmd | Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | Scrapli.py:30:42:30:44 | ControlFlowNode for cmd | This code execution depends on a $@. | Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Scrapli.py:33:42:33:44 | ControlFlowNode for cmd | Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | Scrapli.py:33:42:33:44 | ControlFlowNode for cmd | This code execution depends on a $@. | Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Scrapli.py:36:42:36:44 | ControlFlowNode for cmd | Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | Scrapli.py:36:42:36:44 | ControlFlowNode for cmd | This code execution depends on a $@. | Scrapli.py:13:16:13:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Scrapli.py:51:36:51:38 | ControlFlowNode for cmd | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:51:36:51:38 | ControlFlowNode for cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Scrapli.py:54:36:54:38 | ControlFlowNode for cmd | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:54:36:54:38 | ControlFlowNode for cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Scrapli.py:57:36:57:38 | ControlFlowNode for cmd | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:57:36:57:38 | ControlFlowNode for cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Scrapli.py:60:36:60:38 | ControlFlowNode for cmd | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:60:36:60:38 | ControlFlowNode for cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Scrapli.py:63:36:63:38 | ControlFlowNode for cmd | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:63:36:63:38 | ControlFlowNode for cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Scrapli.py:74:36:74:38 | ControlFlowNode for cmd | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:74:36:74:38 | ControlFlowNode for cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Scrapli.py:84:36:84:38 | ControlFlowNode for cmd | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | Scrapli.py:84:36:84:38 | ControlFlowNode for cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Twisted.py:16:5:16:7 | ControlFlowNode for cmd | Twisted.py:13:16:13:18 | ControlFlowNode for cmd | Twisted.py:16:5:16:7 | ControlFlowNode for cmd | This code execution depends on a $@. | Twisted.py:13:16:13:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| Twisted.py:24:9:24:11 | ControlFlowNode for cmd | Twisted.py:13:16:13:18 | ControlFlowNode for cmd | Twisted.py:24:9:24:11 | ControlFlowNode for cmd | This code execution depends on a $@. | Twisted.py:13:16:13:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| paramiko.py:16:62:16:64 | ControlFlowNode for cmd | paramiko.py:15:16:15:18 | ControlFlowNode for cmd | paramiko.py:16:62:16:64 | ControlFlowNode for cmd | This code execution depends on a $@. | paramiko.py:15:16:15:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| paramiko.py:21:70:21:72 | ControlFlowNode for cmd | paramiko.py:20:16:20:18 | ControlFlowNode for cmd | paramiko.py:21:70:21:72 | ControlFlowNode for cmd | This code execution depends on a $@. | paramiko.py:20:16:20:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| ssh2.py:17:21:17:23 | ControlFlowNode for cmd | ssh2.py:15:16:15:18 | ControlFlowNode for cmd | ssh2.py:17:21:17:23 | ControlFlowNode for cmd | This code execution depends on a $@. | ssh2.py:15:16:15:18 | ControlFlowNode for cmd | a user-provided value |
|
||||
| AsyncSsh.py:17:33:17:35 | cmd | AsyncSsh.py:15:16:15:18 | cmd | AsyncSsh.py:17:33:17:35 | cmd | This code execution depends on a $@. | AsyncSsh.py:15:16:15:18 | cmd | a user-provided value |
|
||||
| Netmiko.py:20:45:20:47 | cmd | Netmiko.py:18:16:18:18 | cmd | Netmiko.py:20:45:20:47 | cmd | This code execution depends on a $@. | Netmiko.py:18:16:18:18 | cmd | a user-provided value |
|
||||
| Netmiko.py:21:52:21:54 | cmd | Netmiko.py:18:16:18:18 | cmd | Netmiko.py:21:52:21:54 | cmd | This code execution depends on a $@. | Netmiko.py:18:16:18:18 | cmd | a user-provided value |
|
||||
| Netmiko.py:22:52:22:54 | cmd | Netmiko.py:18:16:18:18 | cmd | Netmiko.py:22:52:22:54 | cmd | This code execution depends on a $@. | Netmiko.py:18:16:18:18 | cmd | a user-provided value |
|
||||
| Netmiko.py:23:41:23:57 | After List | Netmiko.py:18:16:18:18 | cmd | Netmiko.py:23:41:23:57 | After List | This code execution depends on a $@. | Netmiko.py:18:16:18:18 | cmd | a user-provided value |
|
||||
| Netmiko.py:24:48:24:50 | cmd | Netmiko.py:18:16:18:18 | cmd | Netmiko.py:24:48:24:50 | cmd | This code execution depends on a $@. | Netmiko.py:18:16:18:18 | cmd | a user-provided value |
|
||||
| Pexpect.py:16:14:16:16 | cmd | Pexpect.py:15:16:15:18 | cmd | Pexpect.py:16:14:16:16 | cmd | This code execution depends on a $@. | Pexpect.py:15:16:15:18 | cmd | a user-provided value |
|
||||
| Pexpect.py:18:18:18:20 | cmd | Pexpect.py:15:16:15:18 | cmd | Pexpect.py:18:18:18:20 | cmd | This code execution depends on a $@. | Pexpect.py:15:16:15:18 | cmd | a user-provided value |
|
||||
| Scrapli.py:24:42:24:44 | cmd | Scrapli.py:13:16:13:18 | cmd | Scrapli.py:24:42:24:44 | cmd | This code execution depends on a $@. | Scrapli.py:13:16:13:18 | cmd | a user-provided value |
|
||||
| Scrapli.py:27:42:27:44 | cmd | Scrapli.py:13:16:13:18 | cmd | Scrapli.py:27:42:27:44 | cmd | This code execution depends on a $@. | Scrapli.py:13:16:13:18 | cmd | a user-provided value |
|
||||
| Scrapli.py:30:42:30:44 | cmd | Scrapli.py:13:16:13:18 | cmd | Scrapli.py:30:42:30:44 | cmd | This code execution depends on a $@. | Scrapli.py:13:16:13:18 | cmd | a user-provided value |
|
||||
| Scrapli.py:33:42:33:44 | cmd | Scrapli.py:13:16:13:18 | cmd | Scrapli.py:33:42:33:44 | cmd | This code execution depends on a $@. | Scrapli.py:13:16:13:18 | cmd | a user-provided value |
|
||||
| Scrapli.py:36:42:36:44 | cmd | Scrapli.py:13:16:13:18 | cmd | Scrapli.py:36:42:36:44 | cmd | This code execution depends on a $@. | Scrapli.py:13:16:13:18 | cmd | a user-provided value |
|
||||
| Scrapli.py:51:36:51:38 | cmd | Scrapli.py:40:10:40:12 | cmd | Scrapli.py:51:36:51:38 | cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | cmd | a user-provided value |
|
||||
| Scrapli.py:54:36:54:38 | cmd | Scrapli.py:40:10:40:12 | cmd | Scrapli.py:54:36:54:38 | cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | cmd | a user-provided value |
|
||||
| Scrapli.py:57:36:57:38 | cmd | Scrapli.py:40:10:40:12 | cmd | Scrapli.py:57:36:57:38 | cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | cmd | a user-provided value |
|
||||
| Scrapli.py:60:36:60:38 | cmd | Scrapli.py:40:10:40:12 | cmd | Scrapli.py:60:36:60:38 | cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | cmd | a user-provided value |
|
||||
| Scrapli.py:63:36:63:38 | cmd | Scrapli.py:40:10:40:12 | cmd | Scrapli.py:63:36:63:38 | cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | cmd | a user-provided value |
|
||||
| Scrapli.py:74:36:74:38 | cmd | Scrapli.py:40:10:40:12 | cmd | Scrapli.py:74:36:74:38 | cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | cmd | a user-provided value |
|
||||
| Scrapli.py:84:36:84:38 | cmd | Scrapli.py:40:10:40:12 | cmd | Scrapli.py:84:36:84:38 | cmd | This code execution depends on a $@. | Scrapli.py:40:10:40:12 | cmd | a user-provided value |
|
||||
| Twisted.py:16:5:16:7 | cmd | Twisted.py:13:16:13:18 | cmd | Twisted.py:16:5:16:7 | cmd | This code execution depends on a $@. | Twisted.py:13:16:13:18 | cmd | a user-provided value |
|
||||
| Twisted.py:24:9:24:11 | cmd | Twisted.py:13:16:13:18 | cmd | Twisted.py:24:9:24:11 | cmd | This code execution depends on a $@. | Twisted.py:13:16:13:18 | cmd | a user-provided value |
|
||||
| paramiko.py:16:62:16:64 | cmd | paramiko.py:15:16:15:18 | cmd | paramiko.py:16:62:16:64 | cmd | This code execution depends on a $@. | paramiko.py:15:16:15:18 | cmd | a user-provided value |
|
||||
| paramiko.py:21:70:21:72 | cmd | paramiko.py:20:16:20:18 | cmd | paramiko.py:21:70:21:72 | cmd | This code execution depends on a $@. | paramiko.py:20:16:20:18 | cmd | a user-provided value |
|
||||
| ssh2.py:17:21:17:23 | cmd | ssh2.py:15:16:15:18 | cmd | ssh2.py:17:21:17:23 | cmd | This code execution depends on a $@. | ssh2.py:15:16:15:18 | cmd | a user-provided value |
|
||||
|
||||
@@ -1,94 +1,94 @@
|
||||
edges
|
||||
| flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | flask_mail.py:1:19:1:25 | ControlFlowNode for request | provenance | |
|
||||
| flask_mail.py:1:19:1:25 | ControlFlowNode for request | flask_mail.py:13:22:13:28 | ControlFlowNode for request | provenance | |
|
||||
| flask_mail.py:1:19:1:25 | ControlFlowNode for request | flask_mail.py:18:14:18:20 | ControlFlowNode for request | provenance | |
|
||||
| flask_mail.py:1:19:1:25 | ControlFlowNode for request | flask_mail.py:31:24:31:30 | ControlFlowNode for request | provenance | |
|
||||
| flask_mail.py:13:22:13:28 | ControlFlowNode for request | flask_mail.py:13:22:13:41 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| flask_mail.py:13:22:13:28 | ControlFlowNode for request | flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| flask_mail.py:18:14:18:20 | ControlFlowNode for request | flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| flask_mail.py:31:24:31:30 | ControlFlowNode for request | flask_mail.py:31:24:31:43 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for request | provenance | |
|
||||
| sendgrid_mail.py:1:19:1:25 | ControlFlowNode for request | sendgrid_mail.py:14:22:14:28 | ControlFlowNode for request | provenance | |
|
||||
| sendgrid_mail.py:1:19:1:25 | ControlFlowNode for request | sendgrid_mail.py:26:34:26:40 | ControlFlowNode for request | provenance | |
|
||||
| sendgrid_mail.py:1:19:1:25 | ControlFlowNode for request | sendgrid_mail.py:37:41:37:47 | ControlFlowNode for request | provenance | |
|
||||
| sendgrid_mail.py:14:22:14:28 | ControlFlowNode for request | sendgrid_mail.py:14:22:14:49 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| sendgrid_mail.py:26:34:26:40 | ControlFlowNode for request | sendgrid_mail.py:26:34:26:61 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| sendgrid_mail.py:26:34:26:61 | ControlFlowNode for Subscript | sendgrid_mail.py:26:22:26:62 | ControlFlowNode for HtmlContent() | provenance | Config |
|
||||
| sendgrid_mail.py:37:41:37:47 | ControlFlowNode for request | sendgrid_mail.py:37:41:37:68 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for request | provenance | |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request | provenance | |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | ControlFlowNode for request | provenance | |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:56 | ControlFlowNode for request | provenance | |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | ControlFlowNode for Attribute() | provenance | AdditionalTaintStep |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() | provenance | AdditionalTaintStep |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() | provenance | AdditionalTaintStep |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() | provenance | AdditionalTaintStep |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() | provenance | AdditionalTaintStep |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:56 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() | provenance | AdditionalTaintStep |
|
||||
| smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for ImportMember | smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for request | provenance | |
|
||||
| smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for request | smtplib_bad_subparts.py:17:12:17:18 | ControlFlowNode for request | provenance | |
|
||||
| smtplib_bad_subparts.py:17:5:17:8 | ControlFlowNode for name | smtplib_bad_subparts.py:20:5:20:8 | ControlFlowNode for html | provenance | |
|
||||
| smtplib_bad_subparts.py:17:12:17:18 | ControlFlowNode for request | smtplib_bad_subparts.py:17:5:17:8 | ControlFlowNode for name | provenance | AdditionalTaintStep |
|
||||
| smtplib_bad_subparts.py:20:5:20:8 | ControlFlowNode for html | smtplib_bad_subparts.py:24:22:24:25 | ControlFlowNode for html | provenance | |
|
||||
| smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for ImportMember | smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for request | provenance | |
|
||||
| smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for request | smtplib_bad_via_attach.py:20:12:20:18 | ControlFlowNode for request | provenance | |
|
||||
| smtplib_bad_via_attach.py:20:5:20:8 | ControlFlowNode for name | smtplib_bad_via_attach.py:23:5:23:8 | ControlFlowNode for html | provenance | |
|
||||
| smtplib_bad_via_attach.py:20:12:20:18 | ControlFlowNode for request | smtplib_bad_via_attach.py:20:5:20:8 | ControlFlowNode for name | provenance | AdditionalTaintStep |
|
||||
| smtplib_bad_via_attach.py:23:5:23:8 | ControlFlowNode for html | smtplib_bad_via_attach.py:27:22:27:25 | ControlFlowNode for html | provenance | |
|
||||
| flask_mail.py:1:19:1:25 | After ImportMember | flask_mail.py:1:19:1:25 | request | provenance | |
|
||||
| flask_mail.py:1:19:1:25 | request | flask_mail.py:13:22:13:28 | request | provenance | |
|
||||
| flask_mail.py:1:19:1:25 | request | flask_mail.py:18:14:18:20 | request | provenance | |
|
||||
| flask_mail.py:1:19:1:25 | request | flask_mail.py:31:24:31:30 | request | provenance | |
|
||||
| flask_mail.py:13:22:13:28 | request | flask_mail.py:13:22:13:41 | After Subscript | provenance | AdditionalTaintStep |
|
||||
| flask_mail.py:13:22:13:28 | request | flask_mail.py:18:14:18:33 | After Subscript | provenance | AdditionalTaintStep |
|
||||
| flask_mail.py:18:14:18:20 | request | flask_mail.py:18:14:18:33 | After Subscript | provenance | AdditionalTaintStep |
|
||||
| flask_mail.py:31:24:31:30 | request | flask_mail.py:31:24:31:43 | After Subscript | provenance | AdditionalTaintStep |
|
||||
| sendgrid_mail.py:1:19:1:25 | After ImportMember | sendgrid_mail.py:1:19:1:25 | request | provenance | |
|
||||
| sendgrid_mail.py:1:19:1:25 | request | sendgrid_mail.py:14:22:14:28 | request | provenance | |
|
||||
| sendgrid_mail.py:1:19:1:25 | request | sendgrid_mail.py:26:34:26:40 | request | provenance | |
|
||||
| sendgrid_mail.py:1:19:1:25 | request | sendgrid_mail.py:37:41:37:47 | request | provenance | |
|
||||
| sendgrid_mail.py:14:22:14:28 | request | sendgrid_mail.py:14:22:14:49 | After Subscript | provenance | AdditionalTaintStep |
|
||||
| sendgrid_mail.py:26:34:26:40 | request | sendgrid_mail.py:26:34:26:61 | After Subscript | provenance | AdditionalTaintStep |
|
||||
| sendgrid_mail.py:26:34:26:61 | After Subscript | sendgrid_mail.py:26:22:26:62 | After HtmlContent() | provenance | Config |
|
||||
| sendgrid_mail.py:37:41:37:47 | request | sendgrid_mail.py:37:41:37:68 | After Subscript | provenance | AdditionalTaintStep |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | After ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | request | provenance | |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | request | sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | request | provenance | |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | request | sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | request | provenance | |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | request | sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:56 | request | provenance | |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | request | sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | After Attribute() | provenance | AdditionalTaintStep |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | request | sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | After Attribute() | provenance | AdditionalTaintStep |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | request | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | After Attribute() | provenance | AdditionalTaintStep |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | request | sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | After Attribute() | provenance | AdditionalTaintStep |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | request | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | After Attribute() | provenance | AdditionalTaintStep |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:56 | request | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | After Attribute() | provenance | AdditionalTaintStep |
|
||||
| smtplib_bad_subparts.py:2:26:2:32 | After ImportMember | smtplib_bad_subparts.py:2:26:2:32 | request | provenance | |
|
||||
| smtplib_bad_subparts.py:2:26:2:32 | request | smtplib_bad_subparts.py:17:12:17:18 | request | provenance | |
|
||||
| smtplib_bad_subparts.py:17:5:17:8 | name | smtplib_bad_subparts.py:20:5:20:8 | html | provenance | |
|
||||
| smtplib_bad_subparts.py:17:12:17:18 | request | smtplib_bad_subparts.py:17:5:17:8 | name | provenance | AdditionalTaintStep |
|
||||
| smtplib_bad_subparts.py:20:5:20:8 | html | smtplib_bad_subparts.py:24:22:24:25 | html | provenance | |
|
||||
| smtplib_bad_via_attach.py:2:26:2:32 | After ImportMember | smtplib_bad_via_attach.py:2:26:2:32 | request | provenance | |
|
||||
| smtplib_bad_via_attach.py:2:26:2:32 | request | smtplib_bad_via_attach.py:20:12:20:18 | request | provenance | |
|
||||
| smtplib_bad_via_attach.py:20:5:20:8 | name | smtplib_bad_via_attach.py:23:5:23:8 | html | provenance | |
|
||||
| smtplib_bad_via_attach.py:20:12:20:18 | request | smtplib_bad_via_attach.py:20:5:20:8 | name | provenance | AdditionalTaintStep |
|
||||
| smtplib_bad_via_attach.py:23:5:23:8 | html | smtplib_bad_via_attach.py:27:22:27:25 | html | provenance | |
|
||||
nodes
|
||||
| django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| flask_mail.py:1:19:1:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_mail.py:13:22:13:28 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_mail.py:13:22:13:41 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_mail.py:18:14:18:20 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_mail.py:31:24:31:30 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_mail.py:31:24:31:43 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| sendgrid_mail.py:1:19:1:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_mail.py:14:22:14:28 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_mail.py:14:22:14:49 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| sendgrid_mail.py:26:22:26:62 | ControlFlowNode for HtmlContent() | semmle.label | ControlFlowNode for HtmlContent() |
|
||||
| sendgrid_mail.py:26:34:26:40 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_mail.py:26:34:26:61 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| sendgrid_mail.py:37:41:37:47 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_mail.py:37:41:37:68 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:56 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| smtplib_bad_subparts.py:17:5:17:8 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| smtplib_bad_subparts.py:17:12:17:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| smtplib_bad_subparts.py:20:5:20:8 | ControlFlowNode for html | semmle.label | ControlFlowNode for html |
|
||||
| smtplib_bad_subparts.py:24:22:24:25 | ControlFlowNode for html | semmle.label | ControlFlowNode for html |
|
||||
| smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| smtplib_bad_via_attach.py:20:5:20:8 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| smtplib_bad_via_attach.py:20:12:20:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| smtplib_bad_via_attach.py:23:5:23:8 | ControlFlowNode for html | semmle.label | ControlFlowNode for html |
|
||||
| smtplib_bad_via_attach.py:27:22:27:25 | ControlFlowNode for html | semmle.label | ControlFlowNode for html |
|
||||
| django_mail.py:14:48:14:82 | After Attribute() | semmle.label | After Attribute() |
|
||||
| django_mail.py:23:30:23:64 | After Attribute() | semmle.label | After Attribute() |
|
||||
| django_mail.py:25:32:25:66 | After Attribute() | semmle.label | After Attribute() |
|
||||
| flask_mail.py:1:19:1:25 | After ImportMember | semmle.label | After ImportMember |
|
||||
| flask_mail.py:1:19:1:25 | request | semmle.label | request |
|
||||
| flask_mail.py:13:22:13:28 | request | semmle.label | request |
|
||||
| flask_mail.py:13:22:13:41 | After Subscript | semmle.label | After Subscript |
|
||||
| flask_mail.py:18:14:18:20 | request | semmle.label | request |
|
||||
| flask_mail.py:18:14:18:33 | After Subscript | semmle.label | After Subscript |
|
||||
| flask_mail.py:31:24:31:30 | request | semmle.label | request |
|
||||
| flask_mail.py:31:24:31:43 | After Subscript | semmle.label | After Subscript |
|
||||
| sendgrid_mail.py:1:19:1:25 | After ImportMember | semmle.label | After ImportMember |
|
||||
| sendgrid_mail.py:1:19:1:25 | request | semmle.label | request |
|
||||
| sendgrid_mail.py:14:22:14:28 | request | semmle.label | request |
|
||||
| sendgrid_mail.py:14:22:14:49 | After Subscript | semmle.label | After Subscript |
|
||||
| sendgrid_mail.py:26:22:26:62 | After HtmlContent() | semmle.label | After HtmlContent() |
|
||||
| sendgrid_mail.py:26:34:26:40 | request | semmle.label | request |
|
||||
| sendgrid_mail.py:26:34:26:61 | After Subscript | semmle.label | After Subscript |
|
||||
| sendgrid_mail.py:37:41:37:47 | request | semmle.label | request |
|
||||
| sendgrid_mail.py:37:41:37:68 | After Subscript | semmle.label | After Subscript |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | After ImportMember | semmle.label | After ImportMember |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | request | semmle.label | request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | After Attribute() | semmle.label | After Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | request | semmle.label | request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | After Attribute() | semmle.label | After Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | request | semmle.label | request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | After Attribute() | semmle.label | After Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:56 | request | semmle.label | request |
|
||||
| smtplib_bad_subparts.py:2:26:2:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| smtplib_bad_subparts.py:2:26:2:32 | request | semmle.label | request |
|
||||
| smtplib_bad_subparts.py:17:5:17:8 | name | semmle.label | name |
|
||||
| smtplib_bad_subparts.py:17:12:17:18 | request | semmle.label | request |
|
||||
| smtplib_bad_subparts.py:20:5:20:8 | html | semmle.label | html |
|
||||
| smtplib_bad_subparts.py:24:22:24:25 | html | semmle.label | html |
|
||||
| smtplib_bad_via_attach.py:2:26:2:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| smtplib_bad_via_attach.py:2:26:2:32 | request | semmle.label | request |
|
||||
| smtplib_bad_via_attach.py:20:5:20:8 | name | semmle.label | name |
|
||||
| smtplib_bad_via_attach.py:20:12:20:18 | request | semmle.label | request |
|
||||
| smtplib_bad_via_attach.py:23:5:23:8 | html | semmle.label | html |
|
||||
| smtplib_bad_via_attach.py:27:22:27:25 | html | semmle.label | html |
|
||||
subpaths
|
||||
#select
|
||||
| django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | a user-provided value |
|
||||
| django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | a user-provided value |
|
||||
| django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | a user-provided value |
|
||||
| flask_mail.py:13:22:13:41 | ControlFlowNode for Subscript | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | flask_mail.py:13:22:13:41 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
|
||||
| flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
|
||||
| flask_mail.py:31:24:31:43 | ControlFlowNode for Subscript | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | flask_mail.py:31:24:31:43 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
|
||||
| sendgrid_mail.py:14:22:14:49 | ControlFlowNode for Subscript | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | sendgrid_mail.py:14:22:14:49 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
|
||||
| sendgrid_mail.py:26:22:26:62 | ControlFlowNode for HtmlContent() | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | sendgrid_mail.py:26:22:26:62 | ControlFlowNode for HtmlContent() | Cross-site scripting vulnerability due to $@. | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
|
||||
| sendgrid_mail.py:37:41:37:68 | ControlFlowNode for Subscript | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | sendgrid_mail.py:37:41:37:68 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | ControlFlowNode for Attribute() | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | a user-provided value |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | a user-provided value |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | a user-provided value |
|
||||
| smtplib_bad_subparts.py:24:22:24:25 | ControlFlowNode for html | smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for ImportMember | smtplib_bad_subparts.py:24:22:24:25 | ControlFlowNode for html | Cross-site scripting vulnerability due to $@. | smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for ImportMember | a user-provided value |
|
||||
| smtplib_bad_via_attach.py:27:22:27:25 | ControlFlowNode for html | smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for ImportMember | smtplib_bad_via_attach.py:27:22:27:25 | ControlFlowNode for html | Cross-site scripting vulnerability due to $@. | smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for ImportMember | a user-provided value |
|
||||
| django_mail.py:14:48:14:82 | After Attribute() | django_mail.py:14:48:14:82 | After Attribute() | django_mail.py:14:48:14:82 | After Attribute() | Cross-site scripting vulnerability due to $@. | django_mail.py:14:48:14:82 | After Attribute() | a user-provided value |
|
||||
| django_mail.py:23:30:23:64 | After Attribute() | django_mail.py:23:30:23:64 | After Attribute() | django_mail.py:23:30:23:64 | After Attribute() | Cross-site scripting vulnerability due to $@. | django_mail.py:23:30:23:64 | After Attribute() | a user-provided value |
|
||||
| django_mail.py:25:32:25:66 | After Attribute() | django_mail.py:25:32:25:66 | After Attribute() | django_mail.py:25:32:25:66 | After Attribute() | Cross-site scripting vulnerability due to $@. | django_mail.py:25:32:25:66 | After Attribute() | a user-provided value |
|
||||
| flask_mail.py:13:22:13:41 | After Subscript | flask_mail.py:1:19:1:25 | After ImportMember | flask_mail.py:13:22:13:41 | After Subscript | Cross-site scripting vulnerability due to $@. | flask_mail.py:1:19:1:25 | After ImportMember | a user-provided value |
|
||||
| flask_mail.py:18:14:18:33 | After Subscript | flask_mail.py:1:19:1:25 | After ImportMember | flask_mail.py:18:14:18:33 | After Subscript | Cross-site scripting vulnerability due to $@. | flask_mail.py:1:19:1:25 | After ImportMember | a user-provided value |
|
||||
| flask_mail.py:31:24:31:43 | After Subscript | flask_mail.py:1:19:1:25 | After ImportMember | flask_mail.py:31:24:31:43 | After Subscript | Cross-site scripting vulnerability due to $@. | flask_mail.py:1:19:1:25 | After ImportMember | a user-provided value |
|
||||
| sendgrid_mail.py:14:22:14:49 | After Subscript | sendgrid_mail.py:1:19:1:25 | After ImportMember | sendgrid_mail.py:14:22:14:49 | After Subscript | Cross-site scripting vulnerability due to $@. | sendgrid_mail.py:1:19:1:25 | After ImportMember | a user-provided value |
|
||||
| sendgrid_mail.py:26:22:26:62 | After HtmlContent() | sendgrid_mail.py:1:19:1:25 | After ImportMember | sendgrid_mail.py:26:22:26:62 | After HtmlContent() | Cross-site scripting vulnerability due to $@. | sendgrid_mail.py:1:19:1:25 | After ImportMember | a user-provided value |
|
||||
| sendgrid_mail.py:37:41:37:68 | After Subscript | sendgrid_mail.py:1:19:1:25 | After ImportMember | sendgrid_mail.py:37:41:37:68 | After Subscript | Cross-site scripting vulnerability due to $@. | sendgrid_mail.py:1:19:1:25 | After ImportMember | a user-provided value |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | After Attribute() | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | After ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | After Attribute() | Cross-site scripting vulnerability due to $@. | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | After ImportMember | a user-provided value |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | After Attribute() | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | After ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | After Attribute() | Cross-site scripting vulnerability due to $@. | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | After ImportMember | a user-provided value |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | After Attribute() | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | After ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | After Attribute() | Cross-site scripting vulnerability due to $@. | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | After ImportMember | a user-provided value |
|
||||
| smtplib_bad_subparts.py:24:22:24:25 | html | smtplib_bad_subparts.py:2:26:2:32 | After ImportMember | smtplib_bad_subparts.py:24:22:24:25 | html | Cross-site scripting vulnerability due to $@. | smtplib_bad_subparts.py:2:26:2:32 | After ImportMember | a user-provided value |
|
||||
| smtplib_bad_via_attach.py:27:22:27:25 | html | smtplib_bad_via_attach.py:2:26:2:32 | After ImportMember | smtplib_bad_via_attach.py:27:22:27:25 | html | Cross-site scripting vulnerability due to $@. | smtplib_bad_via_attach.py:2:26:2:32 | After ImportMember | a user-provided value |
|
||||
|
||||
@@ -1,120 +1,120 @@
|
||||
edges
|
||||
| xslt.py:3:26:3:32 | ControlFlowNode for ImportMember | xslt.py:3:26:3:32 | ControlFlowNode for request | provenance | |
|
||||
| xslt.py:3:26:3:32 | ControlFlowNode for request | xslt.py:10:17:10:23 | ControlFlowNode for request | provenance | |
|
||||
| xslt.py:10:5:10:13 | ControlFlowNode for xsltQuery | xslt.py:11:27:11:35 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xslt.py:10:17:10:23 | ControlFlowNode for request | xslt.py:10:17:10:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| xslt.py:10:17:10:28 | ControlFlowNode for Attribute | xslt.py:10:17:10:43 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| xslt.py:10:17:10:43 | ControlFlowNode for Attribute() | xslt.py:10:5:10:13 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xslt.py:11:5:11:13 | ControlFlowNode for xslt_root | xslt.py:14:29:14:37 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xslt.py:11:17:11:36 | ControlFlowNode for Attribute() | xslt.py:11:5:11:13 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xslt.py:11:27:11:35 | ControlFlowNode for xsltQuery | xslt.py:11:17:11:36 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xslt.py:11:27:11:35 | ControlFlowNode for xsltQuery | xslt.py:11:17:11:36 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | xsltInjection.py:3:26:3:32 | ControlFlowNode for request | provenance | |
|
||||
| xsltInjection.py:3:26:3:32 | ControlFlowNode for request | xsltInjection.py:10:17:10:23 | ControlFlowNode for request | provenance | |
|
||||
| xsltInjection.py:3:26:3:32 | ControlFlowNode for request | xsltInjection.py:17:17:17:23 | ControlFlowNode for request | provenance | |
|
||||
| xsltInjection.py:3:26:3:32 | ControlFlowNode for request | xsltInjection.py:26:17:26:23 | ControlFlowNode for request | provenance | |
|
||||
| xsltInjection.py:3:26:3:32 | ControlFlowNode for request | xsltInjection.py:35:17:35:23 | ControlFlowNode for request | provenance | |
|
||||
| xsltInjection.py:3:26:3:32 | ControlFlowNode for request | xsltInjection.py:44:17:44:23 | ControlFlowNode for request | provenance | |
|
||||
| xsltInjection.py:10:5:10:13 | ControlFlowNode for xsltQuery | xsltInjection.py:11:27:11:35 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:10:17:10:23 | ControlFlowNode for request | xsltInjection.py:10:17:10:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| xsltInjection.py:10:17:10:28 | ControlFlowNode for Attribute | xsltInjection.py:10:17:10:43 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| xsltInjection.py:10:17:10:43 | ControlFlowNode for Attribute() | xsltInjection.py:10:5:10:13 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:11:5:11:13 | ControlFlowNode for xslt_root | xsltInjection.py:12:28:12:36 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:11:17:11:36 | ControlFlowNode for Attribute() | xsltInjection.py:11:5:11:13 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:11:27:11:35 | ControlFlowNode for xsltQuery | xsltInjection.py:11:17:11:36 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xsltInjection.py:11:27:11:35 | ControlFlowNode for xsltQuery | xsltInjection.py:11:17:11:36 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:17:5:17:13 | ControlFlowNode for xsltQuery | xsltInjection.py:18:27:18:35 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:17:17:17:23 | ControlFlowNode for request | xsltInjection.py:17:17:17:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| xsltInjection.py:17:17:17:28 | ControlFlowNode for Attribute | xsltInjection.py:17:17:17:43 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| xsltInjection.py:17:17:17:43 | ControlFlowNode for Attribute() | xsltInjection.py:17:5:17:13 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:18:5:18:13 | ControlFlowNode for xslt_root | xsltInjection.py:21:29:21:37 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:18:17:18:36 | ControlFlowNode for Attribute() | xsltInjection.py:18:5:18:13 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:18:27:18:35 | ControlFlowNode for xsltQuery | xsltInjection.py:18:17:18:36 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xsltInjection.py:18:27:18:35 | ControlFlowNode for xsltQuery | xsltInjection.py:18:17:18:36 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:26:5:26:13 | ControlFlowNode for xsltQuery | xsltInjection.py:27:27:27:35 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:26:17:26:23 | ControlFlowNode for request | xsltInjection.py:26:17:26:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| xsltInjection.py:26:17:26:28 | ControlFlowNode for Attribute | xsltInjection.py:26:17:26:43 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| xsltInjection.py:26:17:26:43 | ControlFlowNode for Attribute() | xsltInjection.py:26:5:26:13 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:27:5:27:13 | ControlFlowNode for xslt_root | xsltInjection.py:31:24:31:32 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:27:17:27:36 | ControlFlowNode for Attribute() | xsltInjection.py:27:5:27:13 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:27:27:27:35 | ControlFlowNode for xsltQuery | xsltInjection.py:27:17:27:36 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xsltInjection.py:27:27:27:35 | ControlFlowNode for xsltQuery | xsltInjection.py:27:17:27:36 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:35:5:35:13 | ControlFlowNode for xsltQuery | xsltInjection.py:36:34:36:42 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:35:17:35:23 | ControlFlowNode for request | xsltInjection.py:35:17:35:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| xsltInjection.py:35:17:35:28 | ControlFlowNode for Attribute | xsltInjection.py:35:17:35:43 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| xsltInjection.py:35:17:35:43 | ControlFlowNode for Attribute() | xsltInjection.py:35:5:35:13 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:36:5:36:13 | ControlFlowNode for xslt_root | xsltInjection.py:40:24:40:32 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:36:17:36:43 | ControlFlowNode for Attribute() | xsltInjection.py:36:5:36:13 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:36:34:36:42 | ControlFlowNode for xsltQuery | xsltInjection.py:36:17:36:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xsltInjection.py:36:34:36:42 | ControlFlowNode for xsltQuery | xsltInjection.py:36:17:36:43 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:44:5:44:13 | ControlFlowNode for xsltQuery | xsltInjection.py:45:5:45:15 | ControlFlowNode for xsltStrings | provenance | |
|
||||
| xsltInjection.py:44:17:44:23 | ControlFlowNode for request | xsltInjection.py:44:17:44:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| xsltInjection.py:44:17:44:28 | ControlFlowNode for Attribute | xsltInjection.py:44:17:44:43 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| xsltInjection.py:44:17:44:43 | ControlFlowNode for Attribute() | xsltInjection.py:44:5:44:13 | ControlFlowNode for xsltQuery | provenance | |
|
||||
| xsltInjection.py:45:5:45:15 | ControlFlowNode for xsltStrings | xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings | provenance | |
|
||||
| xsltInjection.py:46:5:46:13 | ControlFlowNode for xslt_root | xsltInjection.py:50:24:50:32 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:46:17:46:49 | ControlFlowNode for Attribute() | xsltInjection.py:46:5:46:13 | ControlFlowNode for xslt_root | provenance | |
|
||||
| xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings | xsltInjection.py:46:17:46:49 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings | xsltInjection.py:46:17:46:49 | ControlFlowNode for Attribute() | provenance | Decoding-XML |
|
||||
| xslt.py:3:26:3:32 | After ImportMember | xslt.py:3:26:3:32 | request | provenance | |
|
||||
| xslt.py:3:26:3:32 | request | xslt.py:10:17:10:23 | request | provenance | |
|
||||
| xslt.py:10:5:10:13 | xsltQuery | xslt.py:11:27:11:35 | xsltQuery | provenance | |
|
||||
| xslt.py:10:17:10:23 | request | xslt.py:10:17:10:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| xslt.py:10:17:10:28 | After Attribute | xslt.py:10:17:10:43 | After Attribute() | provenance | dict.get |
|
||||
| xslt.py:10:17:10:43 | After Attribute() | xslt.py:10:5:10:13 | xsltQuery | provenance | |
|
||||
| xslt.py:11:5:11:13 | xslt_root | xslt.py:14:29:14:37 | xslt_root | provenance | |
|
||||
| xslt.py:11:17:11:36 | After Attribute() | xslt.py:11:5:11:13 | xslt_root | provenance | |
|
||||
| xslt.py:11:27:11:35 | xsltQuery | xslt.py:11:17:11:36 | After Attribute() | provenance | Config |
|
||||
| xslt.py:11:27:11:35 | xsltQuery | xslt.py:11:17:11:36 | After Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:3:26:3:32 | After ImportMember | xsltInjection.py:3:26:3:32 | request | provenance | |
|
||||
| xsltInjection.py:3:26:3:32 | request | xsltInjection.py:10:17:10:23 | request | provenance | |
|
||||
| xsltInjection.py:3:26:3:32 | request | xsltInjection.py:17:17:17:23 | request | provenance | |
|
||||
| xsltInjection.py:3:26:3:32 | request | xsltInjection.py:26:17:26:23 | request | provenance | |
|
||||
| xsltInjection.py:3:26:3:32 | request | xsltInjection.py:35:17:35:23 | request | provenance | |
|
||||
| xsltInjection.py:3:26:3:32 | request | xsltInjection.py:44:17:44:23 | request | provenance | |
|
||||
| xsltInjection.py:10:5:10:13 | xsltQuery | xsltInjection.py:11:27:11:35 | xsltQuery | provenance | |
|
||||
| xsltInjection.py:10:17:10:23 | request | xsltInjection.py:10:17:10:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| xsltInjection.py:10:17:10:28 | After Attribute | xsltInjection.py:10:17:10:43 | After Attribute() | provenance | dict.get |
|
||||
| xsltInjection.py:10:17:10:43 | After Attribute() | xsltInjection.py:10:5:10:13 | xsltQuery | provenance | |
|
||||
| xsltInjection.py:11:5:11:13 | xslt_root | xsltInjection.py:12:28:12:36 | xslt_root | provenance | |
|
||||
| xsltInjection.py:11:17:11:36 | After Attribute() | xsltInjection.py:11:5:11:13 | xslt_root | provenance | |
|
||||
| xsltInjection.py:11:27:11:35 | xsltQuery | xsltInjection.py:11:17:11:36 | After Attribute() | provenance | Config |
|
||||
| xsltInjection.py:11:27:11:35 | xsltQuery | xsltInjection.py:11:17:11:36 | After Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:17:5:17:13 | xsltQuery | xsltInjection.py:18:27:18:35 | xsltQuery | provenance | |
|
||||
| xsltInjection.py:17:17:17:23 | request | xsltInjection.py:17:17:17:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| xsltInjection.py:17:17:17:28 | After Attribute | xsltInjection.py:17:17:17:43 | After Attribute() | provenance | dict.get |
|
||||
| xsltInjection.py:17:17:17:43 | After Attribute() | xsltInjection.py:17:5:17:13 | xsltQuery | provenance | |
|
||||
| xsltInjection.py:18:5:18:13 | xslt_root | xsltInjection.py:21:29:21:37 | xslt_root | provenance | |
|
||||
| xsltInjection.py:18:17:18:36 | After Attribute() | xsltInjection.py:18:5:18:13 | xslt_root | provenance | |
|
||||
| xsltInjection.py:18:27:18:35 | xsltQuery | xsltInjection.py:18:17:18:36 | After Attribute() | provenance | Config |
|
||||
| xsltInjection.py:18:27:18:35 | xsltQuery | xsltInjection.py:18:17:18:36 | After Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:26:5:26:13 | xsltQuery | xsltInjection.py:27:27:27:35 | xsltQuery | provenance | |
|
||||
| xsltInjection.py:26:17:26:23 | request | xsltInjection.py:26:17:26:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| xsltInjection.py:26:17:26:28 | After Attribute | xsltInjection.py:26:17:26:43 | After Attribute() | provenance | dict.get |
|
||||
| xsltInjection.py:26:17:26:43 | After Attribute() | xsltInjection.py:26:5:26:13 | xsltQuery | provenance | |
|
||||
| xsltInjection.py:27:5:27:13 | xslt_root | xsltInjection.py:31:24:31:32 | xslt_root | provenance | |
|
||||
| xsltInjection.py:27:17:27:36 | After Attribute() | xsltInjection.py:27:5:27:13 | xslt_root | provenance | |
|
||||
| xsltInjection.py:27:27:27:35 | xsltQuery | xsltInjection.py:27:17:27:36 | After Attribute() | provenance | Config |
|
||||
| xsltInjection.py:27:27:27:35 | xsltQuery | xsltInjection.py:27:17:27:36 | After Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:35:5:35:13 | xsltQuery | xsltInjection.py:36:34:36:42 | xsltQuery | provenance | |
|
||||
| xsltInjection.py:35:17:35:23 | request | xsltInjection.py:35:17:35:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| xsltInjection.py:35:17:35:28 | After Attribute | xsltInjection.py:35:17:35:43 | After Attribute() | provenance | dict.get |
|
||||
| xsltInjection.py:35:17:35:43 | After Attribute() | xsltInjection.py:35:5:35:13 | xsltQuery | provenance | |
|
||||
| xsltInjection.py:36:5:36:13 | xslt_root | xsltInjection.py:40:24:40:32 | xslt_root | provenance | |
|
||||
| xsltInjection.py:36:17:36:43 | After Attribute() | xsltInjection.py:36:5:36:13 | xslt_root | provenance | |
|
||||
| xsltInjection.py:36:34:36:42 | xsltQuery | xsltInjection.py:36:17:36:43 | After Attribute() | provenance | Config |
|
||||
| xsltInjection.py:36:34:36:42 | xsltQuery | xsltInjection.py:36:17:36:43 | After Attribute() | provenance | Decoding-XML |
|
||||
| xsltInjection.py:44:5:44:13 | xsltQuery | xsltInjection.py:45:5:45:15 | xsltStrings | provenance | |
|
||||
| xsltInjection.py:44:17:44:23 | request | xsltInjection.py:44:17:44:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| xsltInjection.py:44:17:44:28 | After Attribute | xsltInjection.py:44:17:44:43 | After Attribute() | provenance | dict.get |
|
||||
| xsltInjection.py:44:17:44:43 | After Attribute() | xsltInjection.py:44:5:44:13 | xsltQuery | provenance | |
|
||||
| xsltInjection.py:45:5:45:15 | xsltStrings | xsltInjection.py:46:38:46:48 | xsltStrings | provenance | |
|
||||
| xsltInjection.py:46:5:46:13 | xslt_root | xsltInjection.py:50:24:50:32 | xslt_root | provenance | |
|
||||
| xsltInjection.py:46:17:46:49 | After Attribute() | xsltInjection.py:46:5:46:13 | xslt_root | provenance | |
|
||||
| xsltInjection.py:46:38:46:48 | xsltStrings | xsltInjection.py:46:17:46:49 | After Attribute() | provenance | Config |
|
||||
| xsltInjection.py:46:38:46:48 | xsltStrings | xsltInjection.py:46:17:46:49 | After Attribute() | provenance | Decoding-XML |
|
||||
nodes
|
||||
| xslt.py:3:26:3:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| xslt.py:3:26:3:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xslt.py:10:5:10:13 | ControlFlowNode for xsltQuery | semmle.label | ControlFlowNode for xsltQuery |
|
||||
| xslt.py:10:17:10:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xslt.py:10:17:10:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| xslt.py:10:17:10:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xslt.py:11:5:11:13 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xslt.py:11:17:11:36 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xslt.py:11:27:11:35 | ControlFlowNode for xsltQuery | semmle.label | ControlFlowNode for xsltQuery |
|
||||
| xslt.py:14:29:14:37 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| xsltInjection.py:3:26:3:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xsltInjection.py:10:5:10:13 | ControlFlowNode for xsltQuery | semmle.label | ControlFlowNode for xsltQuery |
|
||||
| xsltInjection.py:10:17:10:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xsltInjection.py:10:17:10:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| xsltInjection.py:10:17:10:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xsltInjection.py:11:5:11:13 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xsltInjection.py:11:17:11:36 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xsltInjection.py:11:27:11:35 | ControlFlowNode for xsltQuery | semmle.label | ControlFlowNode for xsltQuery |
|
||||
| xsltInjection.py:12:28:12:36 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xsltInjection.py:17:5:17:13 | ControlFlowNode for xsltQuery | semmle.label | ControlFlowNode for xsltQuery |
|
||||
| xsltInjection.py:17:17:17:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xsltInjection.py:17:17:17:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| xsltInjection.py:17:17:17:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xsltInjection.py:18:5:18:13 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xsltInjection.py:18:17:18:36 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xsltInjection.py:18:27:18:35 | ControlFlowNode for xsltQuery | semmle.label | ControlFlowNode for xsltQuery |
|
||||
| xsltInjection.py:21:29:21:37 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xsltInjection.py:26:5:26:13 | ControlFlowNode for xsltQuery | semmle.label | ControlFlowNode for xsltQuery |
|
||||
| xsltInjection.py:26:17:26:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xsltInjection.py:26:17:26:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| xsltInjection.py:26:17:26:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xsltInjection.py:27:5:27:13 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xsltInjection.py:27:17:27:36 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xsltInjection.py:27:27:27:35 | ControlFlowNode for xsltQuery | semmle.label | ControlFlowNode for xsltQuery |
|
||||
| xsltInjection.py:31:24:31:32 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xsltInjection.py:35:5:35:13 | ControlFlowNode for xsltQuery | semmle.label | ControlFlowNode for xsltQuery |
|
||||
| xsltInjection.py:35:17:35:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xsltInjection.py:35:17:35:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| xsltInjection.py:35:17:35:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xsltInjection.py:36:5:36:13 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xsltInjection.py:36:17:36:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xsltInjection.py:36:34:36:42 | ControlFlowNode for xsltQuery | semmle.label | ControlFlowNode for xsltQuery |
|
||||
| xsltInjection.py:40:24:40:32 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xsltInjection.py:44:5:44:13 | ControlFlowNode for xsltQuery | semmle.label | ControlFlowNode for xsltQuery |
|
||||
| xsltInjection.py:44:17:44:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xsltInjection.py:44:17:44:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| xsltInjection.py:44:17:44:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xsltInjection.py:45:5:45:15 | ControlFlowNode for xsltStrings | semmle.label | ControlFlowNode for xsltStrings |
|
||||
| xsltInjection.py:46:5:46:13 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xsltInjection.py:46:17:46:49 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings | semmle.label | ControlFlowNode for xsltStrings |
|
||||
| xsltInjection.py:50:24:50:32 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
|
||||
| xslt.py:3:26:3:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| xslt.py:3:26:3:32 | request | semmle.label | request |
|
||||
| xslt.py:10:5:10:13 | xsltQuery | semmle.label | xsltQuery |
|
||||
| xslt.py:10:17:10:23 | request | semmle.label | request |
|
||||
| xslt.py:10:17:10:28 | After Attribute | semmle.label | After Attribute |
|
||||
| xslt.py:10:17:10:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xslt.py:11:5:11:13 | xslt_root | semmle.label | xslt_root |
|
||||
| xslt.py:11:17:11:36 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xslt.py:11:27:11:35 | xsltQuery | semmle.label | xsltQuery |
|
||||
| xslt.py:14:29:14:37 | xslt_root | semmle.label | xslt_root |
|
||||
| xsltInjection.py:3:26:3:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| xsltInjection.py:3:26:3:32 | request | semmle.label | request |
|
||||
| xsltInjection.py:10:5:10:13 | xsltQuery | semmle.label | xsltQuery |
|
||||
| xsltInjection.py:10:17:10:23 | request | semmle.label | request |
|
||||
| xsltInjection.py:10:17:10:28 | After Attribute | semmle.label | After Attribute |
|
||||
| xsltInjection.py:10:17:10:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xsltInjection.py:11:5:11:13 | xslt_root | semmle.label | xslt_root |
|
||||
| xsltInjection.py:11:17:11:36 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xsltInjection.py:11:27:11:35 | xsltQuery | semmle.label | xsltQuery |
|
||||
| xsltInjection.py:12:28:12:36 | xslt_root | semmle.label | xslt_root |
|
||||
| xsltInjection.py:17:5:17:13 | xsltQuery | semmle.label | xsltQuery |
|
||||
| xsltInjection.py:17:17:17:23 | request | semmle.label | request |
|
||||
| xsltInjection.py:17:17:17:28 | After Attribute | semmle.label | After Attribute |
|
||||
| xsltInjection.py:17:17:17:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xsltInjection.py:18:5:18:13 | xslt_root | semmle.label | xslt_root |
|
||||
| xsltInjection.py:18:17:18:36 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xsltInjection.py:18:27:18:35 | xsltQuery | semmle.label | xsltQuery |
|
||||
| xsltInjection.py:21:29:21:37 | xslt_root | semmle.label | xslt_root |
|
||||
| xsltInjection.py:26:5:26:13 | xsltQuery | semmle.label | xsltQuery |
|
||||
| xsltInjection.py:26:17:26:23 | request | semmle.label | request |
|
||||
| xsltInjection.py:26:17:26:28 | After Attribute | semmle.label | After Attribute |
|
||||
| xsltInjection.py:26:17:26:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xsltInjection.py:27:5:27:13 | xslt_root | semmle.label | xslt_root |
|
||||
| xsltInjection.py:27:17:27:36 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xsltInjection.py:27:27:27:35 | xsltQuery | semmle.label | xsltQuery |
|
||||
| xsltInjection.py:31:24:31:32 | xslt_root | semmle.label | xslt_root |
|
||||
| xsltInjection.py:35:5:35:13 | xsltQuery | semmle.label | xsltQuery |
|
||||
| xsltInjection.py:35:17:35:23 | request | semmle.label | request |
|
||||
| xsltInjection.py:35:17:35:28 | After Attribute | semmle.label | After Attribute |
|
||||
| xsltInjection.py:35:17:35:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xsltInjection.py:36:5:36:13 | xslt_root | semmle.label | xslt_root |
|
||||
| xsltInjection.py:36:17:36:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xsltInjection.py:36:34:36:42 | xsltQuery | semmle.label | xsltQuery |
|
||||
| xsltInjection.py:40:24:40:32 | xslt_root | semmle.label | xslt_root |
|
||||
| xsltInjection.py:44:5:44:13 | xsltQuery | semmle.label | xsltQuery |
|
||||
| xsltInjection.py:44:17:44:23 | request | semmle.label | request |
|
||||
| xsltInjection.py:44:17:44:28 | After Attribute | semmle.label | After Attribute |
|
||||
| xsltInjection.py:44:17:44:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xsltInjection.py:45:5:45:15 | xsltStrings | semmle.label | xsltStrings |
|
||||
| xsltInjection.py:46:5:46:13 | xslt_root | semmle.label | xslt_root |
|
||||
| xsltInjection.py:46:17:46:49 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xsltInjection.py:46:38:46:48 | xsltStrings | semmle.label | xsltStrings |
|
||||
| xsltInjection.py:50:24:50:32 | xslt_root | semmle.label | xslt_root |
|
||||
subpaths
|
||||
#select
|
||||
| xslt.py:14:29:14:37 | ControlFlowNode for xslt_root | xslt.py:3:26:3:32 | ControlFlowNode for ImportMember | xslt.py:14:29:14:37 | ControlFlowNode for xslt_root | This XSLT query depends on $@. | xslt.py:3:26:3:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| xsltInjection.py:12:28:12:36 | ControlFlowNode for xslt_root | xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | xsltInjection.py:12:28:12:36 | ControlFlowNode for xslt_root | This XSLT query depends on $@. | xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| xsltInjection.py:21:29:21:37 | ControlFlowNode for xslt_root | xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | xsltInjection.py:21:29:21:37 | ControlFlowNode for xslt_root | This XSLT query depends on $@. | xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| xsltInjection.py:31:24:31:32 | ControlFlowNode for xslt_root | xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | xsltInjection.py:31:24:31:32 | ControlFlowNode for xslt_root | This XSLT query depends on $@. | xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| xsltInjection.py:40:24:40:32 | ControlFlowNode for xslt_root | xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | xsltInjection.py:40:24:40:32 | ControlFlowNode for xslt_root | This XSLT query depends on $@. | xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| xsltInjection.py:50:24:50:32 | ControlFlowNode for xslt_root | xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | xsltInjection.py:50:24:50:32 | ControlFlowNode for xslt_root | This XSLT query depends on $@. | xsltInjection.py:3:26:3:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| xslt.py:14:29:14:37 | xslt_root | xslt.py:3:26:3:32 | After ImportMember | xslt.py:14:29:14:37 | xslt_root | This XSLT query depends on $@. | xslt.py:3:26:3:32 | After ImportMember | user-provided value |
|
||||
| xsltInjection.py:12:28:12:36 | xslt_root | xsltInjection.py:3:26:3:32 | After ImportMember | xsltInjection.py:12:28:12:36 | xslt_root | This XSLT query depends on $@. | xsltInjection.py:3:26:3:32 | After ImportMember | user-provided value |
|
||||
| xsltInjection.py:21:29:21:37 | xslt_root | xsltInjection.py:3:26:3:32 | After ImportMember | xsltInjection.py:21:29:21:37 | xslt_root | This XSLT query depends on $@. | xsltInjection.py:3:26:3:32 | After ImportMember | user-provided value |
|
||||
| xsltInjection.py:31:24:31:32 | xslt_root | xsltInjection.py:3:26:3:32 | After ImportMember | xsltInjection.py:31:24:31:32 | xslt_root | This XSLT query depends on $@. | xsltInjection.py:3:26:3:32 | After ImportMember | user-provided value |
|
||||
| xsltInjection.py:40:24:40:32 | xslt_root | xsltInjection.py:3:26:3:32 | After ImportMember | xsltInjection.py:40:24:40:32 | xslt_root | This XSLT query depends on $@. | xsltInjection.py:3:26:3:32 | After ImportMember | user-provided value |
|
||||
| xsltInjection.py:50:24:50:32 | xslt_root | xsltInjection.py:3:26:3:32 | After ImportMember | xsltInjection.py:50:24:50:32 | xslt_root | This XSLT query depends on $@. | xsltInjection.py:3:26:3:32 | After ImportMember | user-provided value |
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
edges
|
||||
| Js2PyTest.py:9:5:9:6 | ControlFlowNode for jk | Js2PyTest.py:10:18:10:28 | ControlFlowNode for Fstring | provenance | |
|
||||
| Js2PyTest.py:9:10:9:22 | ControlFlowNode for Attribute | Js2PyTest.py:9:5:9:6 | ControlFlowNode for jk | provenance | AdditionalTaintStep |
|
||||
| Js2PyTest.py:9:5:9:6 | jk | Js2PyTest.py:10:18:10:28 | After Fstring | provenance | |
|
||||
| Js2PyTest.py:9:10:9:22 | After Attribute | Js2PyTest.py:9:5:9:6 | jk | provenance | AdditionalTaintStep |
|
||||
nodes
|
||||
| Js2PyTest.py:9:5:9:6 | ControlFlowNode for jk | semmle.label | ControlFlowNode for jk |
|
||||
| Js2PyTest.py:9:10:9:22 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| Js2PyTest.py:10:18:10:28 | ControlFlowNode for Fstring | semmle.label | ControlFlowNode for Fstring |
|
||||
| Js2PyTest.py:9:5:9:6 | jk | semmle.label | jk |
|
||||
| Js2PyTest.py:9:10:9:22 | After Attribute | semmle.label | After Attribute |
|
||||
| Js2PyTest.py:10:18:10:28 | After Fstring | semmle.label | After Fstring |
|
||||
subpaths
|
||||
#select
|
||||
| Js2PyTest.py:10:18:10:28 | ControlFlowNode for Fstring | Js2PyTest.py:9:10:9:22 | ControlFlowNode for Attribute | Js2PyTest.py:10:18:10:28 | ControlFlowNode for Fstring | This input to Js2Py depends on a $@. | Js2PyTest.py:9:10:9:22 | ControlFlowNode for Attribute | user-provided value |
|
||||
| Js2PyTest.py:10:18:10:28 | After Fstring | Js2PyTest.py:9:10:9:22 | After Attribute | Js2PyTest.py:10:18:10:28 | After Fstring | This input to Js2Py depends on a $@. | Js2PyTest.py:9:10:9:22 | After Attribute | user-provided value |
|
||||
|
||||
@@ -1,32 +1,32 @@
|
||||
edges
|
||||
| csv_bad.py:9:19:9:25 | ControlFlowNode for ImportMember | csv_bad.py:9:19:9:25 | ControlFlowNode for request | provenance | |
|
||||
| csv_bad.py:9:19:9:25 | ControlFlowNode for request | csv_bad.py:16:16:16:22 | ControlFlowNode for request | provenance | |
|
||||
| csv_bad.py:9:19:9:25 | ControlFlowNode for request | csv_bad.py:24:16:24:22 | ControlFlowNode for request | provenance | |
|
||||
| csv_bad.py:16:5:16:12 | ControlFlowNode for csv_data | csv_bad.py:18:24:18:31 | ControlFlowNode for csv_data | provenance | |
|
||||
| csv_bad.py:16:5:16:12 | ControlFlowNode for csv_data | csv_bad.py:19:25:19:32 | ControlFlowNode for csv_data | provenance | |
|
||||
| csv_bad.py:16:16:16:22 | ControlFlowNode for request | csv_bad.py:16:16:16:27 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| csv_bad.py:16:16:16:27 | ControlFlowNode for Attribute | csv_bad.py:16:16:16:38 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| csv_bad.py:16:16:16:38 | ControlFlowNode for Attribute() | csv_bad.py:16:5:16:12 | ControlFlowNode for csv_data | provenance | |
|
||||
| csv_bad.py:24:5:24:12 | ControlFlowNode for csv_data | csv_bad.py:25:46:25:53 | ControlFlowNode for csv_data | provenance | |
|
||||
| csv_bad.py:24:16:24:22 | ControlFlowNode for request | csv_bad.py:24:16:24:27 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| csv_bad.py:24:16:24:27 | ControlFlowNode for Attribute | csv_bad.py:24:16:24:38 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| csv_bad.py:24:16:24:38 | ControlFlowNode for Attribute() | csv_bad.py:24:5:24:12 | ControlFlowNode for csv_data | provenance | |
|
||||
| csv_bad.py:9:19:9:25 | After ImportMember | csv_bad.py:9:19:9:25 | request | provenance | |
|
||||
| csv_bad.py:9:19:9:25 | request | csv_bad.py:16:16:16:22 | request | provenance | |
|
||||
| csv_bad.py:9:19:9:25 | request | csv_bad.py:24:16:24:22 | request | provenance | |
|
||||
| csv_bad.py:16:5:16:12 | csv_data | csv_bad.py:18:24:18:31 | csv_data | provenance | |
|
||||
| csv_bad.py:16:5:16:12 | csv_data | csv_bad.py:19:25:19:32 | csv_data | provenance | |
|
||||
| csv_bad.py:16:16:16:22 | request | csv_bad.py:16:16:16:27 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| csv_bad.py:16:16:16:27 | After Attribute | csv_bad.py:16:16:16:38 | After Attribute() | provenance | dict.get |
|
||||
| csv_bad.py:16:16:16:38 | After Attribute() | csv_bad.py:16:5:16:12 | csv_data | provenance | |
|
||||
| csv_bad.py:24:5:24:12 | csv_data | csv_bad.py:25:46:25:53 | csv_data | provenance | |
|
||||
| csv_bad.py:24:16:24:22 | request | csv_bad.py:24:16:24:27 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| csv_bad.py:24:16:24:27 | After Attribute | csv_bad.py:24:16:24:38 | After Attribute() | provenance | dict.get |
|
||||
| csv_bad.py:24:16:24:38 | After Attribute() | csv_bad.py:24:5:24:12 | csv_data | provenance | |
|
||||
nodes
|
||||
| csv_bad.py:9:19:9:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| csv_bad.py:9:19:9:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| csv_bad.py:16:5:16:12 | ControlFlowNode for csv_data | semmle.label | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:16:16:16:22 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| csv_bad.py:16:16:16:27 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| csv_bad.py:16:16:16:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| csv_bad.py:18:24:18:31 | ControlFlowNode for csv_data | semmle.label | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:19:25:19:32 | ControlFlowNode for csv_data | semmle.label | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:24:5:24:12 | ControlFlowNode for csv_data | semmle.label | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:24:16:24:22 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| csv_bad.py:24:16:24:27 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| csv_bad.py:24:16:24:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| csv_bad.py:25:46:25:53 | ControlFlowNode for csv_data | semmle.label | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:9:19:9:25 | After ImportMember | semmle.label | After ImportMember |
|
||||
| csv_bad.py:9:19:9:25 | request | semmle.label | request |
|
||||
| csv_bad.py:16:5:16:12 | csv_data | semmle.label | csv_data |
|
||||
| csv_bad.py:16:16:16:22 | request | semmle.label | request |
|
||||
| csv_bad.py:16:16:16:27 | After Attribute | semmle.label | After Attribute |
|
||||
| csv_bad.py:16:16:16:38 | After Attribute() | semmle.label | After Attribute() |
|
||||
| csv_bad.py:18:24:18:31 | csv_data | semmle.label | csv_data |
|
||||
| csv_bad.py:19:25:19:32 | csv_data | semmle.label | csv_data |
|
||||
| csv_bad.py:24:5:24:12 | csv_data | semmle.label | csv_data |
|
||||
| csv_bad.py:24:16:24:22 | request | semmle.label | request |
|
||||
| csv_bad.py:24:16:24:27 | After Attribute | semmle.label | After Attribute |
|
||||
| csv_bad.py:24:16:24:38 | After Attribute() | semmle.label | After Attribute() |
|
||||
| csv_bad.py:25:46:25:53 | csv_data | semmle.label | csv_data |
|
||||
subpaths
|
||||
#select
|
||||
| csv_bad.py:18:24:18:31 | ControlFlowNode for csv_data | csv_bad.py:9:19:9:25 | ControlFlowNode for ImportMember | csv_bad.py:18:24:18:31 | ControlFlowNode for csv_data | Csv injection might include code from $@. | csv_bad.py:9:19:9:25 | ControlFlowNode for ImportMember | this user input |
|
||||
| csv_bad.py:19:25:19:32 | ControlFlowNode for csv_data | csv_bad.py:9:19:9:25 | ControlFlowNode for ImportMember | csv_bad.py:19:25:19:32 | ControlFlowNode for csv_data | Csv injection might include code from $@. | csv_bad.py:9:19:9:25 | ControlFlowNode for ImportMember | this user input |
|
||||
| csv_bad.py:25:46:25:53 | ControlFlowNode for csv_data | csv_bad.py:9:19:9:25 | ControlFlowNode for ImportMember | csv_bad.py:25:46:25:53 | ControlFlowNode for csv_data | Csv injection might include code from $@. | csv_bad.py:9:19:9:25 | ControlFlowNode for ImportMember | this user input |
|
||||
| csv_bad.py:18:24:18:31 | csv_data | csv_bad.py:9:19:9:25 | After ImportMember | csv_bad.py:18:24:18:31 | csv_data | Csv injection might include code from $@. | csv_bad.py:9:19:9:25 | After ImportMember | this user input |
|
||||
| csv_bad.py:19:25:19:32 | csv_data | csv_bad.py:9:19:9:25 | After ImportMember | csv_bad.py:19:25:19:32 | csv_data | Csv injection might include code from $@. | csv_bad.py:9:19:9:25 | After ImportMember | this user input |
|
||||
| csv_bad.py:25:46:25:53 | csv_data | csv_bad.py:9:19:9:25 | After ImportMember | csv_bad.py:25:46:25:53 | csv_data | Csv injection might include code from $@. | csv_bad.py:9:19:9:25 | After ImportMember | this user input |
|
||||
|
||||
@@ -1,87 +1,87 @@
|
||||
#select
|
||||
| agent_instructions.py:9:50:9:89 | ControlFlowNode for BinaryExpr | agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | agent_instructions.py:9:50:9:89 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| agent_instructions.py:25:28:25:32 | ControlFlowNode for input | agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | agent_instructions.py:25:28:25:32 | ControlFlowNode for input | This prompt construction depends on a $@. | agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| agent_instructions.py:35:28:35:32 | ControlFlowNode for input | agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | agent_instructions.py:35:28:35:32 | ControlFlowNode for input | This prompt construction depends on a $@. | agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| anthropic_test.py:17:16:17:37 | ControlFlowNode for BinaryExpr | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | anthropic_test.py:17:16:17:37 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| anthropic_test.py:21:28:21:32 | ControlFlowNode for query | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | anthropic_test.py:21:28:21:32 | ControlFlowNode for query | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| anthropic_test.py:29:16:29:37 | ControlFlowNode for BinaryExpr | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | anthropic_test.py:29:16:29:37 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| anthropic_test.py:33:28:33:32 | ControlFlowNode for query | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | anthropic_test.py:33:28:33:32 | ControlFlowNode for query | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| anthropic_test.py:41:16:41:37 | ControlFlowNode for BinaryExpr | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | anthropic_test.py:41:16:41:37 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| anthropic_test.py:45:28:45:32 | ControlFlowNode for query | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | anthropic_test.py:45:28:45:32 | ControlFlowNode for query | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| anthropic_test.py:53:16:53:37 | ControlFlowNode for BinaryExpr | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | anthropic_test.py:53:16:53:37 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| anthropic_test.py:57:28:57:32 | ControlFlowNode for query | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | anthropic_test.py:57:28:57:32 | ControlFlowNode for query | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:17:22:17:46 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:17:22:17:46 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:18:15:18:19 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:18:15:18:19 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:22:22:22:46 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:22:22:22:46 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:23:15:37:9 | ControlFlowNode for List | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:23:15:37:9 | ControlFlowNode for List | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:33:33:33:37 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:33:33:33:37 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:41:22:41:46 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:41:22:41:46 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:42:15:42:19 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:42:15:42:19 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:53:33:53:37 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:53:33:53:37 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:63:28:63:51 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:63:28:63:51 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:67:28:67:32 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:67:28:67:32 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:71:28:71:32 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:71:28:71:32 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:80:28:80:51 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:80:28:80:51 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:84:28:84:32 | ControlFlowNode for query | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:84:28:84:32 | ControlFlowNode for query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| openai_test.py:92:22:92:46 | ControlFlowNode for BinaryExpr | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:92:22:92:46 | ControlFlowNode for BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| agent_instructions.py:9:50:9:89 | After BinaryExpr | agent_instructions.py:2:26:2:32 | After ImportMember | agent_instructions.py:9:50:9:89 | After BinaryExpr | This prompt construction depends on a $@. | agent_instructions.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| agent_instructions.py:25:28:25:32 | input | agent_instructions.py:2:26:2:32 | After ImportMember | agent_instructions.py:25:28:25:32 | input | This prompt construction depends on a $@. | agent_instructions.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| agent_instructions.py:35:28:35:32 | input | agent_instructions.py:2:26:2:32 | After ImportMember | agent_instructions.py:35:28:35:32 | input | This prompt construction depends on a $@. | agent_instructions.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| anthropic_test.py:17:16:17:37 | After BinaryExpr | anthropic_test.py:2:26:2:32 | After ImportMember | anthropic_test.py:17:16:17:37 | After BinaryExpr | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| anthropic_test.py:21:28:21:32 | query | anthropic_test.py:2:26:2:32 | After ImportMember | anthropic_test.py:21:28:21:32 | query | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| anthropic_test.py:29:16:29:37 | After BinaryExpr | anthropic_test.py:2:26:2:32 | After ImportMember | anthropic_test.py:29:16:29:37 | After BinaryExpr | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| anthropic_test.py:33:28:33:32 | query | anthropic_test.py:2:26:2:32 | After ImportMember | anthropic_test.py:33:28:33:32 | query | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| anthropic_test.py:41:16:41:37 | After BinaryExpr | anthropic_test.py:2:26:2:32 | After ImportMember | anthropic_test.py:41:16:41:37 | After BinaryExpr | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| anthropic_test.py:45:28:45:32 | query | anthropic_test.py:2:26:2:32 | After ImportMember | anthropic_test.py:45:28:45:32 | query | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| anthropic_test.py:53:16:53:37 | After BinaryExpr | anthropic_test.py:2:26:2:32 | After ImportMember | anthropic_test.py:53:16:53:37 | After BinaryExpr | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| anthropic_test.py:57:28:57:32 | query | anthropic_test.py:2:26:2:32 | After ImportMember | anthropic_test.py:57:28:57:32 | query | This prompt construction depends on a $@. | anthropic_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:17:22:17:46 | After BinaryExpr | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:17:22:17:46 | After BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:18:15:18:19 | query | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:18:15:18:19 | query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:22:22:22:46 | After BinaryExpr | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:22:22:22:46 | After BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:23:15:37:9 | After List | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:23:15:37:9 | After List | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:26:28:26:51 | After BinaryExpr | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:26:28:26:51 | After BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:33:33:33:37 | query | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:33:33:33:37 | query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:41:22:41:46 | After BinaryExpr | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:41:22:41:46 | After BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:42:15:42:19 | query | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:42:15:42:19 | query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:53:33:53:37 | query | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:53:33:53:37 | query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:63:28:63:51 | After BinaryExpr | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:63:28:63:51 | After BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:67:28:67:32 | query | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:67:28:67:32 | query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:71:28:71:32 | query | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:71:28:71:32 | query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:80:28:80:51 | After BinaryExpr | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:80:28:80:51 | After BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:84:28:84:32 | query | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:84:28:84:32 | query | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| openai_test.py:92:22:92:46 | After BinaryExpr | openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:92:22:92:46 | After BinaryExpr | This prompt construction depends on a $@. | openai_test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
edges
|
||||
| agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | agent_instructions.py:2:26:2:32 | ControlFlowNode for request | provenance | |
|
||||
| agent_instructions.py:2:26:2:32 | ControlFlowNode for request | agent_instructions.py:7:13:7:19 | ControlFlowNode for request | provenance | |
|
||||
| agent_instructions.py:2:26:2:32 | ControlFlowNode for request | agent_instructions.py:17:13:17:19 | ControlFlowNode for request | provenance | |
|
||||
| agent_instructions.py:7:5:7:9 | ControlFlowNode for input | agent_instructions.py:9:50:9:89 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:11 |
|
||||
| agent_instructions.py:7:13:7:19 | ControlFlowNode for request | agent_instructions.py:7:13:7:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| agent_instructions.py:7:13:7:24 | ControlFlowNode for Attribute | agent_instructions.py:7:13:7:37 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| agent_instructions.py:7:13:7:37 | ControlFlowNode for Attribute() | agent_instructions.py:7:5:7:9 | ControlFlowNode for input | provenance | |
|
||||
| agent_instructions.py:17:5:17:9 | ControlFlowNode for input | agent_instructions.py:25:28:25:32 | ControlFlowNode for input | provenance | |
|
||||
| agent_instructions.py:17:5:17:9 | ControlFlowNode for input | agent_instructions.py:35:28:35:32 | ControlFlowNode for input | provenance | |
|
||||
| agent_instructions.py:17:13:17:19 | ControlFlowNode for request | agent_instructions.py:17:13:17:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| agent_instructions.py:17:13:17:24 | ControlFlowNode for Attribute | agent_instructions.py:17:13:17:37 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| agent_instructions.py:17:13:17:37 | ControlFlowNode for Attribute() | agent_instructions.py:17:5:17:9 | ControlFlowNode for input | provenance | |
|
||||
| anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | anthropic_test.py:2:26:2:32 | ControlFlowNode for request | provenance | |
|
||||
| anthropic_test.py:2:26:2:32 | ControlFlowNode for request | anthropic_test.py:11:15:11:21 | ControlFlowNode for request | provenance | |
|
||||
| anthropic_test.py:2:26:2:32 | ControlFlowNode for request | anthropic_test.py:12:13:12:19 | ControlFlowNode for request | provenance | |
|
||||
| anthropic_test.py:11:5:11:11 | ControlFlowNode for persona | anthropic_test.py:17:16:17:37 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:4 |
|
||||
| anthropic_test.py:11:5:11:11 | ControlFlowNode for persona | anthropic_test.py:29:16:29:37 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:6 |
|
||||
| anthropic_test.py:11:5:11:11 | ControlFlowNode for persona | anthropic_test.py:41:16:41:37 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:4 |
|
||||
| anthropic_test.py:11:5:11:11 | ControlFlowNode for persona | anthropic_test.py:53:16:53:37 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:2 |
|
||||
| anthropic_test.py:11:15:11:21 | ControlFlowNode for request | anthropic_test.py:11:15:11:26 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| anthropic_test.py:11:15:11:21 | ControlFlowNode for request | anthropic_test.py:12:13:12:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| anthropic_test.py:11:15:11:26 | ControlFlowNode for Attribute | anthropic_test.py:11:15:11:41 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| anthropic_test.py:11:15:11:41 | ControlFlowNode for Attribute() | anthropic_test.py:11:5:11:11 | ControlFlowNode for persona | provenance | |
|
||||
| anthropic_test.py:12:5:12:9 | ControlFlowNode for query | anthropic_test.py:21:28:21:32 | ControlFlowNode for query | provenance | Sink:MaD:3 |
|
||||
| anthropic_test.py:12:5:12:9 | ControlFlowNode for query | anthropic_test.py:33:28:33:32 | ControlFlowNode for query | provenance | Sink:MaD:5 |
|
||||
| anthropic_test.py:12:5:12:9 | ControlFlowNode for query | anthropic_test.py:45:28:45:32 | ControlFlowNode for query | provenance | Sink:MaD:3 |
|
||||
| anthropic_test.py:12:5:12:9 | ControlFlowNode for query | anthropic_test.py:57:28:57:32 | ControlFlowNode for query | provenance | Sink:MaD:1 |
|
||||
| anthropic_test.py:12:13:12:19 | ControlFlowNode for request | anthropic_test.py:12:13:12:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| anthropic_test.py:12:13:12:24 | ControlFlowNode for Attribute | anthropic_test.py:12:13:12:37 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| anthropic_test.py:12:13:12:37 | ControlFlowNode for Attribute() | anthropic_test.py:12:5:12:9 | ControlFlowNode for query | provenance | |
|
||||
| openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | openai_test.py:2:26:2:32 | ControlFlowNode for request | provenance | |
|
||||
| openai_test.py:2:26:2:32 | ControlFlowNode for request | openai_test.py:12:15:12:21 | ControlFlowNode for request | provenance | |
|
||||
| openai_test.py:2:26:2:32 | ControlFlowNode for request | openai_test.py:13:13:13:19 | ControlFlowNode for request | provenance | |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:17:22:17:46 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:10 |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:22:22:22:46 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:10 |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:23:15:37:9 | ControlFlowNode for List | provenance | Sink:MaD:9 |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:41:22:41:46 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:10 |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:63:28:63:51 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:8 |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:80:28:80:51 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:8 |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | openai_test.py:92:22:92:46 | ControlFlowNode for BinaryExpr | provenance | Sink:MaD:7 |
|
||||
| openai_test.py:12:15:12:21 | ControlFlowNode for request | openai_test.py:12:15:12:26 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| openai_test.py:12:15:12:21 | ControlFlowNode for request | openai_test.py:13:13:13:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| openai_test.py:12:15:12:26 | ControlFlowNode for Attribute | openai_test.py:12:15:12:41 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| openai_test.py:12:15:12:41 | ControlFlowNode for Attribute() | openai_test.py:12:5:12:11 | ControlFlowNode for persona | provenance | |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:18:15:18:19 | ControlFlowNode for query | provenance | Sink:MaD:9 |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:23:15:37:9 | ControlFlowNode for List | provenance | Sink:MaD:9 |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:33:33:33:37 | ControlFlowNode for query | provenance | |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:42:15:42:19 | ControlFlowNode for query | provenance | Sink:MaD:9 |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:53:33:53:37 | ControlFlowNode for query | provenance | |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:67:28:67:32 | ControlFlowNode for query | provenance | Sink:MaD:8 |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:71:28:71:32 | ControlFlowNode for query | provenance | Sink:MaD:8 |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | openai_test.py:84:28:84:32 | ControlFlowNode for query | provenance | Sink:MaD:8 |
|
||||
| openai_test.py:13:13:13:19 | ControlFlowNode for request | openai_test.py:13:13:13:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| openai_test.py:13:13:13:24 | ControlFlowNode for Attribute | openai_test.py:13:13:13:37 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| openai_test.py:13:13:13:37 | ControlFlowNode for Attribute() | openai_test.py:13:5:13:9 | ControlFlowNode for query | provenance | |
|
||||
| agent_instructions.py:2:26:2:32 | After ImportMember | agent_instructions.py:2:26:2:32 | request | provenance | |
|
||||
| agent_instructions.py:2:26:2:32 | request | agent_instructions.py:7:13:7:19 | request | provenance | |
|
||||
| agent_instructions.py:2:26:2:32 | request | agent_instructions.py:17:13:17:19 | request | provenance | |
|
||||
| agent_instructions.py:7:5:7:9 | input | agent_instructions.py:9:50:9:89 | After BinaryExpr | provenance | Sink:MaD:11 |
|
||||
| agent_instructions.py:7:13:7:19 | request | agent_instructions.py:7:13:7:24 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| agent_instructions.py:7:13:7:24 | After Attribute | agent_instructions.py:7:13:7:37 | After Attribute() | provenance | dict.get |
|
||||
| agent_instructions.py:7:13:7:37 | After Attribute() | agent_instructions.py:7:5:7:9 | input | provenance | |
|
||||
| agent_instructions.py:17:5:17:9 | input | agent_instructions.py:25:28:25:32 | input | provenance | |
|
||||
| agent_instructions.py:17:5:17:9 | input | agent_instructions.py:35:28:35:32 | input | provenance | |
|
||||
| agent_instructions.py:17:13:17:19 | request | agent_instructions.py:17:13:17:24 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| agent_instructions.py:17:13:17:24 | After Attribute | agent_instructions.py:17:13:17:37 | After Attribute() | provenance | dict.get |
|
||||
| agent_instructions.py:17:13:17:37 | After Attribute() | agent_instructions.py:17:5:17:9 | input | provenance | |
|
||||
| anthropic_test.py:2:26:2:32 | After ImportMember | anthropic_test.py:2:26:2:32 | request | provenance | |
|
||||
| anthropic_test.py:2:26:2:32 | request | anthropic_test.py:11:15:11:21 | request | provenance | |
|
||||
| anthropic_test.py:2:26:2:32 | request | anthropic_test.py:12:13:12:19 | request | provenance | |
|
||||
| anthropic_test.py:11:5:11:11 | persona | anthropic_test.py:17:16:17:37 | After BinaryExpr | provenance | Sink:MaD:4 |
|
||||
| anthropic_test.py:11:5:11:11 | persona | anthropic_test.py:29:16:29:37 | After BinaryExpr | provenance | Sink:MaD:6 |
|
||||
| anthropic_test.py:11:5:11:11 | persona | anthropic_test.py:41:16:41:37 | After BinaryExpr | provenance | Sink:MaD:4 |
|
||||
| anthropic_test.py:11:5:11:11 | persona | anthropic_test.py:53:16:53:37 | After BinaryExpr | provenance | Sink:MaD:2 |
|
||||
| anthropic_test.py:11:15:11:21 | request | anthropic_test.py:11:15:11:26 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| anthropic_test.py:11:15:11:21 | request | anthropic_test.py:12:13:12:24 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| anthropic_test.py:11:15:11:26 | After Attribute | anthropic_test.py:11:15:11:41 | After Attribute() | provenance | dict.get |
|
||||
| anthropic_test.py:11:15:11:41 | After Attribute() | anthropic_test.py:11:5:11:11 | persona | provenance | |
|
||||
| anthropic_test.py:12:5:12:9 | query | anthropic_test.py:21:28:21:32 | query | provenance | Sink:MaD:3 |
|
||||
| anthropic_test.py:12:5:12:9 | query | anthropic_test.py:33:28:33:32 | query | provenance | Sink:MaD:5 |
|
||||
| anthropic_test.py:12:5:12:9 | query | anthropic_test.py:45:28:45:32 | query | provenance | Sink:MaD:3 |
|
||||
| anthropic_test.py:12:5:12:9 | query | anthropic_test.py:57:28:57:32 | query | provenance | Sink:MaD:1 |
|
||||
| anthropic_test.py:12:13:12:19 | request | anthropic_test.py:12:13:12:24 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| anthropic_test.py:12:13:12:24 | After Attribute | anthropic_test.py:12:13:12:37 | After Attribute() | provenance | dict.get |
|
||||
| anthropic_test.py:12:13:12:37 | After Attribute() | anthropic_test.py:12:5:12:9 | query | provenance | |
|
||||
| openai_test.py:2:26:2:32 | After ImportMember | openai_test.py:2:26:2:32 | request | provenance | |
|
||||
| openai_test.py:2:26:2:32 | request | openai_test.py:12:15:12:21 | request | provenance | |
|
||||
| openai_test.py:2:26:2:32 | request | openai_test.py:13:13:13:19 | request | provenance | |
|
||||
| openai_test.py:12:5:12:11 | persona | openai_test.py:17:22:17:46 | After BinaryExpr | provenance | Sink:MaD:10 |
|
||||
| openai_test.py:12:5:12:11 | persona | openai_test.py:22:22:22:46 | After BinaryExpr | provenance | Sink:MaD:10 |
|
||||
| openai_test.py:12:5:12:11 | persona | openai_test.py:23:15:37:9 | After List | provenance | Sink:MaD:9 |
|
||||
| openai_test.py:12:5:12:11 | persona | openai_test.py:26:28:26:51 | After BinaryExpr | provenance | |
|
||||
| openai_test.py:12:5:12:11 | persona | openai_test.py:41:22:41:46 | After BinaryExpr | provenance | Sink:MaD:10 |
|
||||
| openai_test.py:12:5:12:11 | persona | openai_test.py:63:28:63:51 | After BinaryExpr | provenance | Sink:MaD:8 |
|
||||
| openai_test.py:12:5:12:11 | persona | openai_test.py:80:28:80:51 | After BinaryExpr | provenance | Sink:MaD:8 |
|
||||
| openai_test.py:12:5:12:11 | persona | openai_test.py:92:22:92:46 | After BinaryExpr | provenance | Sink:MaD:7 |
|
||||
| openai_test.py:12:15:12:21 | request | openai_test.py:12:15:12:26 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| openai_test.py:12:15:12:21 | request | openai_test.py:13:13:13:24 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| openai_test.py:12:15:12:26 | After Attribute | openai_test.py:12:15:12:41 | After Attribute() | provenance | dict.get |
|
||||
| openai_test.py:12:15:12:41 | After Attribute() | openai_test.py:12:5:12:11 | persona | provenance | |
|
||||
| openai_test.py:13:5:13:9 | query | openai_test.py:18:15:18:19 | query | provenance | Sink:MaD:9 |
|
||||
| openai_test.py:13:5:13:9 | query | openai_test.py:23:15:37:9 | After List | provenance | Sink:MaD:9 |
|
||||
| openai_test.py:13:5:13:9 | query | openai_test.py:33:33:33:37 | query | provenance | |
|
||||
| openai_test.py:13:5:13:9 | query | openai_test.py:42:15:42:19 | query | provenance | Sink:MaD:9 |
|
||||
| openai_test.py:13:5:13:9 | query | openai_test.py:53:33:53:37 | query | provenance | |
|
||||
| openai_test.py:13:5:13:9 | query | openai_test.py:67:28:67:32 | query | provenance | Sink:MaD:8 |
|
||||
| openai_test.py:13:5:13:9 | query | openai_test.py:71:28:71:32 | query | provenance | Sink:MaD:8 |
|
||||
| openai_test.py:13:5:13:9 | query | openai_test.py:84:28:84:32 | query | provenance | Sink:MaD:8 |
|
||||
| openai_test.py:13:13:13:19 | request | openai_test.py:13:13:13:24 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| openai_test.py:13:13:13:24 | After Attribute | openai_test.py:13:13:13:37 | After Attribute() | provenance | dict.get |
|
||||
| openai_test.py:13:13:13:37 | After Attribute() | openai_test.py:13:5:13:9 | query | provenance | |
|
||||
models
|
||||
| 1 | Sink: Anthropic; Member[beta].Member[messages].Member[create].Argument[messages:].ListElement.DictionaryElement[content]; prompt-injection |
|
||||
| 2 | Sink: Anthropic; Member[beta].Member[messages].Member[create].Argument[system:]; prompt-injection |
|
||||
@@ -95,60 +95,60 @@ models
|
||||
| 10 | Sink: OpenAI; Member[responses].Member[create].Argument[instructions:]; prompt-injection |
|
||||
| 11 | Sink: agents; Member[Agent].Argument[instructions:]; prompt-injection |
|
||||
nodes
|
||||
| agent_instructions.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| agent_instructions.py:2:26:2:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| agent_instructions.py:7:5:7:9 | ControlFlowNode for input | semmle.label | ControlFlowNode for input |
|
||||
| agent_instructions.py:7:13:7:19 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| agent_instructions.py:7:13:7:24 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| agent_instructions.py:7:13:7:37 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| agent_instructions.py:9:50:9:89 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| agent_instructions.py:17:5:17:9 | ControlFlowNode for input | semmle.label | ControlFlowNode for input |
|
||||
| agent_instructions.py:17:13:17:19 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| agent_instructions.py:17:13:17:24 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| agent_instructions.py:17:13:17:37 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| agent_instructions.py:25:28:25:32 | ControlFlowNode for input | semmle.label | ControlFlowNode for input |
|
||||
| agent_instructions.py:35:28:35:32 | ControlFlowNode for input | semmle.label | ControlFlowNode for input |
|
||||
| anthropic_test.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| anthropic_test.py:2:26:2:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| anthropic_test.py:11:5:11:11 | ControlFlowNode for persona | semmle.label | ControlFlowNode for persona |
|
||||
| anthropic_test.py:11:15:11:21 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| anthropic_test.py:11:15:11:26 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| anthropic_test.py:11:15:11:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| anthropic_test.py:12:5:12:9 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| anthropic_test.py:12:13:12:19 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| anthropic_test.py:12:13:12:24 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| anthropic_test.py:12:13:12:37 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| anthropic_test.py:17:16:17:37 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| anthropic_test.py:21:28:21:32 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| anthropic_test.py:29:16:29:37 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| anthropic_test.py:33:28:33:32 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| anthropic_test.py:41:16:41:37 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| anthropic_test.py:45:28:45:32 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| anthropic_test.py:53:16:53:37 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| anthropic_test.py:57:28:57:32 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| openai_test.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| openai_test.py:2:26:2:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| openai_test.py:12:5:12:11 | ControlFlowNode for persona | semmle.label | ControlFlowNode for persona |
|
||||
| openai_test.py:12:15:12:21 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| openai_test.py:12:15:12:26 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| openai_test.py:12:15:12:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| openai_test.py:13:5:13:9 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| openai_test.py:13:13:13:19 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| openai_test.py:13:13:13:24 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| openai_test.py:13:13:13:37 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| openai_test.py:17:22:17:46 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| openai_test.py:18:15:18:19 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| openai_test.py:22:22:22:46 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| openai_test.py:23:15:37:9 | ControlFlowNode for List | semmle.label | ControlFlowNode for List |
|
||||
| openai_test.py:26:28:26:51 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| openai_test.py:33:33:33:37 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| openai_test.py:41:22:41:46 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| openai_test.py:42:15:42:19 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| openai_test.py:53:33:53:37 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| openai_test.py:63:28:63:51 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| openai_test.py:67:28:67:32 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| openai_test.py:71:28:71:32 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| openai_test.py:80:28:80:51 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| openai_test.py:84:28:84:32 | ControlFlowNode for query | semmle.label | ControlFlowNode for query |
|
||||
| openai_test.py:92:22:92:46 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| agent_instructions.py:2:26:2:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| agent_instructions.py:2:26:2:32 | request | semmle.label | request |
|
||||
| agent_instructions.py:7:5:7:9 | input | semmle.label | input |
|
||||
| agent_instructions.py:7:13:7:19 | request | semmle.label | request |
|
||||
| agent_instructions.py:7:13:7:24 | After Attribute | semmle.label | After Attribute |
|
||||
| agent_instructions.py:7:13:7:37 | After Attribute() | semmle.label | After Attribute() |
|
||||
| agent_instructions.py:9:50:9:89 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| agent_instructions.py:17:5:17:9 | input | semmle.label | input |
|
||||
| agent_instructions.py:17:13:17:19 | request | semmle.label | request |
|
||||
| agent_instructions.py:17:13:17:24 | After Attribute | semmle.label | After Attribute |
|
||||
| agent_instructions.py:17:13:17:37 | After Attribute() | semmle.label | After Attribute() |
|
||||
| agent_instructions.py:25:28:25:32 | input | semmle.label | input |
|
||||
| agent_instructions.py:35:28:35:32 | input | semmle.label | input |
|
||||
| anthropic_test.py:2:26:2:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| anthropic_test.py:2:26:2:32 | request | semmle.label | request |
|
||||
| anthropic_test.py:11:5:11:11 | persona | semmle.label | persona |
|
||||
| anthropic_test.py:11:15:11:21 | request | semmle.label | request |
|
||||
| anthropic_test.py:11:15:11:26 | After Attribute | semmle.label | After Attribute |
|
||||
| anthropic_test.py:11:15:11:41 | After Attribute() | semmle.label | After Attribute() |
|
||||
| anthropic_test.py:12:5:12:9 | query | semmle.label | query |
|
||||
| anthropic_test.py:12:13:12:19 | request | semmle.label | request |
|
||||
| anthropic_test.py:12:13:12:24 | After Attribute | semmle.label | After Attribute |
|
||||
| anthropic_test.py:12:13:12:37 | After Attribute() | semmle.label | After Attribute() |
|
||||
| anthropic_test.py:17:16:17:37 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| anthropic_test.py:21:28:21:32 | query | semmle.label | query |
|
||||
| anthropic_test.py:29:16:29:37 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| anthropic_test.py:33:28:33:32 | query | semmle.label | query |
|
||||
| anthropic_test.py:41:16:41:37 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| anthropic_test.py:45:28:45:32 | query | semmle.label | query |
|
||||
| anthropic_test.py:53:16:53:37 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| anthropic_test.py:57:28:57:32 | query | semmle.label | query |
|
||||
| openai_test.py:2:26:2:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| openai_test.py:2:26:2:32 | request | semmle.label | request |
|
||||
| openai_test.py:12:5:12:11 | persona | semmle.label | persona |
|
||||
| openai_test.py:12:15:12:21 | request | semmle.label | request |
|
||||
| openai_test.py:12:15:12:26 | After Attribute | semmle.label | After Attribute |
|
||||
| openai_test.py:12:15:12:41 | After Attribute() | semmle.label | After Attribute() |
|
||||
| openai_test.py:13:5:13:9 | query | semmle.label | query |
|
||||
| openai_test.py:13:13:13:19 | request | semmle.label | request |
|
||||
| openai_test.py:13:13:13:24 | After Attribute | semmle.label | After Attribute |
|
||||
| openai_test.py:13:13:13:37 | After Attribute() | semmle.label | After Attribute() |
|
||||
| openai_test.py:17:22:17:46 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| openai_test.py:18:15:18:19 | query | semmle.label | query |
|
||||
| openai_test.py:22:22:22:46 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| openai_test.py:23:15:37:9 | After List | semmle.label | After List |
|
||||
| openai_test.py:26:28:26:51 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| openai_test.py:33:33:33:37 | query | semmle.label | query |
|
||||
| openai_test.py:41:22:41:46 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| openai_test.py:42:15:42:19 | query | semmle.label | query |
|
||||
| openai_test.py:53:33:53:37 | query | semmle.label | query |
|
||||
| openai_test.py:63:28:63:51 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| openai_test.py:67:28:67:32 | query | semmle.label | query |
|
||||
| openai_test.py:71:28:71:32 | query | semmle.label | query |
|
||||
| openai_test.py:80:28:80:51 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| openai_test.py:84:28:84:32 | query | semmle.label | query |
|
||||
| openai_test.py:92:22:92:46 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
subpaths
|
||||
|
||||
@@ -1,33 +1,33 @@
|
||||
edges
|
||||
| samples.py:2:26:2:32 | ControlFlowNode for ImportMember | samples.py:2:26:2:32 | ControlFlowNode for request | provenance | |
|
||||
| samples.py:2:26:2:32 | ControlFlowNode for request | samples.py:9:25:9:31 | ControlFlowNode for request | provenance | |
|
||||
| samples.py:2:26:2:32 | ControlFlowNode for request | samples.py:16:25:16:31 | ControlFlowNode for request | provenance | |
|
||||
| samples.py:9:5:9:14 | ControlFlowNode for user_input | samples.py:10:59:10:68 | ControlFlowNode for user_input | provenance | |
|
||||
| samples.py:9:18:9:47 | ControlFlowNode for escape() | samples.py:9:5:9:14 | ControlFlowNode for user_input | provenance | |
|
||||
| samples.py:9:25:9:31 | ControlFlowNode for request | samples.py:9:25:9:36 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| samples.py:9:25:9:36 | ControlFlowNode for Attribute | samples.py:9:25:9:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| samples.py:9:25:9:46 | ControlFlowNode for Attribute() | samples.py:9:18:9:47 | ControlFlowNode for escape() | provenance | Config |
|
||||
| samples.py:16:5:16:14 | ControlFlowNode for user_input | samples.py:20:62:20:71 | ControlFlowNode for user_input | provenance | |
|
||||
| samples.py:16:18:16:47 | ControlFlowNode for escape() | samples.py:16:5:16:14 | ControlFlowNode for user_input | provenance | |
|
||||
| samples.py:16:25:16:31 | ControlFlowNode for request | samples.py:16:25:16:36 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| samples.py:16:25:16:36 | ControlFlowNode for Attribute | samples.py:16:25:16:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| samples.py:16:25:16:46 | ControlFlowNode for Attribute() | samples.py:16:18:16:47 | ControlFlowNode for escape() | provenance | Config |
|
||||
| samples.py:2:26:2:32 | After ImportMember | samples.py:2:26:2:32 | request | provenance | |
|
||||
| samples.py:2:26:2:32 | request | samples.py:9:25:9:31 | request | provenance | |
|
||||
| samples.py:2:26:2:32 | request | samples.py:16:25:16:31 | request | provenance | |
|
||||
| samples.py:9:5:9:14 | user_input | samples.py:10:59:10:68 | user_input | provenance | |
|
||||
| samples.py:9:18:9:47 | After escape() | samples.py:9:5:9:14 | user_input | provenance | |
|
||||
| samples.py:9:25:9:31 | request | samples.py:9:25:9:36 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| samples.py:9:25:9:36 | After Attribute | samples.py:9:25:9:46 | After Attribute() | provenance | dict.get |
|
||||
| samples.py:9:25:9:46 | After Attribute() | samples.py:9:18:9:47 | After escape() | provenance | Config |
|
||||
| samples.py:16:5:16:14 | user_input | samples.py:20:62:20:71 | user_input | provenance | |
|
||||
| samples.py:16:18:16:47 | After escape() | samples.py:16:5:16:14 | user_input | provenance | |
|
||||
| samples.py:16:25:16:31 | request | samples.py:16:25:16:36 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| samples.py:16:25:16:36 | After Attribute | samples.py:16:25:16:46 | After Attribute() | provenance | dict.get |
|
||||
| samples.py:16:25:16:46 | After Attribute() | samples.py:16:18:16:47 | After escape() | provenance | Config |
|
||||
nodes
|
||||
| samples.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| samples.py:2:26:2:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| samples.py:9:5:9:14 | ControlFlowNode for user_input | semmle.label | ControlFlowNode for user_input |
|
||||
| samples.py:9:18:9:47 | ControlFlowNode for escape() | semmle.label | ControlFlowNode for escape() |
|
||||
| samples.py:9:25:9:31 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| samples.py:9:25:9:36 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| samples.py:9:25:9:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| samples.py:10:59:10:68 | ControlFlowNode for user_input | semmle.label | ControlFlowNode for user_input |
|
||||
| samples.py:16:5:16:14 | ControlFlowNode for user_input | semmle.label | ControlFlowNode for user_input |
|
||||
| samples.py:16:18:16:47 | ControlFlowNode for escape() | semmle.label | ControlFlowNode for escape() |
|
||||
| samples.py:16:25:16:31 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| samples.py:16:25:16:36 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| samples.py:16:25:16:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| samples.py:20:62:20:71 | ControlFlowNode for user_input | semmle.label | ControlFlowNode for user_input |
|
||||
| samples.py:2:26:2:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| samples.py:2:26:2:32 | request | semmle.label | request |
|
||||
| samples.py:9:5:9:14 | user_input | semmle.label | user_input |
|
||||
| samples.py:9:18:9:47 | After escape() | semmle.label | After escape() |
|
||||
| samples.py:9:25:9:31 | request | semmle.label | request |
|
||||
| samples.py:9:25:9:36 | After Attribute | semmle.label | After Attribute |
|
||||
| samples.py:9:25:9:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| samples.py:10:59:10:68 | user_input | semmle.label | user_input |
|
||||
| samples.py:16:5:16:14 | user_input | semmle.label | user_input |
|
||||
| samples.py:16:18:16:47 | After escape() | semmle.label | After escape() |
|
||||
| samples.py:16:25:16:31 | request | semmle.label | request |
|
||||
| samples.py:16:25:16:36 | After Attribute | semmle.label | After Attribute |
|
||||
| samples.py:16:25:16:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| samples.py:20:62:20:71 | user_input | semmle.label | user_input |
|
||||
subpaths
|
||||
#select
|
||||
| samples.py:10:59:10:68 | ControlFlowNode for user_input | samples.py:2:26:2:32 | ControlFlowNode for ImportMember | samples.py:10:59:10:68 | ControlFlowNode for user_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | samples.py:10:59:10:68 | ControlFlowNode for user_input | Unicode transformation (Unicode normalization) | samples.py:2:26:2:32 | ControlFlowNode for ImportMember | remote user-controlled data |
|
||||
| samples.py:20:62:20:71 | ControlFlowNode for user_input | samples.py:2:26:2:32 | ControlFlowNode for ImportMember | samples.py:20:62:20:71 | ControlFlowNode for user_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | samples.py:20:62:20:71 | ControlFlowNode for user_input | Unicode transformation (Unicode normalization) | samples.py:2:26:2:32 | ControlFlowNode for ImportMember | remote user-controlled data |
|
||||
| samples.py:10:59:10:68 | user_input | samples.py:2:26:2:32 | After ImportMember | samples.py:10:59:10:68 | user_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | samples.py:10:59:10:68 | user_input | Unicode transformation (Unicode normalization) | samples.py:2:26:2:32 | After ImportMember | remote user-controlled data |
|
||||
| samples.py:20:62:20:71 | user_input | samples.py:2:26:2:32 | After ImportMember | samples.py:20:62:20:71 | user_input | This $@ processes unsafely $@ and any logical validation in-between could be bypassed using special Unicode characters. | samples.py:20:62:20:71 | user_input | Unicode transformation (Unicode normalization) | samples.py:2:26:2:32 | After ImportMember | remote user-controlled data |
|
||||
|
||||
@@ -1,14 +1,14 @@
|
||||
edges
|
||||
| TimingAttackAgainstHash.py:26:5:26:13 | ControlFlowNode for signature | TimingAttackAgainstHash.py:27:24:27:32 | ControlFlowNode for signature | provenance | |
|
||||
| TimingAttackAgainstHash.py:26:17:26:41 | ControlFlowNode for Attribute() | TimingAttackAgainstHash.py:26:5:26:13 | ControlFlowNode for signature | provenance | |
|
||||
| TimingAttackAgainstHash.py:30:12:30:47 | ControlFlowNode for Attribute() | TimingAttackAgainstHash.py:37:19:37:48 | ControlFlowNode for sign() | provenance | |
|
||||
| TimingAttackAgainstHash.py:26:5:26:13 | signature | TimingAttackAgainstHash.py:27:24:27:32 | signature | provenance | |
|
||||
| TimingAttackAgainstHash.py:26:17:26:41 | After Attribute() | TimingAttackAgainstHash.py:26:5:26:13 | signature | provenance | |
|
||||
| TimingAttackAgainstHash.py:30:12:30:47 | After Attribute() | TimingAttackAgainstHash.py:37:19:37:48 | After sign() | provenance | |
|
||||
nodes
|
||||
| TimingAttackAgainstHash.py:26:5:26:13 | ControlFlowNode for signature | semmle.label | ControlFlowNode for signature |
|
||||
| TimingAttackAgainstHash.py:26:17:26:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TimingAttackAgainstHash.py:27:24:27:32 | ControlFlowNode for signature | semmle.label | ControlFlowNode for signature |
|
||||
| TimingAttackAgainstHash.py:30:12:30:47 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TimingAttackAgainstHash.py:37:19:37:48 | ControlFlowNode for sign() | semmle.label | ControlFlowNode for sign() |
|
||||
| TimingAttackAgainstHash.py:26:5:26:13 | signature | semmle.label | signature |
|
||||
| TimingAttackAgainstHash.py:26:17:26:41 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TimingAttackAgainstHash.py:27:24:27:32 | signature | semmle.label | signature |
|
||||
| TimingAttackAgainstHash.py:30:12:30:47 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TimingAttackAgainstHash.py:37:19:37:48 | After sign() | semmle.label | After sign() |
|
||||
subpaths
|
||||
#select
|
||||
| TimingAttackAgainstHash.py:27:24:27:32 | ControlFlowNode for signature | TimingAttackAgainstHash.py:26:17:26:41 | ControlFlowNode for Attribute() | TimingAttackAgainstHash.py:27:24:27:32 | ControlFlowNode for signature | Possible Timing attack against $@ validation. | TimingAttackAgainstHash.py:26:17:26:41 | ControlFlowNode for Attribute() | signature message |
|
||||
| TimingAttackAgainstHash.py:37:19:37:48 | ControlFlowNode for sign() | TimingAttackAgainstHash.py:30:12:30:47 | ControlFlowNode for Attribute() | TimingAttackAgainstHash.py:37:19:37:48 | ControlFlowNode for sign() | Possible Timing attack against $@ validation. | TimingAttackAgainstHash.py:30:12:30:47 | ControlFlowNode for Attribute() | MAC message |
|
||||
| TimingAttackAgainstHash.py:27:24:27:32 | signature | TimingAttackAgainstHash.py:26:17:26:41 | After Attribute() | TimingAttackAgainstHash.py:27:24:27:32 | signature | Possible Timing attack against $@ validation. | TimingAttackAgainstHash.py:26:17:26:41 | After Attribute() | signature message |
|
||||
| TimingAttackAgainstHash.py:37:19:37:48 | After sign() | TimingAttackAgainstHash.py:30:12:30:47 | After Attribute() | TimingAttackAgainstHash.py:37:19:37:48 | After sign() | Possible Timing attack against $@ validation. | TimingAttackAgainstHash.py:30:12:30:47 | After Attribute() | MAC message |
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
edges
|
||||
| TimingAttackAgainstHash.py:26:5:26:13 | ControlFlowNode for signature | TimingAttackAgainstHash.py:27:24:27:32 | ControlFlowNode for signature | provenance | |
|
||||
| TimingAttackAgainstHash.py:26:17:26:41 | ControlFlowNode for Attribute() | TimingAttackAgainstHash.py:26:5:26:13 | ControlFlowNode for signature | provenance | |
|
||||
| TimingAttackAgainstHash.py:30:12:30:47 | ControlFlowNode for Attribute() | TimingAttackAgainstHash.py:37:19:37:48 | ControlFlowNode for sign() | provenance | |
|
||||
| TimingAttackAgainstHash.py:26:5:26:13 | signature | TimingAttackAgainstHash.py:27:24:27:32 | signature | provenance | |
|
||||
| TimingAttackAgainstHash.py:26:17:26:41 | After Attribute() | TimingAttackAgainstHash.py:26:5:26:13 | signature | provenance | |
|
||||
| TimingAttackAgainstHash.py:30:12:30:47 | After Attribute() | TimingAttackAgainstHash.py:37:19:37:48 | After sign() | provenance | |
|
||||
nodes
|
||||
| TimingAttackAgainstHash.py:26:5:26:13 | ControlFlowNode for signature | semmle.label | ControlFlowNode for signature |
|
||||
| TimingAttackAgainstHash.py:26:17:26:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TimingAttackAgainstHash.py:27:24:27:32 | ControlFlowNode for signature | semmle.label | ControlFlowNode for signature |
|
||||
| TimingAttackAgainstHash.py:30:12:30:47 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TimingAttackAgainstHash.py:37:19:37:48 | ControlFlowNode for sign() | semmle.label | ControlFlowNode for sign() |
|
||||
| TimingAttackAgainstHash.py:26:5:26:13 | signature | semmle.label | signature |
|
||||
| TimingAttackAgainstHash.py:26:17:26:41 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TimingAttackAgainstHash.py:27:24:27:32 | signature | semmle.label | signature |
|
||||
| TimingAttackAgainstHash.py:30:12:30:47 | After Attribute() | semmle.label | After Attribute() |
|
||||
| TimingAttackAgainstHash.py:37:19:37:48 | After sign() | semmle.label | After sign() |
|
||||
subpaths
|
||||
#select
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
edges
|
||||
nodes
|
||||
| TimingAttackAgainstHeader.py:14:12:14:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TimingAttackAgainstHeader.py:14:12:14:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
subpaths
|
||||
#select
|
||||
| TimingAttackAgainstHeader.py:14:12:14:46 | ControlFlowNode for Attribute() | TimingAttackAgainstHeader.py:14:12:14:46 | ControlFlowNode for Attribute() | TimingAttackAgainstHeader.py:14:12:14:46 | ControlFlowNode for Attribute() | Timing attack against $@ validation. | TimingAttackAgainstHeader.py:14:12:14:46 | ControlFlowNode for Attribute() | client-supplied token |
|
||||
| TimingAttackAgainstHeader.py:14:12:14:46 | After Attribute() | TimingAttackAgainstHeader.py:14:12:14:46 | After Attribute() | TimingAttackAgainstHeader.py:14:12:14:46 | After Attribute() | Timing attack against $@ validation. | TimingAttackAgainstHeader.py:14:12:14:46 | After Attribute() | client-supplied token |
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
edges
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:9:15:16 | ControlFlowNode for password | TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | ControlFlowNode for password | provenance | |
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:9:15:16 | password | TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | password | provenance | |
|
||||
nodes
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:9:15:16 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:9:15:16 | password | semmle.label | password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | password | semmle.label | password |
|
||||
subpaths
|
||||
#select
|
||||
| TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | ControlFlowNode for password | TimingAttackAgainstSensitiveInfo.py:15:9:15:16 | ControlFlowNode for password | TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | ControlFlowNode for password | Timing attack against $@ validation. | TimingAttackAgainstSensitiveInfo.py:15:9:15:16 | ControlFlowNode for password | client-supplied token |
|
||||
| TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | ControlFlowNode for password | TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | ControlFlowNode for password | TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | ControlFlowNode for password | Timing attack against $@ validation. | TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | ControlFlowNode for password | client-supplied token |
|
||||
| TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | password | TimingAttackAgainstSensitiveInfo.py:15:9:15:16 | password | TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | password | Timing attack against $@ validation. | TimingAttackAgainstSensitiveInfo.py:15:9:15:16 | password | client-supplied token |
|
||||
| TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | password | TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | password | TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | password | Timing attack against $@ validation. | TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | password | client-supplied token |
|
||||
|
||||
@@ -1,44 +1,44 @@
|
||||
edges
|
||||
| app_unsafe.py:4:1:4:9 | ControlFlowNode for aConstant | app_unsafe.py:5:28:5:36 | ControlFlowNode for aConstant | provenance | |
|
||||
| app_unsafe.py:4:1:4:9 | ControlFlowNode for aConstant | app_unsafe.py:6:18:6:26 | ControlFlowNode for aConstant | provenance | |
|
||||
| app_unsafe.py:4:1:4:9 | ControlFlowNode for aConstant | app_unsafe.py:7:30:7:38 | ControlFlowNode for aConstant | provenance | |
|
||||
| app_unsafe.py:4:1:4:9 | ControlFlowNode for aConstant | app_unsafe.py:8:36:8:44 | ControlFlowNode for aConstant | provenance | |
|
||||
| app_unsafe.py:4:13:4:23 | ControlFlowNode for StringLiteral | app_unsafe.py:4:1:4:9 | ControlFlowNode for aConstant | provenance | |
|
||||
| config.py:7:1:7:9 | ControlFlowNode for aConstant | config.py:12:18:12:26 | ControlFlowNode for aConstant | provenance | |
|
||||
| config.py:7:1:7:9 | ControlFlowNode for aConstant | config.py:12:18:12:26 | ControlFlowNode for aConstant | provenance | |
|
||||
| config.py:7:1:7:9 | ControlFlowNode for aConstant | config.py:17:38:17:46 | ControlFlowNode for aConstant | provenance | |
|
||||
| config.py:7:1:7:9 | ControlFlowNode for aConstant | config.py:18:43:18:51 | ControlFlowNode for aConstant | provenance | |
|
||||
| config.py:7:13:7:23 | ControlFlowNode for StringLiteral | config.py:7:1:7:9 | ControlFlowNode for aConstant | provenance | |
|
||||
| config.py:12:18:12:26 | ControlFlowNode for aConstant | config.py:17:38:17:46 | ControlFlowNode for aConstant | provenance | |
|
||||
| config.py:12:18:12:26 | ControlFlowNode for aConstant | config.py:18:43:18:51 | ControlFlowNode for aConstant | provenance | |
|
||||
| config.py:17:38:17:46 | ControlFlowNode for aConstant | config.py:17:18:17:47 | ControlFlowNode for Attribute() | provenance | os.getenv |
|
||||
| config.py:17:38:17:46 | ControlFlowNode for aConstant | config.py:18:43:18:51 | ControlFlowNode for aConstant | provenance | |
|
||||
| config.py:18:43:18:51 | ControlFlowNode for aConstant | config.py:18:18:18:52 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| app_unsafe.py:4:1:4:9 | aConstant | app_unsafe.py:5:28:5:36 | aConstant | provenance | |
|
||||
| app_unsafe.py:4:1:4:9 | aConstant | app_unsafe.py:6:18:6:26 | aConstant | provenance | |
|
||||
| app_unsafe.py:4:1:4:9 | aConstant | app_unsafe.py:7:30:7:38 | aConstant | provenance | |
|
||||
| app_unsafe.py:4:1:4:9 | aConstant | app_unsafe.py:8:36:8:44 | aConstant | provenance | |
|
||||
| app_unsafe.py:4:13:4:23 | StringLiteral | app_unsafe.py:4:1:4:9 | aConstant | provenance | |
|
||||
| config.py:7:1:7:9 | aConstant | config.py:12:18:12:26 | aConstant | provenance | |
|
||||
| config.py:7:1:7:9 | aConstant | config.py:12:18:12:26 | aConstant | provenance | |
|
||||
| config.py:7:1:7:9 | aConstant | config.py:17:38:17:46 | aConstant | provenance | |
|
||||
| config.py:7:1:7:9 | aConstant | config.py:18:43:18:51 | aConstant | provenance | |
|
||||
| config.py:7:13:7:23 | StringLiteral | config.py:7:1:7:9 | aConstant | provenance | |
|
||||
| config.py:12:18:12:26 | aConstant | config.py:17:38:17:46 | aConstant | provenance | |
|
||||
| config.py:12:18:12:26 | aConstant | config.py:18:43:18:51 | aConstant | provenance | |
|
||||
| config.py:17:38:17:46 | aConstant | config.py:17:18:17:47 | After Attribute() | provenance | os.getenv |
|
||||
| config.py:17:38:17:46 | aConstant | config.py:18:43:18:51 | aConstant | provenance | |
|
||||
| config.py:18:43:18:51 | aConstant | config.py:18:18:18:52 | After Attribute() | provenance | dict.get |
|
||||
nodes
|
||||
| app_safe.py:5:28:5:37 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| app_unsafe.py:4:1:4:9 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| app_unsafe.py:4:13:4:23 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| app_unsafe.py:5:28:5:36 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| app_unsafe.py:6:18:6:26 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| app_unsafe.py:7:30:7:38 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| app_unsafe.py:8:36:8:44 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| config2.py:5:14:5:24 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| config.py:7:1:7:9 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| config.py:7:13:7:23 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| config.py:12:18:12:26 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| config.py:12:18:12:26 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| config.py:17:18:17:47 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| config.py:17:38:17:46 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| config.py:18:18:18:52 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| config.py:18:43:18:51 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| app_safe.py:5:28:5:37 | StringLiteral | semmle.label | StringLiteral |
|
||||
| app_unsafe.py:4:1:4:9 | aConstant | semmle.label | aConstant |
|
||||
| app_unsafe.py:4:13:4:23 | StringLiteral | semmle.label | StringLiteral |
|
||||
| app_unsafe.py:5:28:5:36 | aConstant | semmle.label | aConstant |
|
||||
| app_unsafe.py:6:18:6:26 | aConstant | semmle.label | aConstant |
|
||||
| app_unsafe.py:7:30:7:38 | aConstant | semmle.label | aConstant |
|
||||
| app_unsafe.py:8:36:8:44 | aConstant | semmle.label | aConstant |
|
||||
| config2.py:5:14:5:24 | StringLiteral | semmle.label | StringLiteral |
|
||||
| config.py:7:1:7:9 | aConstant | semmle.label | aConstant |
|
||||
| config.py:7:13:7:23 | StringLiteral | semmle.label | StringLiteral |
|
||||
| config.py:12:18:12:26 | aConstant | semmle.label | aConstant |
|
||||
| config.py:12:18:12:26 | aConstant | semmle.label | aConstant |
|
||||
| config.py:17:18:17:47 | After Attribute() | semmle.label | After Attribute() |
|
||||
| config.py:17:38:17:46 | aConstant | semmle.label | aConstant |
|
||||
| config.py:18:18:18:52 | After Attribute() | semmle.label | After Attribute() |
|
||||
| config.py:18:43:18:51 | aConstant | semmle.label | aConstant |
|
||||
subpaths
|
||||
#select
|
||||
| app_safe.py:5:28:5:37 | ControlFlowNode for StringLiteral | app_safe.py:5:28:5:37 | ControlFlowNode for StringLiteral | app_safe.py:5:28:5:37 | ControlFlowNode for StringLiteral | The SECRET_KEY config variable is assigned by $@. | app_safe.py:5:28:5:37 | ControlFlowNode for StringLiteral | this constant String |
|
||||
| app_unsafe.py:5:28:5:36 | ControlFlowNode for aConstant | app_unsafe.py:4:13:4:23 | ControlFlowNode for StringLiteral | app_unsafe.py:5:28:5:36 | ControlFlowNode for aConstant | The SECRET_KEY config variable is assigned by $@. | app_unsafe.py:4:13:4:23 | ControlFlowNode for StringLiteral | this constant String |
|
||||
| app_unsafe.py:6:18:6:26 | ControlFlowNode for aConstant | app_unsafe.py:4:13:4:23 | ControlFlowNode for StringLiteral | app_unsafe.py:6:18:6:26 | ControlFlowNode for aConstant | The SECRET_KEY config variable is assigned by $@. | app_unsafe.py:4:13:4:23 | ControlFlowNode for StringLiteral | this constant String |
|
||||
| app_unsafe.py:7:30:7:38 | ControlFlowNode for aConstant | app_unsafe.py:4:13:4:23 | ControlFlowNode for StringLiteral | app_unsafe.py:7:30:7:38 | ControlFlowNode for aConstant | The SECRET_KEY config variable is assigned by $@. | app_unsafe.py:4:13:4:23 | ControlFlowNode for StringLiteral | this constant String |
|
||||
| app_unsafe.py:8:36:8:44 | ControlFlowNode for aConstant | app_unsafe.py:4:13:4:23 | ControlFlowNode for StringLiteral | app_unsafe.py:8:36:8:44 | ControlFlowNode for aConstant | The SECRET_KEY config variable is assigned by $@. | app_unsafe.py:4:13:4:23 | ControlFlowNode for StringLiteral | this constant String |
|
||||
| config2.py:5:14:5:24 | ControlFlowNode for StringLiteral | config2.py:5:14:5:24 | ControlFlowNode for StringLiteral | config2.py:5:14:5:24 | ControlFlowNode for StringLiteral | The SECRET_KEY config variable is assigned by $@. | config2.py:5:14:5:24 | ControlFlowNode for StringLiteral | this constant String |
|
||||
| config.py:12:18:12:26 | ControlFlowNode for aConstant | config.py:7:13:7:23 | ControlFlowNode for StringLiteral | config.py:12:18:12:26 | ControlFlowNode for aConstant | The SECRET_KEY config variable is assigned by $@. | config.py:7:13:7:23 | ControlFlowNode for StringLiteral | this constant String |
|
||||
| config.py:17:18:17:47 | ControlFlowNode for Attribute() | config.py:7:13:7:23 | ControlFlowNode for StringLiteral | config.py:17:18:17:47 | ControlFlowNode for Attribute() | The SECRET_KEY config variable is assigned by $@. | config.py:7:13:7:23 | ControlFlowNode for StringLiteral | this constant String |
|
||||
| config.py:18:18:18:52 | ControlFlowNode for Attribute() | config.py:7:13:7:23 | ControlFlowNode for StringLiteral | config.py:18:18:18:52 | ControlFlowNode for Attribute() | The SECRET_KEY config variable is assigned by $@. | config.py:7:13:7:23 | ControlFlowNode for StringLiteral | this constant String |
|
||||
| app_safe.py:5:28:5:37 | StringLiteral | app_safe.py:5:28:5:37 | StringLiteral | app_safe.py:5:28:5:37 | StringLiteral | The SECRET_KEY config variable is assigned by $@. | app_safe.py:5:28:5:37 | StringLiteral | this constant String |
|
||||
| app_unsafe.py:5:28:5:36 | aConstant | app_unsafe.py:4:13:4:23 | StringLiteral | app_unsafe.py:5:28:5:36 | aConstant | The SECRET_KEY config variable is assigned by $@. | app_unsafe.py:4:13:4:23 | StringLiteral | this constant String |
|
||||
| app_unsafe.py:6:18:6:26 | aConstant | app_unsafe.py:4:13:4:23 | StringLiteral | app_unsafe.py:6:18:6:26 | aConstant | The SECRET_KEY config variable is assigned by $@. | app_unsafe.py:4:13:4:23 | StringLiteral | this constant String |
|
||||
| app_unsafe.py:7:30:7:38 | aConstant | app_unsafe.py:4:13:4:23 | StringLiteral | app_unsafe.py:7:30:7:38 | aConstant | The SECRET_KEY config variable is assigned by $@. | app_unsafe.py:4:13:4:23 | StringLiteral | this constant String |
|
||||
| app_unsafe.py:8:36:8:44 | aConstant | app_unsafe.py:4:13:4:23 | StringLiteral | app_unsafe.py:8:36:8:44 | aConstant | The SECRET_KEY config variable is assigned by $@. | app_unsafe.py:4:13:4:23 | StringLiteral | this constant String |
|
||||
| config2.py:5:14:5:24 | StringLiteral | config2.py:5:14:5:24 | StringLiteral | config2.py:5:14:5:24 | StringLiteral | The SECRET_KEY config variable is assigned by $@. | config2.py:5:14:5:24 | StringLiteral | this constant String |
|
||||
| config.py:12:18:12:26 | aConstant | config.py:7:13:7:23 | StringLiteral | config.py:12:18:12:26 | aConstant | The SECRET_KEY config variable is assigned by $@. | config.py:7:13:7:23 | StringLiteral | this constant String |
|
||||
| config.py:17:18:17:47 | After Attribute() | config.py:7:13:7:23 | StringLiteral | config.py:17:18:17:47 | After Attribute() | The SECRET_KEY config variable is assigned by $@. | config.py:7:13:7:23 | StringLiteral | this constant String |
|
||||
| config.py:18:18:18:52 | After Attribute() | config.py:7:13:7:23 | StringLiteral | config.py:18:18:18:52 | After Attribute() | The SECRET_KEY config variable is assigned by $@. | config.py:7:13:7:23 | StringLiteral | this constant String |
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
| auth_bad_2.py:19:5:19:42 | ControlFlowNode for Attribute() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_2.py:33:5:33:44 | ControlFlowNode for Attribute() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_2.py:47:5:47:43 | ControlFlowNode for Attribute() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_2.py:60:5:60:52 | ControlFlowNode for Attribute() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_2.py:73:5:73:39 | ControlFlowNode for Attribute() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_2.py:87:5:87:48 | ControlFlowNode for Attribute() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_3.py:19:12:19:43 | ControlFlowNode for Connection() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_3.py:33:12:33:57 | ControlFlowNode for Connection() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_3.py:46:12:46:55 | ControlFlowNode for Connection() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_3.py:60:12:60:42 | ControlFlowNode for Connection() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_2.py:19:5:19:42 | After Attribute() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_2.py:33:5:33:44 | After Attribute() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_2.py:47:5:47:43 | After Attribute() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_2.py:60:5:60:52 | After Attribute() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_2.py:73:5:73:39 | After Attribute() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_2.py:87:5:87:48 | After Attribute() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_3.py:19:12:19:43 | After Connection() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_3.py:33:12:33:57 | After Connection() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_3.py:46:12:46:55 | After Connection() | The following LDAP bind operation is executed without authentication. |
|
||||
| auth_bad_3.py:60:12:60:42 | After Connection() | The following LDAP bind operation is executed without authentication. |
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
edges
|
||||
nodes
|
||||
| InsecureRandomness.py:5:12:5:26 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| InsecureRandomness.py:5:12:5:26 | After Attribute() | semmle.label | After Attribute() |
|
||||
subpaths
|
||||
#select
|
||||
| InsecureRandomness.py:5:12:5:26 | ControlFlowNode for Attribute() | InsecureRandomness.py:5:12:5:26 | ControlFlowNode for Attribute() | InsecureRandomness.py:5:12:5:26 | ControlFlowNode for Attribute() | Cryptographically insecure $@ in a security context. | InsecureRandomness.py:5:12:5:26 | ControlFlowNode for Attribute() | random value |
|
||||
| InsecureRandomness.py:5:12:5:26 | After Attribute() | InsecureRandomness.py:5:12:5:26 | After Attribute() | InsecureRandomness.py:5:12:5:26 | After Attribute() | Cryptographically insecure $@ in a security context. | InsecureRandomness.py:5:12:5:26 | After Attribute() | random value |
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
edges
|
||||
| Cors.py:7:9:7:14 | ControlFlowNode for origin | Cors.py:8:12:8:17 | ControlFlowNode for origin | provenance | |
|
||||
| Cors.py:7:18:7:32 | ControlFlowNode for Attribute | Cors.py:7:18:7:52 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| Cors.py:7:18:7:32 | ControlFlowNode for Attribute | Cors.py:7:18:7:52 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| Cors.py:7:18:7:52 | ControlFlowNode for Attribute() | Cors.py:7:9:7:14 | ControlFlowNode for origin | provenance | |
|
||||
| Cors.py:7:9:7:14 | origin | Cors.py:8:12:8:17 | origin | provenance | |
|
||||
| Cors.py:7:18:7:32 | After Attribute | Cors.py:7:18:7:52 | After Attribute() | provenance | Config |
|
||||
| Cors.py:7:18:7:32 | After Attribute | Cors.py:7:18:7:52 | After Attribute() | provenance | dict.get |
|
||||
| Cors.py:7:18:7:52 | After Attribute() | Cors.py:7:9:7:14 | origin | provenance | |
|
||||
nodes
|
||||
| Cors.py:7:9:7:14 | ControlFlowNode for origin | semmle.label | ControlFlowNode for origin |
|
||||
| Cors.py:7:18:7:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| Cors.py:7:18:7:52 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| Cors.py:8:12:8:17 | ControlFlowNode for origin | semmle.label | ControlFlowNode for origin |
|
||||
| Cors.py:7:9:7:14 | origin | semmle.label | origin |
|
||||
| Cors.py:7:18:7:32 | After Attribute | semmle.label | After Attribute |
|
||||
| Cors.py:7:18:7:52 | After Attribute() | semmle.label | After Attribute() |
|
||||
| Cors.py:8:12:8:17 | origin | semmle.label | origin |
|
||||
subpaths
|
||||
#select
|
||||
| Cors.py:8:12:8:17 | ControlFlowNode for origin | Cors.py:7:18:7:32 | ControlFlowNode for Attribute | Cors.py:8:12:8:17 | ControlFlowNode for origin | Potentially incorrect string comparison which could lead to a CORS bypass. |
|
||||
| Cors.py:8:12:8:17 | origin | Cors.py:7:18:7:32 | After Attribute | Cors.py:8:12:8:17 | origin | Potentially incorrect string comparison which could lead to a CORS bypass. |
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
| authlib.py:11:1:11:39 | ControlFlowNode for Attribute() | This JWT encoding has an empty key. |
|
||||
| authlib.py:12:1:12:50 | ControlFlowNode for Attribute() | This JWT encoding has an empty key. |
|
||||
| pyjwt.py:10:1:10:29 | ControlFlowNode for Attribute() | This JWT encoding has an empty algorithm. |
|
||||
| pyjwt.py:10:1:10:29 | ControlFlowNode for Attribute() | This JWT encoding has an empty key. |
|
||||
| pyjwt.py:13:1:13:40 | ControlFlowNode for Attribute() | This JWT encoding has an empty key. |
|
||||
| pyjwt.py:14:1:14:44 | ControlFlowNode for Attribute() | This JWT encoding has an empty key. |
|
||||
| python_jose.py:10:1:10:40 | ControlFlowNode for Attribute() | This JWT encoding has an empty key. |
|
||||
| python_jose.py:11:1:11:44 | ControlFlowNode for Attribute() | This JWT encoding has an empty key. |
|
||||
| authlib.py:11:1:11:39 | After Attribute() | This JWT encoding has an empty key. |
|
||||
| authlib.py:12:1:12:50 | After Attribute() | This JWT encoding has an empty key. |
|
||||
| pyjwt.py:10:1:10:29 | After Attribute() | This JWT encoding has an empty algorithm. |
|
||||
| pyjwt.py:10:1:10:29 | After Attribute() | This JWT encoding has an empty key. |
|
||||
| pyjwt.py:13:1:13:40 | After Attribute() | This JWT encoding has an empty key. |
|
||||
| pyjwt.py:14:1:14:44 | After Attribute() | This JWT encoding has an empty key. |
|
||||
| python_jose.py:10:1:10:40 | After Attribute() | This JWT encoding has an empty key. |
|
||||
| python_jose.py:11:1:11:44 | After Attribute() | This JWT encoding has an empty key. |
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
| pyjwt.py:22:12:22:16 | ControlFlowNode for token | is not verified with a cryptographic secret or public key. |
|
||||
| pyjwt.py:23:12:23:16 | ControlFlowNode for token | is not verified with a cryptographic secret or public key. |
|
||||
| python_jose.py:19:12:19:16 | ControlFlowNode for token | is not verified with a cryptographic secret or public key. |
|
||||
| python_jwt.py:14:28:14:32 | ControlFlowNode for token | is not verified with a cryptographic secret or public key. |
|
||||
| pyjwt.py:22:12:22:16 | token | is not verified with a cryptographic secret or public key. |
|
||||
| pyjwt.py:23:12:23:16 | token | is not verified with a cryptographic secret or public key. |
|
||||
| python_jose.py:19:12:19:16 | token | is not verified with a cryptographic secret or public key. |
|
||||
| python_jwt.py:14:28:14:32 | token | is not verified with a cryptographic secret or public key. |
|
||||
|
||||
@@ -1,22 +1,22 @@
|
||||
edges
|
||||
| flask_bad.py:13:5:13:13 | ControlFlowNode for client_ip | flask_bad.py:14:12:14:20 | ControlFlowNode for client_ip | provenance | |
|
||||
| flask_bad.py:13:17:13:54 | ControlFlowNode for Attribute() | flask_bad.py:13:5:13:13 | ControlFlowNode for client_ip | provenance | |
|
||||
| flask_bad.py:20:5:20:13 | ControlFlowNode for client_ip | flask_bad.py:21:12:21:20 | ControlFlowNode for client_ip | provenance | |
|
||||
| flask_bad.py:20:17:20:54 | ControlFlowNode for Attribute() | flask_bad.py:20:5:20:13 | ControlFlowNode for client_ip | provenance | |
|
||||
| tornado_bad.py:22:13:22:21 | ControlFlowNode for client_ip | tornado_bad.py:23:16:23:24 | ControlFlowNode for client_ip | provenance | |
|
||||
| tornado_bad.py:22:25:22:69 | ControlFlowNode for Attribute() | tornado_bad.py:22:13:22:21 | ControlFlowNode for client_ip | provenance | |
|
||||
| flask_bad.py:13:5:13:13 | client_ip | flask_bad.py:14:12:14:20 | client_ip | provenance | |
|
||||
| flask_bad.py:13:17:13:54 | After Attribute() | flask_bad.py:13:5:13:13 | client_ip | provenance | |
|
||||
| flask_bad.py:20:5:20:13 | client_ip | flask_bad.py:21:12:21:20 | client_ip | provenance | |
|
||||
| flask_bad.py:20:17:20:54 | After Attribute() | flask_bad.py:20:5:20:13 | client_ip | provenance | |
|
||||
| tornado_bad.py:22:13:22:21 | client_ip | tornado_bad.py:23:16:23:24 | client_ip | provenance | |
|
||||
| tornado_bad.py:22:25:22:69 | After Attribute() | tornado_bad.py:22:13:22:21 | client_ip | provenance | |
|
||||
nodes
|
||||
| flask_bad.py:13:5:13:13 | ControlFlowNode for client_ip | semmle.label | ControlFlowNode for client_ip |
|
||||
| flask_bad.py:13:17:13:54 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_bad.py:14:12:14:20 | ControlFlowNode for client_ip | semmle.label | ControlFlowNode for client_ip |
|
||||
| flask_bad.py:20:5:20:13 | ControlFlowNode for client_ip | semmle.label | ControlFlowNode for client_ip |
|
||||
| flask_bad.py:20:17:20:54 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_bad.py:21:12:21:20 | ControlFlowNode for client_ip | semmle.label | ControlFlowNode for client_ip |
|
||||
| tornado_bad.py:22:13:22:21 | ControlFlowNode for client_ip | semmle.label | ControlFlowNode for client_ip |
|
||||
| tornado_bad.py:22:25:22:69 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| tornado_bad.py:23:16:23:24 | ControlFlowNode for client_ip | semmle.label | ControlFlowNode for client_ip |
|
||||
| flask_bad.py:13:5:13:13 | client_ip | semmle.label | client_ip |
|
||||
| flask_bad.py:13:17:13:54 | After Attribute() | semmle.label | After Attribute() |
|
||||
| flask_bad.py:14:12:14:20 | client_ip | semmle.label | client_ip |
|
||||
| flask_bad.py:20:5:20:13 | client_ip | semmle.label | client_ip |
|
||||
| flask_bad.py:20:17:20:54 | After Attribute() | semmle.label | After Attribute() |
|
||||
| flask_bad.py:21:12:21:20 | client_ip | semmle.label | client_ip |
|
||||
| tornado_bad.py:22:13:22:21 | client_ip | semmle.label | client_ip |
|
||||
| tornado_bad.py:22:25:22:69 | After Attribute() | semmle.label | After Attribute() |
|
||||
| tornado_bad.py:23:16:23:24 | client_ip | semmle.label | client_ip |
|
||||
subpaths
|
||||
#select
|
||||
| flask_bad.py:14:12:14:20 | ControlFlowNode for client_ip | flask_bad.py:13:17:13:54 | ControlFlowNode for Attribute() | flask_bad.py:14:12:14:20 | ControlFlowNode for client_ip | IP address spoofing might include code from $@. | flask_bad.py:13:17:13:54 | ControlFlowNode for Attribute() | this user input |
|
||||
| flask_bad.py:21:12:21:20 | ControlFlowNode for client_ip | flask_bad.py:20:17:20:54 | ControlFlowNode for Attribute() | flask_bad.py:21:12:21:20 | ControlFlowNode for client_ip | IP address spoofing might include code from $@. | flask_bad.py:20:17:20:54 | ControlFlowNode for Attribute() | this user input |
|
||||
| tornado_bad.py:23:16:23:24 | ControlFlowNode for client_ip | tornado_bad.py:22:25:22:69 | ControlFlowNode for Attribute() | tornado_bad.py:23:16:23:24 | ControlFlowNode for client_ip | IP address spoofing might include code from $@. | tornado_bad.py:22:25:22:69 | ControlFlowNode for Attribute() | this user input |
|
||||
| flask_bad.py:14:12:14:20 | client_ip | flask_bad.py:13:17:13:54 | After Attribute() | flask_bad.py:14:12:14:20 | client_ip | IP address spoofing might include code from $@. | flask_bad.py:13:17:13:54 | After Attribute() | this user input |
|
||||
| flask_bad.py:21:12:21:20 | client_ip | flask_bad.py:20:17:20:54 | After Attribute() | flask_bad.py:21:12:21:20 | client_ip | IP address spoofing might include code from $@. | flask_bad.py:20:17:20:54 | After Attribute() | this user input |
|
||||
| tornado_bad.py:23:16:23:24 | client_ip | tornado_bad.py:22:25:22:69 | After Attribute() | tornado_bad.py:23:16:23:24 | client_ip | IP address spoofing might include code from $@. | tornado_bad.py:22:25:22:69 | After Attribute() | this user input |
|
||||
|
||||
@@ -1,126 +1,126 @@
|
||||
#select
|
||||
| test.py:11:5:11:52 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:11:5:11:52 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:12:5:12:48 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:12:5:12:48 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:15:14:15:29 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:15:14:15:29 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:19:14:19:39 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:19:14:19:39 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:22:5:22:60 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:22:5:22:60 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:24:5:24:52 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:24:5:24:52 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:25:5:25:55 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:25:5:25:55 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:26:5:26:57 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:26:5:26:57 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:27:5:27:50 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:27:5:27:50 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:28:5:28:60 | ControlFlowNode for Attribute() | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:28:5:28:60 | ControlFlowNode for Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:35:27:35:35 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:35:27:35:35 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:39:15:39:23 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:39:15:39:23 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:40:19:40:27 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:40:19:40:27 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:44:14:44:22 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:44:14:44:22 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:45:17:45:25 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:45:17:45:25 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:49:15:49:23 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:49:15:49:23 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:50:19:50:27 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:50:19:50:27 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:54:15:54:23 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:54:15:54:23 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:55:19:55:27 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:55:19:55:27 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:59:40:59:48 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:59:40:59:48 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:61:23:61:31 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:61:23:61:31 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:62:21:62:29 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:62:21:62:29 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:64:40:64:48 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:64:40:64:48 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:65:22:65:30 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:65:22:65:30 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:66:21:66:29 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:66:21:66:29 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:67:42:67:50 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:67:42:67:50 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:68:23:68:31 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:68:23:68:31 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:69:36:69:44 | ControlFlowNode for file_path | test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:69:36:69:44 | ControlFlowNode for file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | ControlFlowNode for file_path | depends on this user controlled data |
|
||||
| test.py:11:5:11:52 | After Attribute() | test.py:10:16:10:24 | file_path | test.py:11:5:11:52 | After Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:12:5:12:48 | After Attribute() | test.py:10:16:10:24 | file_path | test.py:12:5:12:48 | After Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:15:14:15:29 | After Attribute() | test.py:10:16:10:24 | file_path | test.py:15:14:15:29 | After Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:19:14:19:39 | After Attribute() | test.py:10:16:10:24 | file_path | test.py:19:14:19:39 | After Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:22:5:22:60 | After Attribute() | test.py:10:16:10:24 | file_path | test.py:22:5:22:60 | After Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:24:5:24:52 | After Attribute() | test.py:10:16:10:24 | file_path | test.py:24:5:24:52 | After Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:25:5:25:55 | After Attribute() | test.py:10:16:10:24 | file_path | test.py:25:5:25:55 | After Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:26:5:26:57 | After Attribute() | test.py:10:16:10:24 | file_path | test.py:26:5:26:57 | After Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:27:5:27:50 | After Attribute() | test.py:10:16:10:24 | file_path | test.py:27:5:27:50 | After Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:28:5:28:60 | After Attribute() | test.py:10:16:10:24 | file_path | test.py:28:5:28:60 | After Attribute() | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:35:27:35:35 | file_path | test.py:10:16:10:24 | file_path | test.py:35:27:35:35 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:39:15:39:23 | file_path | test.py:10:16:10:24 | file_path | test.py:39:15:39:23 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:40:19:40:27 | file_path | test.py:10:16:10:24 | file_path | test.py:40:19:40:27 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:44:14:44:22 | file_path | test.py:10:16:10:24 | file_path | test.py:44:14:44:22 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:45:17:45:25 | file_path | test.py:10:16:10:24 | file_path | test.py:45:17:45:25 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:49:15:49:23 | file_path | test.py:10:16:10:24 | file_path | test.py:49:15:49:23 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:50:19:50:27 | file_path | test.py:10:16:10:24 | file_path | test.py:50:19:50:27 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:54:15:54:23 | file_path | test.py:10:16:10:24 | file_path | test.py:54:15:54:23 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:55:19:55:27 | file_path | test.py:10:16:10:24 | file_path | test.py:55:19:55:27 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:59:40:59:48 | file_path | test.py:10:16:10:24 | file_path | test.py:59:40:59:48 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:61:23:61:31 | file_path | test.py:10:16:10:24 | file_path | test.py:61:23:61:31 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:62:21:62:29 | file_path | test.py:10:16:10:24 | file_path | test.py:62:21:62:29 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:64:40:64:48 | file_path | test.py:10:16:10:24 | file_path | test.py:64:40:64:48 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:65:22:65:30 | file_path | test.py:10:16:10:24 | file_path | test.py:65:22:65:30 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:66:21:66:29 | file_path | test.py:10:16:10:24 | file_path | test.py:66:21:66:29 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:67:42:67:50 | file_path | test.py:10:16:10:24 | file_path | test.py:67:42:67:50 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:68:23:68:31 | file_path | test.py:10:16:10:24 | file_path | test.py:68:23:68:31 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
| test.py:69:36:69:44 | file_path | test.py:10:16:10:24 | file_path | test.py:69:36:69:44 | file_path | This uncontrolled file extraction is $@. | test.py:10:16:10:24 | file_path | depends on this user controlled data |
|
||||
edges
|
||||
| test.py:10:16:10:24 | ControlFlowNode for file_path | test.py:11:21:11:29 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:11:5:11:35 | ControlFlowNode for Attribute() | test.py:11:5:11:52 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:11:21:11:29 | ControlFlowNode for file_path | test.py:11:5:11:35 | ControlFlowNode for Attribute() | provenance | MaD:1 |
|
||||
| test.py:11:21:11:29 | ControlFlowNode for file_path | test.py:11:5:11:52 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:11:21:11:29 | ControlFlowNode for file_path | test.py:12:21:12:29 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:12:5:12:35 | ControlFlowNode for Attribute() | test.py:12:5:12:48 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:12:21:12:29 | ControlFlowNode for file_path | test.py:12:5:12:35 | ControlFlowNode for Attribute() | provenance | MaD:1 |
|
||||
| test.py:12:21:12:29 | ControlFlowNode for file_path | test.py:12:5:12:48 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:12:21:12:29 | ControlFlowNode for file_path | test.py:14:26:14:34 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:14:10:14:35 | ControlFlowNode for Attribute() | test.py:15:14:15:29 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:14:26:14:34 | ControlFlowNode for file_path | test.py:14:10:14:35 | ControlFlowNode for Attribute() | provenance | MaD:1 |
|
||||
| test.py:14:26:14:34 | ControlFlowNode for file_path | test.py:15:14:15:29 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:14:26:14:34 | ControlFlowNode for file_path | test.py:18:26:18:34 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:18:10:18:35 | ControlFlowNode for Attribute() | test.py:19:14:19:39 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:18:26:18:34 | ControlFlowNode for file_path | test.py:18:10:18:35 | ControlFlowNode for Attribute() | provenance | MaD:1 |
|
||||
| test.py:18:26:18:34 | ControlFlowNode for file_path | test.py:19:14:19:39 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:18:26:18:34 | ControlFlowNode for file_path | test.py:22:21:22:29 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:22:5:22:30 | ControlFlowNode for Attribute() | test.py:22:5:22:60 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:22:21:22:29 | ControlFlowNode for file_path | test.py:22:5:22:30 | ControlFlowNode for Attribute() | provenance | MaD:1 |
|
||||
| test.py:22:21:22:29 | ControlFlowNode for file_path | test.py:22:5:22:60 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:22:21:22:29 | ControlFlowNode for file_path | test.py:24:18:24:26 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:24:18:24:26 | ControlFlowNode for file_path | test.py:24:5:24:52 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:24:18:24:26 | ControlFlowNode for file_path | test.py:25:26:25:34 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:25:26:25:34 | ControlFlowNode for file_path | test.py:25:5:25:55 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:25:26:25:34 | ControlFlowNode for file_path | test.py:26:28:26:36 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:26:28:26:36 | ControlFlowNode for file_path | test.py:26:5:26:57 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:26:28:26:36 | ControlFlowNode for file_path | test.py:27:28:27:36 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:27:28:27:36 | ControlFlowNode for file_path | test.py:27:5:27:50 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:27:28:27:36 | ControlFlowNode for file_path | test.py:28:26:28:34 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:28:5:28:60 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:35:27:35:35 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:39:15:39:23 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:40:19:40:27 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:44:14:44:22 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:45:17:45:25 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:49:15:49:23 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:50:19:50:27 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:54:15:54:23 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:55:19:55:27 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:59:40:59:48 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:61:23:61:31 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:62:21:62:29 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:64:40:64:48 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:65:22:65:30 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:66:21:66:29 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:67:42:67:50 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:68:23:68:31 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | test.py:69:36:69:44 | ControlFlowNode for file_path | provenance | |
|
||||
| test.py:10:16:10:24 | file_path | test.py:11:21:11:29 | file_path | provenance | |
|
||||
| test.py:11:5:11:35 | After Attribute() | test.py:11:5:11:52 | After Attribute() | provenance | Config |
|
||||
| test.py:11:21:11:29 | file_path | test.py:11:5:11:35 | After Attribute() | provenance | MaD:1 |
|
||||
| test.py:11:21:11:29 | file_path | test.py:11:5:11:52 | After Attribute() | provenance | Config |
|
||||
| test.py:11:21:11:29 | file_path | test.py:12:21:12:29 | file_path | provenance | |
|
||||
| test.py:12:5:12:35 | After Attribute() | test.py:12:5:12:48 | After Attribute() | provenance | Config |
|
||||
| test.py:12:21:12:29 | file_path | test.py:12:5:12:35 | After Attribute() | provenance | MaD:1 |
|
||||
| test.py:12:21:12:29 | file_path | test.py:12:5:12:48 | After Attribute() | provenance | Config |
|
||||
| test.py:12:21:12:29 | file_path | test.py:14:26:14:34 | file_path | provenance | |
|
||||
| test.py:14:10:14:35 | After Attribute() | test.py:15:14:15:29 | After Attribute() | provenance | Config |
|
||||
| test.py:14:26:14:34 | file_path | test.py:14:10:14:35 | After Attribute() | provenance | MaD:1 |
|
||||
| test.py:14:26:14:34 | file_path | test.py:15:14:15:29 | After Attribute() | provenance | Config |
|
||||
| test.py:14:26:14:34 | file_path | test.py:18:26:18:34 | file_path | provenance | |
|
||||
| test.py:18:10:18:35 | After Attribute() | test.py:19:14:19:39 | After Attribute() | provenance | Config |
|
||||
| test.py:18:26:18:34 | file_path | test.py:18:10:18:35 | After Attribute() | provenance | MaD:1 |
|
||||
| test.py:18:26:18:34 | file_path | test.py:19:14:19:39 | After Attribute() | provenance | Config |
|
||||
| test.py:18:26:18:34 | file_path | test.py:22:21:22:29 | file_path | provenance | |
|
||||
| test.py:22:5:22:30 | After Attribute() | test.py:22:5:22:60 | After Attribute() | provenance | Config |
|
||||
| test.py:22:21:22:29 | file_path | test.py:22:5:22:30 | After Attribute() | provenance | MaD:1 |
|
||||
| test.py:22:21:22:29 | file_path | test.py:22:5:22:60 | After Attribute() | provenance | Config |
|
||||
| test.py:22:21:22:29 | file_path | test.py:24:18:24:26 | file_path | provenance | |
|
||||
| test.py:24:18:24:26 | file_path | test.py:24:5:24:52 | After Attribute() | provenance | Config |
|
||||
| test.py:24:18:24:26 | file_path | test.py:25:26:25:34 | file_path | provenance | |
|
||||
| test.py:25:26:25:34 | file_path | test.py:25:5:25:55 | After Attribute() | provenance | Config |
|
||||
| test.py:25:26:25:34 | file_path | test.py:26:28:26:36 | file_path | provenance | |
|
||||
| test.py:26:28:26:36 | file_path | test.py:26:5:26:57 | After Attribute() | provenance | Config |
|
||||
| test.py:26:28:26:36 | file_path | test.py:27:28:27:36 | file_path | provenance | |
|
||||
| test.py:27:28:27:36 | file_path | test.py:27:5:27:50 | After Attribute() | provenance | Config |
|
||||
| test.py:27:28:27:36 | file_path | test.py:28:26:28:34 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:28:5:28:60 | After Attribute() | provenance | Config |
|
||||
| test.py:28:26:28:34 | file_path | test.py:35:27:35:35 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:39:15:39:23 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:40:19:40:27 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:44:14:44:22 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:45:17:45:25 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:49:15:49:23 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:50:19:50:27 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:54:15:54:23 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:55:19:55:27 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:59:40:59:48 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:61:23:61:31 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:62:21:62:29 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:64:40:64:48 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:65:22:65:30 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:66:21:66:29 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:67:42:67:50 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:68:23:68:31 | file_path | provenance | |
|
||||
| test.py:28:26:28:34 | file_path | test.py:69:36:69:44 | file_path | provenance | |
|
||||
models
|
||||
| 1 | Summary: zipfile.ZipFile!; Subclass.Call; Argument[0,file:]; ReturnValue; taint |
|
||||
nodes
|
||||
| test.py:10:16:10:24 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:11:5:11:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:11:5:11:52 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:11:21:11:29 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:12:5:12:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:12:5:12:48 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:12:21:12:29 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:14:10:14:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:14:26:14:34 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:15:14:15:29 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:18:10:18:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:18:26:18:34 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:19:14:19:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:22:5:22:30 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:22:5:22:60 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:22:21:22:29 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:24:5:24:52 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:24:18:24:26 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:25:5:25:55 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:25:26:25:34 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:26:5:26:57 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:26:28:26:36 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:27:5:27:50 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:27:28:27:36 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:28:5:28:60 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:28:26:28:34 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:35:27:35:35 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:39:15:39:23 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:40:19:40:27 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:44:14:44:22 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:45:17:45:25 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:49:15:49:23 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:50:19:50:27 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:54:15:54:23 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:55:19:55:27 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:59:40:59:48 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:61:23:61:31 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:62:21:62:29 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:64:40:64:48 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:65:22:65:30 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:66:21:66:29 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:67:42:67:50 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:68:23:68:31 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:69:36:69:44 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| test.py:10:16:10:24 | file_path | semmle.label | file_path |
|
||||
| test.py:11:5:11:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:11:5:11:52 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:11:21:11:29 | file_path | semmle.label | file_path |
|
||||
| test.py:12:5:12:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:12:5:12:48 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:12:21:12:29 | file_path | semmle.label | file_path |
|
||||
| test.py:14:10:14:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:14:26:14:34 | file_path | semmle.label | file_path |
|
||||
| test.py:15:14:15:29 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:18:10:18:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:18:26:18:34 | file_path | semmle.label | file_path |
|
||||
| test.py:19:14:19:39 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:22:5:22:30 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:22:5:22:60 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:22:21:22:29 | file_path | semmle.label | file_path |
|
||||
| test.py:24:5:24:52 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:24:18:24:26 | file_path | semmle.label | file_path |
|
||||
| test.py:25:5:25:55 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:25:26:25:34 | file_path | semmle.label | file_path |
|
||||
| test.py:26:5:26:57 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:26:28:26:36 | file_path | semmle.label | file_path |
|
||||
| test.py:27:5:27:50 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:27:28:27:36 | file_path | semmle.label | file_path |
|
||||
| test.py:28:5:28:60 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:28:26:28:34 | file_path | semmle.label | file_path |
|
||||
| test.py:35:27:35:35 | file_path | semmle.label | file_path |
|
||||
| test.py:39:15:39:23 | file_path | semmle.label | file_path |
|
||||
| test.py:40:19:40:27 | file_path | semmle.label | file_path |
|
||||
| test.py:44:14:44:22 | file_path | semmle.label | file_path |
|
||||
| test.py:45:17:45:25 | file_path | semmle.label | file_path |
|
||||
| test.py:49:15:49:23 | file_path | semmle.label | file_path |
|
||||
| test.py:50:19:50:27 | file_path | semmle.label | file_path |
|
||||
| test.py:54:15:54:23 | file_path | semmle.label | file_path |
|
||||
| test.py:55:19:55:27 | file_path | semmle.label | file_path |
|
||||
| test.py:59:40:59:48 | file_path | semmle.label | file_path |
|
||||
| test.py:61:23:61:31 | file_path | semmle.label | file_path |
|
||||
| test.py:62:21:62:29 | file_path | semmle.label | file_path |
|
||||
| test.py:64:40:64:48 | file_path | semmle.label | file_path |
|
||||
| test.py:65:22:65:30 | file_path | semmle.label | file_path |
|
||||
| test.py:66:21:66:29 | file_path | semmle.label | file_path |
|
||||
| test.py:67:42:67:50 | file_path | semmle.label | file_path |
|
||||
| test.py:68:23:68:31 | file_path | semmle.label | file_path |
|
||||
| test.py:69:36:69:44 | file_path | semmle.label | file_path |
|
||||
subpaths
|
||||
|
||||
@@ -1,36 +1,36 @@
|
||||
edges
|
||||
| ldap3_remote.py:2:19:2:25 | ControlFlowNode for ImportMember | ldap3_remote.py:2:19:2:25 | ControlFlowNode for request | provenance | |
|
||||
| ldap3_remote.py:2:19:2:25 | ControlFlowNode for request | ldap3_remote.py:138:21:138:27 | ControlFlowNode for request | provenance | |
|
||||
| ldap3_remote.py:101:5:101:8 | ControlFlowNode for host | ldap3_remote.py:102:18:102:21 | ControlFlowNode for host | provenance | |
|
||||
| ldap3_remote.py:101:12:101:49 | ControlFlowNode for BinaryExpr | ldap3_remote.py:101:5:101:8 | ControlFlowNode for host | provenance | |
|
||||
| ldap3_remote.py:114:5:114:8 | ControlFlowNode for host | ldap3_remote.py:115:18:115:21 | ControlFlowNode for host | provenance | |
|
||||
| ldap3_remote.py:114:12:114:49 | ControlFlowNode for BinaryExpr | ldap3_remote.py:114:5:114:8 | ControlFlowNode for host | provenance | |
|
||||
| ldap3_remote.py:126:5:126:8 | ControlFlowNode for host | ldap3_remote.py:127:18:127:21 | ControlFlowNode for host | provenance | |
|
||||
| ldap3_remote.py:126:12:126:31 | ControlFlowNode for BinaryExpr | ldap3_remote.py:126:5:126:8 | ControlFlowNode for host | provenance | |
|
||||
| ldap3_remote.py:138:5:138:8 | ControlFlowNode for host | ldap3_remote.py:139:18:139:21 | ControlFlowNode for host | provenance | |
|
||||
| ldap3_remote.py:138:21:138:27 | ControlFlowNode for request | ldap3_remote.py:138:5:138:8 | ControlFlowNode for host | provenance | AdditionalTaintStep |
|
||||
| ldap3_remote.py:2:19:2:25 | After ImportMember | ldap3_remote.py:2:19:2:25 | request | provenance | |
|
||||
| ldap3_remote.py:2:19:2:25 | request | ldap3_remote.py:138:21:138:27 | request | provenance | |
|
||||
| ldap3_remote.py:101:5:101:8 | host | ldap3_remote.py:102:18:102:21 | host | provenance | |
|
||||
| ldap3_remote.py:101:12:101:49 | After BinaryExpr | ldap3_remote.py:101:5:101:8 | host | provenance | |
|
||||
| ldap3_remote.py:114:5:114:8 | host | ldap3_remote.py:115:18:115:21 | host | provenance | |
|
||||
| ldap3_remote.py:114:12:114:49 | After BinaryExpr | ldap3_remote.py:114:5:114:8 | host | provenance | |
|
||||
| ldap3_remote.py:126:5:126:8 | host | ldap3_remote.py:127:18:127:21 | host | provenance | |
|
||||
| ldap3_remote.py:126:12:126:31 | After BinaryExpr | ldap3_remote.py:126:5:126:8 | host | provenance | |
|
||||
| ldap3_remote.py:138:5:138:8 | host | ldap3_remote.py:139:18:139:21 | host | provenance | |
|
||||
| ldap3_remote.py:138:21:138:27 | request | ldap3_remote.py:138:5:138:8 | host | provenance | AdditionalTaintStep |
|
||||
nodes
|
||||
| ldap2_remote.py:45:41:45:60 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| ldap2_remote.py:56:41:56:60 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| ldap3_remote.py:2:19:2:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| ldap3_remote.py:2:19:2:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap3_remote.py:101:5:101:8 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| ldap3_remote.py:101:12:101:49 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| ldap3_remote.py:102:18:102:21 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| ldap3_remote.py:114:5:114:8 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| ldap3_remote.py:114:12:114:49 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| ldap3_remote.py:115:18:115:21 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| ldap3_remote.py:126:5:126:8 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| ldap3_remote.py:126:12:126:31 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| ldap3_remote.py:127:18:127:21 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| ldap3_remote.py:138:5:138:8 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| ldap3_remote.py:138:21:138:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap3_remote.py:139:18:139:21 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| ldap2_remote.py:45:41:45:60 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| ldap2_remote.py:56:41:56:60 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| ldap3_remote.py:2:19:2:25 | After ImportMember | semmle.label | After ImportMember |
|
||||
| ldap3_remote.py:2:19:2:25 | request | semmle.label | request |
|
||||
| ldap3_remote.py:101:5:101:8 | host | semmle.label | host |
|
||||
| ldap3_remote.py:101:12:101:49 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| ldap3_remote.py:102:18:102:21 | host | semmle.label | host |
|
||||
| ldap3_remote.py:114:5:114:8 | host | semmle.label | host |
|
||||
| ldap3_remote.py:114:12:114:49 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| ldap3_remote.py:115:18:115:21 | host | semmle.label | host |
|
||||
| ldap3_remote.py:126:5:126:8 | host | semmle.label | host |
|
||||
| ldap3_remote.py:126:12:126:31 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| ldap3_remote.py:127:18:127:21 | host | semmle.label | host |
|
||||
| ldap3_remote.py:138:5:138:8 | host | semmle.label | host |
|
||||
| ldap3_remote.py:138:21:138:27 | request | semmle.label | request |
|
||||
| ldap3_remote.py:139:18:139:21 | host | semmle.label | host |
|
||||
subpaths
|
||||
#select
|
||||
| ldap2_remote.py:45:41:45:60 | ControlFlowNode for BinaryExpr | ldap2_remote.py:45:41:45:60 | ControlFlowNode for BinaryExpr | ldap2_remote.py:45:41:45:60 | ControlFlowNode for BinaryExpr | This LDAP host is authenticated insecurely. |
|
||||
| ldap2_remote.py:56:41:56:60 | ControlFlowNode for BinaryExpr | ldap2_remote.py:56:41:56:60 | ControlFlowNode for BinaryExpr | ldap2_remote.py:56:41:56:60 | ControlFlowNode for BinaryExpr | This LDAP host is authenticated insecurely. |
|
||||
| ldap3_remote.py:102:18:102:21 | ControlFlowNode for host | ldap3_remote.py:101:12:101:49 | ControlFlowNode for BinaryExpr | ldap3_remote.py:102:18:102:21 | ControlFlowNode for host | This LDAP host is authenticated insecurely. |
|
||||
| ldap3_remote.py:115:18:115:21 | ControlFlowNode for host | ldap3_remote.py:114:12:114:49 | ControlFlowNode for BinaryExpr | ldap3_remote.py:115:18:115:21 | ControlFlowNode for host | This LDAP host is authenticated insecurely. |
|
||||
| ldap3_remote.py:127:18:127:21 | ControlFlowNode for host | ldap3_remote.py:126:12:126:31 | ControlFlowNode for BinaryExpr | ldap3_remote.py:127:18:127:21 | ControlFlowNode for host | This LDAP host is authenticated insecurely. |
|
||||
| ldap3_remote.py:139:18:139:21 | ControlFlowNode for host | ldap3_remote.py:2:19:2:25 | ControlFlowNode for ImportMember | ldap3_remote.py:139:18:139:21 | ControlFlowNode for host | This LDAP host is authenticated insecurely. |
|
||||
| ldap2_remote.py:45:41:45:60 | After BinaryExpr | ldap2_remote.py:45:41:45:60 | After BinaryExpr | ldap2_remote.py:45:41:45:60 | After BinaryExpr | This LDAP host is authenticated insecurely. |
|
||||
| ldap2_remote.py:56:41:56:60 | After BinaryExpr | ldap2_remote.py:56:41:56:60 | After BinaryExpr | ldap2_remote.py:56:41:56:60 | After BinaryExpr | This LDAP host is authenticated insecurely. |
|
||||
| ldap3_remote.py:102:18:102:21 | host | ldap3_remote.py:101:12:101:49 | After BinaryExpr | ldap3_remote.py:102:18:102:21 | host | This LDAP host is authenticated insecurely. |
|
||||
| ldap3_remote.py:115:18:115:21 | host | ldap3_remote.py:114:12:114:49 | After BinaryExpr | ldap3_remote.py:115:18:115:21 | host | This LDAP host is authenticated insecurely. |
|
||||
| ldap3_remote.py:127:18:127:21 | host | ldap3_remote.py:126:12:126:31 | After BinaryExpr | ldap3_remote.py:127:18:127:21 | host | This LDAP host is authenticated insecurely. |
|
||||
| ldap3_remote.py:139:18:139:21 | host | ldap3_remote.py:2:19:2:25 | After ImportMember | ldap3_remote.py:139:18:139:21 | host | This LDAP host is authenticated insecurely. |
|
||||
|
||||
@@ -1 +1 @@
|
||||
| xmlrpc_server.py:7:10:7:48 | ControlFlowNode for SimpleXMLRPCServer() | SimpleXMLRPCServer is vulnerable to XML bombs. |
|
||||
| xmlrpc_server.py:7:10:7:48 | After SimpleXMLRPCServer() | SimpleXMLRPCServer is vulnerable to XML bombs. |
|
||||
|
||||
@@ -1,73 +1,73 @@
|
||||
edges
|
||||
| tests.py:1:35:1:41 | ControlFlowNode for ImportMember | tests.py:1:35:1:41 | ControlFlowNode for request | provenance | |
|
||||
| tests.py:1:35:1:41 | ControlFlowNode for request | tests.py:12:17:12:23 | ControlFlowNode for request | provenance | |
|
||||
| tests.py:1:35:1:41 | ControlFlowNode for request | tests.py:24:9:24:15 | ControlFlowNode for request | provenance | |
|
||||
| tests.py:1:35:1:41 | ControlFlowNode for request | tests.py:36:9:36:15 | ControlFlowNode for request | provenance | |
|
||||
| tests.py:1:35:1:41 | ControlFlowNode for request | tests.py:48:9:48:15 | ControlFlowNode for request | provenance | |
|
||||
| tests.py:1:35:1:41 | ControlFlowNode for request | tests.py:60:9:60:15 | ControlFlowNode for request | provenance | |
|
||||
| tests.py:1:35:1:41 | ControlFlowNode for request | tests.py:72:9:72:15 | ControlFlowNode for request | provenance | |
|
||||
| tests.py:12:5:12:13 | ControlFlowNode for file_path | tests.py:16:39:16:47 | ControlFlowNode for file_path | provenance | |
|
||||
| tests.py:12:17:12:23 | ControlFlowNode for request | tests.py:12:17:12:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| tests.py:12:17:12:28 | ControlFlowNode for Attribute | tests.py:12:17:12:49 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| tests.py:12:17:12:49 | ControlFlowNode for Attribute() | tests.py:12:5:12:13 | ControlFlowNode for file_path | provenance | |
|
||||
| tests.py:24:5:24:5 | ControlFlowNode for r | tests.py:28:43:28:43 | ControlFlowNode for r | provenance | |
|
||||
| tests.py:24:9:24:15 | ControlFlowNode for request | tests.py:24:9:24:20 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| tests.py:24:9:24:20 | ControlFlowNode for Attribute | tests.py:24:9:24:33 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| tests.py:24:9:24:33 | ControlFlowNode for Attribute() | tests.py:24:5:24:5 | ControlFlowNode for r | provenance | |
|
||||
| tests.py:36:5:36:5 | ControlFlowNode for r | tests.py:40:43:40:43 | ControlFlowNode for r | provenance | |
|
||||
| tests.py:36:9:36:15 | ControlFlowNode for request | tests.py:36:9:36:20 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| tests.py:36:9:36:20 | ControlFlowNode for Attribute | tests.py:36:9:36:33 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| tests.py:36:9:36:33 | ControlFlowNode for Attribute() | tests.py:36:5:36:5 | ControlFlowNode for r | provenance | |
|
||||
| tests.py:48:5:48:5 | ControlFlowNode for r | tests.py:52:43:52:43 | ControlFlowNode for r | provenance | |
|
||||
| tests.py:48:9:48:15 | ControlFlowNode for request | tests.py:48:9:48:20 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| tests.py:48:9:48:20 | ControlFlowNode for Attribute | tests.py:48:9:48:33 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| tests.py:48:9:48:33 | ControlFlowNode for Attribute() | tests.py:48:5:48:5 | ControlFlowNode for r | provenance | |
|
||||
| tests.py:60:5:60:5 | ControlFlowNode for r | tests.py:64:43:64:43 | ControlFlowNode for r | provenance | |
|
||||
| tests.py:60:9:60:15 | ControlFlowNode for request | tests.py:60:9:60:20 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| tests.py:60:9:60:20 | ControlFlowNode for Attribute | tests.py:60:9:60:33 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| tests.py:60:9:60:33 | ControlFlowNode for Attribute() | tests.py:60:5:60:5 | ControlFlowNode for r | provenance | |
|
||||
| tests.py:72:5:72:5 | ControlFlowNode for r | tests.py:76:43:76:43 | ControlFlowNode for r | provenance | |
|
||||
| tests.py:72:9:72:15 | ControlFlowNode for request | tests.py:72:9:72:20 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| tests.py:72:9:72:20 | ControlFlowNode for Attribute | tests.py:72:9:72:33 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| tests.py:72:9:72:33 | ControlFlowNode for Attribute() | tests.py:72:5:72:5 | ControlFlowNode for r | provenance | |
|
||||
| tests.py:1:35:1:41 | After ImportMember | tests.py:1:35:1:41 | request | provenance | |
|
||||
| tests.py:1:35:1:41 | request | tests.py:12:17:12:23 | request | provenance | |
|
||||
| tests.py:1:35:1:41 | request | tests.py:24:9:24:15 | request | provenance | |
|
||||
| tests.py:1:35:1:41 | request | tests.py:36:9:36:15 | request | provenance | |
|
||||
| tests.py:1:35:1:41 | request | tests.py:48:9:48:15 | request | provenance | |
|
||||
| tests.py:1:35:1:41 | request | tests.py:60:9:60:15 | request | provenance | |
|
||||
| tests.py:1:35:1:41 | request | tests.py:72:9:72:15 | request | provenance | |
|
||||
| tests.py:12:5:12:13 | file_path | tests.py:16:39:16:47 | file_path | provenance | |
|
||||
| tests.py:12:17:12:23 | request | tests.py:12:17:12:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| tests.py:12:17:12:28 | After Attribute | tests.py:12:17:12:49 | After Attribute() | provenance | dict.get |
|
||||
| tests.py:12:17:12:49 | After Attribute() | tests.py:12:5:12:13 | file_path | provenance | |
|
||||
| tests.py:24:5:24:5 | r | tests.py:28:43:28:43 | r | provenance | |
|
||||
| tests.py:24:9:24:15 | request | tests.py:24:9:24:20 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| tests.py:24:9:24:20 | After Attribute | tests.py:24:9:24:33 | After Attribute() | provenance | dict.get |
|
||||
| tests.py:24:9:24:33 | After Attribute() | tests.py:24:5:24:5 | r | provenance | |
|
||||
| tests.py:36:5:36:5 | r | tests.py:40:43:40:43 | r | provenance | |
|
||||
| tests.py:36:9:36:15 | request | tests.py:36:9:36:20 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| tests.py:36:9:36:20 | After Attribute | tests.py:36:9:36:33 | After Attribute() | provenance | dict.get |
|
||||
| tests.py:36:9:36:33 | After Attribute() | tests.py:36:5:36:5 | r | provenance | |
|
||||
| tests.py:48:5:48:5 | r | tests.py:52:43:52:43 | r | provenance | |
|
||||
| tests.py:48:9:48:15 | request | tests.py:48:9:48:20 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| tests.py:48:9:48:20 | After Attribute | tests.py:48:9:48:33 | After Attribute() | provenance | dict.get |
|
||||
| tests.py:48:9:48:33 | After Attribute() | tests.py:48:5:48:5 | r | provenance | |
|
||||
| tests.py:60:5:60:5 | r | tests.py:64:43:64:43 | r | provenance | |
|
||||
| tests.py:60:9:60:15 | request | tests.py:60:9:60:20 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| tests.py:60:9:60:20 | After Attribute | tests.py:60:9:60:33 | After Attribute() | provenance | dict.get |
|
||||
| tests.py:60:9:60:33 | After Attribute() | tests.py:60:5:60:5 | r | provenance | |
|
||||
| tests.py:72:5:72:5 | r | tests.py:76:43:76:43 | r | provenance | |
|
||||
| tests.py:72:9:72:15 | request | tests.py:72:9:72:20 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| tests.py:72:9:72:20 | After Attribute | tests.py:72:9:72:33 | After Attribute() | provenance | dict.get |
|
||||
| tests.py:72:9:72:33 | After Attribute() | tests.py:72:5:72:5 | r | provenance | |
|
||||
nodes
|
||||
| tests.py:1:35:1:41 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| tests.py:1:35:1:41 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| tests.py:12:5:12:13 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| tests.py:12:17:12:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| tests.py:12:17:12:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| tests.py:12:17:12:49 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| tests.py:16:39:16:47 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| tests.py:24:5:24:5 | ControlFlowNode for r | semmle.label | ControlFlowNode for r |
|
||||
| tests.py:24:9:24:15 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| tests.py:24:9:24:20 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| tests.py:24:9:24:33 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| tests.py:28:43:28:43 | ControlFlowNode for r | semmle.label | ControlFlowNode for r |
|
||||
| tests.py:36:5:36:5 | ControlFlowNode for r | semmle.label | ControlFlowNode for r |
|
||||
| tests.py:36:9:36:15 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| tests.py:36:9:36:20 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| tests.py:36:9:36:33 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| tests.py:40:43:40:43 | ControlFlowNode for r | semmle.label | ControlFlowNode for r |
|
||||
| tests.py:48:5:48:5 | ControlFlowNode for r | semmle.label | ControlFlowNode for r |
|
||||
| tests.py:48:9:48:15 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| tests.py:48:9:48:20 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| tests.py:48:9:48:33 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| tests.py:52:43:52:43 | ControlFlowNode for r | semmle.label | ControlFlowNode for r |
|
||||
| tests.py:60:5:60:5 | ControlFlowNode for r | semmle.label | ControlFlowNode for r |
|
||||
| tests.py:60:9:60:15 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| tests.py:60:9:60:20 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| tests.py:60:9:60:33 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| tests.py:64:43:64:43 | ControlFlowNode for r | semmle.label | ControlFlowNode for r |
|
||||
| tests.py:72:5:72:5 | ControlFlowNode for r | semmle.label | ControlFlowNode for r |
|
||||
| tests.py:72:9:72:15 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| tests.py:72:9:72:20 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| tests.py:72:9:72:33 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| tests.py:76:43:76:43 | ControlFlowNode for r | semmle.label | ControlFlowNode for r |
|
||||
| tests.py:1:35:1:41 | After ImportMember | semmle.label | After ImportMember |
|
||||
| tests.py:1:35:1:41 | request | semmle.label | request |
|
||||
| tests.py:12:5:12:13 | file_path | semmle.label | file_path |
|
||||
| tests.py:12:17:12:23 | request | semmle.label | request |
|
||||
| tests.py:12:17:12:28 | After Attribute | semmle.label | After Attribute |
|
||||
| tests.py:12:17:12:49 | After Attribute() | semmle.label | After Attribute() |
|
||||
| tests.py:16:39:16:47 | file_path | semmle.label | file_path |
|
||||
| tests.py:24:5:24:5 | r | semmle.label | r |
|
||||
| tests.py:24:9:24:15 | request | semmle.label | request |
|
||||
| tests.py:24:9:24:20 | After Attribute | semmle.label | After Attribute |
|
||||
| tests.py:24:9:24:33 | After Attribute() | semmle.label | After Attribute() |
|
||||
| tests.py:28:43:28:43 | r | semmle.label | r |
|
||||
| tests.py:36:5:36:5 | r | semmle.label | r |
|
||||
| tests.py:36:9:36:15 | request | semmle.label | request |
|
||||
| tests.py:36:9:36:20 | After Attribute | semmle.label | After Attribute |
|
||||
| tests.py:36:9:36:33 | After Attribute() | semmle.label | After Attribute() |
|
||||
| tests.py:40:43:40:43 | r | semmle.label | r |
|
||||
| tests.py:48:5:48:5 | r | semmle.label | r |
|
||||
| tests.py:48:9:48:15 | request | semmle.label | request |
|
||||
| tests.py:48:9:48:20 | After Attribute | semmle.label | After Attribute |
|
||||
| tests.py:48:9:48:33 | After Attribute() | semmle.label | After Attribute() |
|
||||
| tests.py:52:43:52:43 | r | semmle.label | r |
|
||||
| tests.py:60:5:60:5 | r | semmle.label | r |
|
||||
| tests.py:60:9:60:15 | request | semmle.label | request |
|
||||
| tests.py:60:9:60:20 | After Attribute | semmle.label | After Attribute |
|
||||
| tests.py:60:9:60:33 | After Attribute() | semmle.label | After Attribute() |
|
||||
| tests.py:64:43:64:43 | r | semmle.label | r |
|
||||
| tests.py:72:5:72:5 | r | semmle.label | r |
|
||||
| tests.py:72:9:72:15 | request | semmle.label | request |
|
||||
| tests.py:72:9:72:20 | After Attribute | semmle.label | After Attribute |
|
||||
| tests.py:72:9:72:33 | After Attribute() | semmle.label | After Attribute() |
|
||||
| tests.py:76:43:76:43 | r | semmle.label | r |
|
||||
subpaths
|
||||
#select
|
||||
| tests.py:16:39:16:47 | ControlFlowNode for file_path | tests.py:1:35:1:41 | ControlFlowNode for ImportMember | tests.py:16:39:16:47 | ControlFlowNode for file_path | This $@ can reach a $@. | tests.py:1:35:1:41 | ControlFlowNode for ImportMember | user-provided value | tests.py:16:39:16:47 | ControlFlowNode for file_path | costly Unicode normalization operation |
|
||||
| tests.py:28:43:28:43 | ControlFlowNode for r | tests.py:1:35:1:41 | ControlFlowNode for ImportMember | tests.py:28:43:28:43 | ControlFlowNode for r | This $@ can reach a $@. | tests.py:1:35:1:41 | ControlFlowNode for ImportMember | user-provided value | tests.py:28:43:28:43 | ControlFlowNode for r | costly Unicode normalization operation |
|
||||
| tests.py:40:43:40:43 | ControlFlowNode for r | tests.py:1:35:1:41 | ControlFlowNode for ImportMember | tests.py:40:43:40:43 | ControlFlowNode for r | This $@ can reach a $@. | tests.py:1:35:1:41 | ControlFlowNode for ImportMember | user-provided value | tests.py:40:43:40:43 | ControlFlowNode for r | costly Unicode normalization operation |
|
||||
| tests.py:52:43:52:43 | ControlFlowNode for r | tests.py:1:35:1:41 | ControlFlowNode for ImportMember | tests.py:52:43:52:43 | ControlFlowNode for r | This $@ can reach a $@. | tests.py:1:35:1:41 | ControlFlowNode for ImportMember | user-provided value | tests.py:52:43:52:43 | ControlFlowNode for r | costly Unicode normalization operation |
|
||||
| tests.py:64:43:64:43 | ControlFlowNode for r | tests.py:1:35:1:41 | ControlFlowNode for ImportMember | tests.py:64:43:64:43 | ControlFlowNode for r | This $@ can reach a $@. | tests.py:1:35:1:41 | ControlFlowNode for ImportMember | user-provided value | tests.py:64:43:64:43 | ControlFlowNode for r | costly Unicode normalization operation |
|
||||
| tests.py:76:43:76:43 | ControlFlowNode for r | tests.py:1:35:1:41 | ControlFlowNode for ImportMember | tests.py:76:43:76:43 | ControlFlowNode for r | This $@ can reach a $@. | tests.py:1:35:1:41 | ControlFlowNode for ImportMember | user-provided value | tests.py:76:43:76:43 | ControlFlowNode for r | costly Unicode normalization operation |
|
||||
| tests.py:16:39:16:47 | file_path | tests.py:1:35:1:41 | After ImportMember | tests.py:16:39:16:47 | file_path | This $@ can reach a $@. | tests.py:1:35:1:41 | After ImportMember | user-provided value | tests.py:16:39:16:47 | file_path | costly Unicode normalization operation |
|
||||
| tests.py:28:43:28:43 | r | tests.py:1:35:1:41 | After ImportMember | tests.py:28:43:28:43 | r | This $@ can reach a $@. | tests.py:1:35:1:41 | After ImportMember | user-provided value | tests.py:28:43:28:43 | r | costly Unicode normalization operation |
|
||||
| tests.py:40:43:40:43 | r | tests.py:1:35:1:41 | After ImportMember | tests.py:40:43:40:43 | r | This $@ can reach a $@. | tests.py:1:35:1:41 | After ImportMember | user-provided value | tests.py:40:43:40:43 | r | costly Unicode normalization operation |
|
||||
| tests.py:52:43:52:43 | r | tests.py:1:35:1:41 | After ImportMember | tests.py:52:43:52:43 | r | This $@ can reach a $@. | tests.py:1:35:1:41 | After ImportMember | user-provided value | tests.py:52:43:52:43 | r | costly Unicode normalization operation |
|
||||
| tests.py:64:43:64:43 | r | tests.py:1:35:1:41 | After ImportMember | tests.py:64:43:64:43 | r | This $@ can reach a $@. | tests.py:1:35:1:41 | After ImportMember | user-provided value | tests.py:64:43:64:43 | r | costly Unicode normalization operation |
|
||||
| tests.py:76:43:76:43 | r | tests.py:1:35:1:41 | After ImportMember | tests.py:76:43:76:43 | r | This $@ can reach a $@. | tests.py:1:35:1:41 | After ImportMember | user-provided value | tests.py:76:43:76:43 | r | costly Unicode normalization operation |
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
| ec_keygen_origin.py:8:1:8:45 | ControlFlowNode for Attribute() | 384 | ec_keygen_origin.py:8:31:8:42 | ControlFlowNode for Attribute |
|
||||
| ec_keygen_origin.py:9:1:9:43 | ControlFlowNode for Attribute() | 384 | ec_keygen_origin.py:9:31:9:42 | ControlFlowNode for Attribute |
|
||||
| ec_keygen_origin.py:12:1:12:36 | ControlFlowNode for Attribute() | 384 | ec_keygen_origin.py:11:9:11:20 | ControlFlowNode for Attribute |
|
||||
| ec_keygen_origin.py:15:1:15:39 | ControlFlowNode for Attribute() | 384 | ec_keygen_origin.py:11:9:11:20 | ControlFlowNode for Attribute |
|
||||
| ec_keygen_origin.py:20:1:20:32 | ControlFlowNode for Attribute() | 384 | ec_keygen_origin.py:6:58:6:66 | ControlFlowNode for ImportMember |
|
||||
| ec_keygen_origin.py:8:1:8:45 | After Attribute() | 384 | ec_keygen_origin.py:8:31:8:42 | After Attribute |
|
||||
| ec_keygen_origin.py:9:1:9:43 | After Attribute() | 384 | ec_keygen_origin.py:9:31:9:42 | After Attribute |
|
||||
| ec_keygen_origin.py:12:1:12:36 | After Attribute() | 384 | ec_keygen_origin.py:11:9:11:20 | After Attribute |
|
||||
| ec_keygen_origin.py:15:1:15:39 | After Attribute() | 384 | ec_keygen_origin.py:11:9:11:20 | After Attribute |
|
||||
| ec_keygen_origin.py:20:1:20:32 | After Attribute() | 384 | ec_keygen_origin.py:6:58:6:66 | After ImportMember |
|
||||
|
||||
@@ -1,114 +1,114 @@
|
||||
taintFlow
|
||||
| test.py:3:5:3:15 | ControlFlowNode for getSource() | test.py:4:8:4:8 | ControlFlowNode for x |
|
||||
| test.py:3:5:3:15 | ControlFlowNode for getSource() | test.py:7:17:7:17 | ControlFlowNode for x |
|
||||
| test.py:9:8:9:14 | ControlFlowNode for alias() | test.py:9:8:9:14 | ControlFlowNode for alias() |
|
||||
| test.py:10:8:10:22 | ControlFlowNode for Attribute() | test.py:10:8:10:22 | ControlFlowNode for Attribute() |
|
||||
| test.py:11:8:11:30 | ControlFlowNode for Attribute() | test.py:11:8:11:30 | ControlFlowNode for Attribute() |
|
||||
| test.py:71:28:71:38 | ControlFlowNode for getSource() | test.py:71:8:71:39 | ControlFlowNode for Attribute() |
|
||||
| test.py:75:5:75:15 | ControlFlowNode for getSource() | test.py:76:22:76:22 | ControlFlowNode for x |
|
||||
| test.py:75:5:75:15 | ControlFlowNode for getSource() | test.py:77:22:77:22 | ControlFlowNode for y |
|
||||
| test.py:81:36:81:46 | ControlFlowNode for getSource() | test.py:81:8:81:47 | ControlFlowNode for Attribute() |
|
||||
| test.py:83:50:83:60 | ControlFlowNode for getSource() | test.py:83:8:83:61 | ControlFlowNode for Attribute() |
|
||||
| test.py:86:49:86:59 | ControlFlowNode for getSource() | test.py:86:8:86:60 | ControlFlowNode for Attribute() |
|
||||
| test.py:87:56:87:66 | ControlFlowNode for getSource() | test.py:87:8:87:67 | ControlFlowNode for Attribute() |
|
||||
| test.py:114:19:114:29 | ControlFlowNode for getSource() | test.py:114:19:114:29 | ControlFlowNode for getSource() |
|
||||
| test.py:115:20:115:30 | ControlFlowNode for getSource() | test.py:115:20:115:30 | ControlFlowNode for getSource() |
|
||||
| test.py:116:31:116:41 | ControlFlowNode for getSource() | test.py:116:31:116:41 | ControlFlowNode for getSource() |
|
||||
| test.py:117:31:117:41 | ControlFlowNode for getSource() | test.py:117:31:117:41 | ControlFlowNode for getSource() |
|
||||
| test.py:118:35:118:45 | ControlFlowNode for getSource() | test.py:118:35:118:45 | ControlFlowNode for getSource() |
|
||||
| test.py:3:5:3:15 | After getSource() | test.py:4:8:4:8 | x |
|
||||
| test.py:3:5:3:15 | After getSource() | test.py:7:17:7:17 | x |
|
||||
| test.py:9:8:9:14 | After alias() | test.py:9:8:9:14 | After alias() |
|
||||
| test.py:10:8:10:22 | After Attribute() | test.py:10:8:10:22 | After Attribute() |
|
||||
| test.py:11:8:11:30 | After Attribute() | test.py:11:8:11:30 | After Attribute() |
|
||||
| test.py:71:28:71:38 | After getSource() | test.py:71:8:71:39 | After Attribute() |
|
||||
| test.py:75:5:75:15 | After getSource() | test.py:76:22:76:22 | x |
|
||||
| test.py:75:5:75:15 | After getSource() | test.py:77:22:77:22 | y |
|
||||
| test.py:81:36:81:46 | After getSource() | test.py:81:8:81:47 | After Attribute() |
|
||||
| test.py:83:50:83:60 | After getSource() | test.py:83:8:83:61 | After Attribute() |
|
||||
| test.py:86:49:86:59 | After getSource() | test.py:86:8:86:60 | After Attribute() |
|
||||
| test.py:87:56:87:66 | After getSource() | test.py:87:8:87:67 | After Attribute() |
|
||||
| test.py:114:19:114:29 | After getSource() | test.py:114:19:114:29 | After getSource() |
|
||||
| test.py:115:20:115:30 | After getSource() | test.py:115:20:115:30 | After getSource() |
|
||||
| test.py:116:31:116:41 | After getSource() | test.py:116:31:116:41 | After getSource() |
|
||||
| test.py:117:31:117:41 | After getSource() | test.py:117:31:117:41 | After getSource() |
|
||||
| test.py:118:35:118:45 | After getSource() | test.py:118:35:118:45 | After getSource() |
|
||||
isSink
|
||||
| test.py:4:8:4:8 | ControlFlowNode for x | test-sink |
|
||||
| test.py:7:17:7:17 | ControlFlowNode for x | test-sink |
|
||||
| test.py:9:8:9:14 | ControlFlowNode for alias() | test-sink |
|
||||
| test.py:10:8:10:22 | ControlFlowNode for Attribute() | test-sink |
|
||||
| test.py:11:8:11:30 | ControlFlowNode for Attribute() | test-sink |
|
||||
| test.py:12:8:12:34 | ControlFlowNode for Attribute() | test-sink |
|
||||
| test.py:16:11:16:13 | ControlFlowNode for one | test-sink |
|
||||
| test.py:17:19:17:21 | ControlFlowNode for two | test-sink |
|
||||
| test.py:17:24:17:28 | ControlFlowNode for three | test-sink |
|
||||
| test.py:17:31:17:34 | ControlFlowNode for four | test-sink |
|
||||
| test.py:18:37:18:40 | ControlFlowNode for five | test-sink |
|
||||
| test.py:19:21:19:26 | ControlFlowNode for second | test-sink |
|
||||
| test.py:30:21:30:23 | ControlFlowNode for one | test-sink |
|
||||
| test.py:32:22:32:24 | ControlFlowNode for one | test-sink |
|
||||
| test.py:32:27:32:29 | ControlFlowNode for two | test-sink |
|
||||
| test.py:33:22:33:24 | ControlFlowNode for one | test-sink |
|
||||
| test.py:33:27:33:29 | ControlFlowNode for two | test-sink |
|
||||
| test.py:33:32:33:36 | ControlFlowNode for three | test-sink |
|
||||
| test.py:57:27:57:33 | ControlFlowNode for arg_pos | test-sink |
|
||||
| test.py:66:17:66:20 | ControlFlowNode for arg1 | test-sink |
|
||||
| test.py:66:23:66:26 | ControlFlowNode for arg2 | test-sink |
|
||||
| test.py:66:34:66:43 | ControlFlowNode for namedThing | test-sink |
|
||||
| test.py:67:34:67:44 | ControlFlowNode for secondNamed | test-sink |
|
||||
| test.py:71:8:71:39 | ControlFlowNode for Attribute() | test-sink |
|
||||
| test.py:72:8:72:47 | ControlFlowNode for Attribute() | test-sink |
|
||||
| test.py:76:22:76:22 | ControlFlowNode for x | test-sink |
|
||||
| test.py:77:22:77:22 | ControlFlowNode for y | test-sink |
|
||||
| test.py:78:22:78:22 | ControlFlowNode for z | test-sink |
|
||||
| test.py:81:8:81:47 | ControlFlowNode for Attribute() | test-sink |
|
||||
| test.py:82:8:82:54 | ControlFlowNode for Attribute() | test-sink |
|
||||
| test.py:83:8:83:61 | ControlFlowNode for Attribute() | test-sink |
|
||||
| test.py:85:8:85:53 | ControlFlowNode for Attribute() | test-sink |
|
||||
| test.py:86:8:86:60 | ControlFlowNode for Attribute() | test-sink |
|
||||
| test.py:87:8:87:67 | ControlFlowNode for Attribute() | test-sink |
|
||||
| test.py:89:21:89:23 | ControlFlowNode for one | test-sink |
|
||||
| test.py:91:21:91:23 | ControlFlowNode for one | test-sink |
|
||||
| test.py:91:30:91:32 | ControlFlowNode for two | test-sink |
|
||||
| test.py:98:6:98:9 | ControlFlowNode for baz2 | test-sink |
|
||||
| test.py:114:19:114:29 | ControlFlowNode for getSource() | test-sink |
|
||||
| test.py:115:20:115:30 | ControlFlowNode for getSource() | test-sink |
|
||||
| test.py:116:31:116:41 | ControlFlowNode for getSource() | test-sink |
|
||||
| test.py:117:31:117:41 | ControlFlowNode for getSource() | test-sink |
|
||||
| test.py:118:35:118:45 | ControlFlowNode for getSource() | test-sink |
|
||||
| test.py:4:8:4:8 | x | test-sink |
|
||||
| test.py:7:17:7:17 | x | test-sink |
|
||||
| test.py:9:8:9:14 | After alias() | test-sink |
|
||||
| test.py:10:8:10:22 | After Attribute() | test-sink |
|
||||
| test.py:11:8:11:30 | After Attribute() | test-sink |
|
||||
| test.py:12:8:12:34 | After Attribute() | test-sink |
|
||||
| test.py:16:11:16:13 | one | test-sink |
|
||||
| test.py:17:19:17:21 | two | test-sink |
|
||||
| test.py:17:24:17:28 | three | test-sink |
|
||||
| test.py:17:31:17:34 | four | test-sink |
|
||||
| test.py:18:37:18:40 | five | test-sink |
|
||||
| test.py:19:21:19:26 | second | test-sink |
|
||||
| test.py:30:21:30:23 | one | test-sink |
|
||||
| test.py:32:22:32:24 | one | test-sink |
|
||||
| test.py:32:27:32:29 | two | test-sink |
|
||||
| test.py:33:22:33:24 | one | test-sink |
|
||||
| test.py:33:27:33:29 | two | test-sink |
|
||||
| test.py:33:32:33:36 | three | test-sink |
|
||||
| test.py:57:27:57:33 | arg_pos | test-sink |
|
||||
| test.py:66:17:66:20 | arg1 | test-sink |
|
||||
| test.py:66:23:66:26 | arg2 | test-sink |
|
||||
| test.py:66:34:66:43 | namedThing | test-sink |
|
||||
| test.py:67:34:67:44 | secondNamed | test-sink |
|
||||
| test.py:71:8:71:39 | After Attribute() | test-sink |
|
||||
| test.py:72:8:72:47 | After Attribute() | test-sink |
|
||||
| test.py:76:22:76:22 | x | test-sink |
|
||||
| test.py:77:22:77:22 | y | test-sink |
|
||||
| test.py:78:22:78:22 | z | test-sink |
|
||||
| test.py:81:8:81:47 | After Attribute() | test-sink |
|
||||
| test.py:82:8:82:54 | After Attribute() | test-sink |
|
||||
| test.py:83:8:83:61 | After Attribute() | test-sink |
|
||||
| test.py:85:8:85:53 | After Attribute() | test-sink |
|
||||
| test.py:86:8:86:60 | After Attribute() | test-sink |
|
||||
| test.py:87:8:87:67 | After Attribute() | test-sink |
|
||||
| test.py:89:21:89:23 | one | test-sink |
|
||||
| test.py:91:21:91:23 | one | test-sink |
|
||||
| test.py:91:30:91:32 | two | test-sink |
|
||||
| test.py:98:6:98:9 | baz2 | test-sink |
|
||||
| test.py:114:19:114:29 | After getSource() | test-sink |
|
||||
| test.py:115:20:115:30 | After getSource() | test-sink |
|
||||
| test.py:116:31:116:41 | After getSource() | test-sink |
|
||||
| test.py:117:31:117:41 | After getSource() | test-sink |
|
||||
| test.py:118:35:118:45 | After getSource() | test-sink |
|
||||
isSource
|
||||
| test.py:3:5:3:15 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:9:8:9:14 | ControlFlowNode for alias() | test-source |
|
||||
| test.py:10:8:10:14 | ControlFlowNode for alias() | test-source |
|
||||
| test.py:10:8:10:22 | ControlFlowNode for Attribute() | test-source |
|
||||
| test.py:11:8:11:14 | ControlFlowNode for alias() | test-source |
|
||||
| test.py:11:8:11:22 | ControlFlowNode for Attribute() | test-source |
|
||||
| test.py:11:8:11:30 | ControlFlowNode for Attribute() | test-source |
|
||||
| test.py:12:8:12:14 | ControlFlowNode for alias() | test-source |
|
||||
| test.py:12:8:12:22 | ControlFlowNode for Attribute() | test-source |
|
||||
| test.py:23:24:23:26 | ControlFlowNode for one | test-source |
|
||||
| test.py:24:33:24:35 | ControlFlowNode for two | test-source |
|
||||
| test.py:24:38:24:42 | ControlFlowNode for three | test-source |
|
||||
| test.py:24:45:24:48 | ControlFlowNode for four | test-source |
|
||||
| test.py:25:34:25:39 | ControlFlowNode for second | test-source |
|
||||
| test.py:39:11:39:20 | ControlFlowNode for Await | test-source |
|
||||
| test.py:41:8:41:27 | ControlFlowNode for Attribute() | test-source |
|
||||
| test.py:46:7:46:16 | ControlFlowNode for SubClass() | test-source |
|
||||
| test.py:51:8:51:18 | ControlFlowNode for Sub2Class() | test-source |
|
||||
| test.py:53:7:53:16 | ControlFlowNode for Attribute() | test-source |
|
||||
| test.py:60:13:60:16 | ControlFlowNode for self | test-source |
|
||||
| test.py:60:24:60:28 | ControlFlowNode for named | test-source |
|
||||
| test.py:63:36:63:39 | ControlFlowNode for arg2 | test-source |
|
||||
| test.py:63:42:63:45 | ControlFlowNode for arg3 | test-source |
|
||||
| test.py:63:48:63:51 | ControlFlowNode for arg4 | test-source |
|
||||
| test.py:63:54:63:57 | ControlFlowNode for arg5 | test-source |
|
||||
| test.py:71:28:71:38 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:72:36:72:46 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:75:5:75:15 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:81:36:81:46 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:82:43:82:53 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:83:50:83:60 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:85:42:85:52 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:86:49:86:59 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:87:56:87:66 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:101:29:101:31 | ControlFlowNode for arg | test-source |
|
||||
| test.py:104:24:104:29 | ControlFlowNode for param1 | test-source |
|
||||
| test.py:104:32:104:37 | ControlFlowNode for param2 | test-source |
|
||||
| test.py:107:24:107:28 | ControlFlowNode for name1 | test-source |
|
||||
| test.py:107:31:107:35 | ControlFlowNode for name2 | test-source |
|
||||
| test.py:114:19:114:29 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:115:20:115:30 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:116:31:116:41 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:117:31:117:41 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:118:35:118:45 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:119:20:119:30 | ControlFlowNode for getSource() | test-source |
|
||||
| test.py:124:1:124:33 | ControlFlowNode for Attribute() | test-source |
|
||||
| test.py:126:11:126:43 | ControlFlowNode for Attribute() | test-source |
|
||||
| test.py:129:11:129:39 | ControlFlowNode for Attribute() | test-source |
|
||||
| test.py:3:5:3:15 | After getSource() | test-source |
|
||||
| test.py:9:8:9:14 | After alias() | test-source |
|
||||
| test.py:10:8:10:14 | After alias() | test-source |
|
||||
| test.py:10:8:10:22 | After Attribute() | test-source |
|
||||
| test.py:11:8:11:14 | After alias() | test-source |
|
||||
| test.py:11:8:11:22 | After Attribute() | test-source |
|
||||
| test.py:11:8:11:30 | After Attribute() | test-source |
|
||||
| test.py:12:8:12:14 | After alias() | test-source |
|
||||
| test.py:12:8:12:22 | After Attribute() | test-source |
|
||||
| test.py:23:24:23:26 | one | test-source |
|
||||
| test.py:24:33:24:35 | two | test-source |
|
||||
| test.py:24:38:24:42 | three | test-source |
|
||||
| test.py:24:45:24:48 | four | test-source |
|
||||
| test.py:25:34:25:39 | second | test-source |
|
||||
| test.py:39:11:39:20 | After Await | test-source |
|
||||
| test.py:41:8:41:27 | After Attribute() | test-source |
|
||||
| test.py:46:7:46:16 | After SubClass() | test-source |
|
||||
| test.py:51:8:51:18 | After Sub2Class() | test-source |
|
||||
| test.py:53:7:53:16 | After Attribute() | test-source |
|
||||
| test.py:60:13:60:16 | self | test-source |
|
||||
| test.py:60:24:60:28 | named | test-source |
|
||||
| test.py:63:36:63:39 | arg2 | test-source |
|
||||
| test.py:63:42:63:45 | arg3 | test-source |
|
||||
| test.py:63:48:63:51 | arg4 | test-source |
|
||||
| test.py:63:54:63:57 | arg5 | test-source |
|
||||
| test.py:71:28:71:38 | After getSource() | test-source |
|
||||
| test.py:72:36:72:46 | After getSource() | test-source |
|
||||
| test.py:75:5:75:15 | After getSource() | test-source |
|
||||
| test.py:81:36:81:46 | After getSource() | test-source |
|
||||
| test.py:82:43:82:53 | After getSource() | test-source |
|
||||
| test.py:83:50:83:60 | After getSource() | test-source |
|
||||
| test.py:85:42:85:52 | After getSource() | test-source |
|
||||
| test.py:86:49:86:59 | After getSource() | test-source |
|
||||
| test.py:87:56:87:66 | After getSource() | test-source |
|
||||
| test.py:101:29:101:31 | arg | test-source |
|
||||
| test.py:104:24:104:29 | param1 | test-source |
|
||||
| test.py:104:32:104:37 | param2 | test-source |
|
||||
| test.py:107:24:107:28 | name1 | test-source |
|
||||
| test.py:107:31:107:35 | name2 | test-source |
|
||||
| test.py:114:19:114:29 | After getSource() | test-source |
|
||||
| test.py:115:20:115:30 | After getSource() | test-source |
|
||||
| test.py:116:31:116:41 | After getSource() | test-source |
|
||||
| test.py:117:31:117:41 | After getSource() | test-source |
|
||||
| test.py:118:35:118:45 | After getSource() | test-source |
|
||||
| test.py:119:20:119:30 | After getSource() | test-source |
|
||||
| test.py:124:1:124:33 | After Attribute() | test-source |
|
||||
| test.py:126:11:126:43 | After Attribute() | test-source |
|
||||
| test.py:129:11:129:39 | After Attribute() | test-source |
|
||||
syntaxErrors
|
||||
| Member[foo |
|
||||
| Member[foo] .Member[bar] |
|
||||
|
||||
@@ -1,26 +1,26 @@
|
||||
edges
|
||||
| taint_step_test.py:5:5:5:8 | ControlFlowNode for path | taint_step_test.py:19:43:19:46 | ControlFlowNode for path | provenance | |
|
||||
| taint_step_test.py:5:12:5:35 | ControlFlowNode for Attribute() | taint_step_test.py:5:5:5:8 | ControlFlowNode for path | provenance | |
|
||||
| taint_step_test.py:6:5:6:8 | ControlFlowNode for file | taint_step_test.py:19:48:19:51 | ControlFlowNode for file | provenance | |
|
||||
| taint_step_test.py:6:12:6:35 | ControlFlowNode for Attribute() | taint_step_test.py:6:5:6:8 | ControlFlowNode for file | provenance | |
|
||||
| taint_step_test.py:11:18:11:21 | ControlFlowNode for path | taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | provenance | |
|
||||
| taint_step_test.py:11:18:11:21 | ControlFlowNode for path | taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:11:24:11:27 | ControlFlowNode for file | taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | provenance | |
|
||||
| taint_step_test.py:19:43:19:46 | ControlFlowNode for path | taint_step_test.py:11:18:11:21 | ControlFlowNode for path | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:19:48:19:51 | ControlFlowNode for file | taint_step_test.py:11:24:11:27 | ControlFlowNode for file | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:5:5:5:8 | path | taint_step_test.py:19:43:19:46 | path | provenance | |
|
||||
| taint_step_test.py:5:12:5:35 | After Attribute() | taint_step_test.py:5:5:5:8 | path | provenance | |
|
||||
| taint_step_test.py:6:5:6:8 | file | taint_step_test.py:19:48:19:51 | file | provenance | |
|
||||
| taint_step_test.py:6:12:6:35 | After Attribute() | taint_step_test.py:6:5:6:8 | file | provenance | |
|
||||
| taint_step_test.py:11:18:11:21 | path | taint_step_test.py:12:9:12:16 | filepath | provenance | |
|
||||
| taint_step_test.py:11:18:11:21 | path | taint_step_test.py:12:9:12:16 | filepath | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:11:24:11:27 | file | taint_step_test.py:12:9:12:16 | filepath | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:12:9:12:16 | filepath | taint_step_test.py:13:19:13:26 | filepath | provenance | |
|
||||
| taint_step_test.py:19:43:19:46 | path | taint_step_test.py:11:18:11:21 | path | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:19:48:19:51 | file | taint_step_test.py:11:24:11:27 | file | provenance | AdditionalTaintStep |
|
||||
nodes
|
||||
| taint_step_test.py:5:5:5:8 | ControlFlowNode for path | semmle.label | ControlFlowNode for path |
|
||||
| taint_step_test.py:5:12:5:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| taint_step_test.py:6:5:6:8 | ControlFlowNode for file | semmle.label | ControlFlowNode for file |
|
||||
| taint_step_test.py:6:12:6:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| taint_step_test.py:11:18:11:21 | ControlFlowNode for path | semmle.label | ControlFlowNode for path |
|
||||
| taint_step_test.py:11:24:11:27 | ControlFlowNode for file | semmle.label | ControlFlowNode for file |
|
||||
| taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | semmle.label | ControlFlowNode for filepath |
|
||||
| taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | semmle.label | ControlFlowNode for filepath |
|
||||
| taint_step_test.py:19:43:19:46 | ControlFlowNode for path | semmle.label | ControlFlowNode for path |
|
||||
| taint_step_test.py:19:48:19:51 | ControlFlowNode for file | semmle.label | ControlFlowNode for file |
|
||||
| taint_step_test.py:5:5:5:8 | path | semmle.label | path |
|
||||
| taint_step_test.py:5:12:5:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| taint_step_test.py:6:5:6:8 | file | semmle.label | file |
|
||||
| taint_step_test.py:6:12:6:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| taint_step_test.py:11:18:11:21 | path | semmle.label | path |
|
||||
| taint_step_test.py:11:24:11:27 | file | semmle.label | file |
|
||||
| taint_step_test.py:12:9:12:16 | filepath | semmle.label | filepath |
|
||||
| taint_step_test.py:13:19:13:26 | filepath | semmle.label | filepath |
|
||||
| taint_step_test.py:19:43:19:46 | path | semmle.label | path |
|
||||
| taint_step_test.py:19:48:19:51 | file | semmle.label | file |
|
||||
subpaths
|
||||
#select
|
||||
| taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | taint_step_test.py:5:12:5:35 | ControlFlowNode for Attribute() | taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | This path depends on a $@. | taint_step_test.py:5:12:5:35 | ControlFlowNode for Attribute() | user-provided value |
|
||||
| taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | taint_step_test.py:6:12:6:35 | ControlFlowNode for Attribute() | taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | This path depends on a $@. | taint_step_test.py:6:12:6:35 | ControlFlowNode for Attribute() | user-provided value |
|
||||
| taint_step_test.py:13:19:13:26 | filepath | taint_step_test.py:5:12:5:35 | After Attribute() | taint_step_test.py:13:19:13:26 | filepath | This path depends on a $@. | taint_step_test.py:5:12:5:35 | After Attribute() | user-provided value |
|
||||
| taint_step_test.py:13:19:13:26 | filepath | taint_step_test.py:6:12:6:35 | After Attribute() | taint_step_test.py:13:19:13:26 | filepath | This path depends on a $@. | taint_step_test.py:6:12:6:35 | After Attribute() | user-provided value |
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
| init_calls_subclass.py:8:13:8:28 | ControlFlowNode for Attribute() | This call to $@ in an initialization method is overridden by $@. | init_calls_subclass.py:11:9:11:30 | Function set_up | bad1.Super.set_up | init_calls_subclass.py:20:9:20:30 | Function set_up | bad1.Sub.set_up |
|
||||
| init_calls_subclass.py:32:13:32:27 | ControlFlowNode for Attribute() | This call to $@ in an initialization method is overridden by $@. | init_calls_subclass.py:34:9:34:27 | Function postproc | bad2.Super.postproc | init_calls_subclass.py:43:9:43:27 | Function postproc | bad2.Sub.postproc |
|
||||
| init_calls_subclass.py:8:13:8:28 | After Attribute() | This call to $@ in an initialization method is overridden by $@. | init_calls_subclass.py:11:9:11:30 | Function set_up | bad1.Super.set_up | init_calls_subclass.py:20:9:20:30 | Function set_up | bad1.Sub.set_up |
|
||||
| init_calls_subclass.py:32:13:32:27 | After Attribute() | This call to $@ in an initialization method is overridden by $@. | init_calls_subclass.py:34:9:34:27 | Function postproc | bad2.Super.postproc | init_calls_subclass.py:43:9:43:27 | Function postproc | bad2.Sub.postproc |
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
| multiple_del.py:21:5:21:22 | Function __del__ | This finalization method calls $@ multiple times, via $@ and $@, resolving to $@ and $@ respectively. | multiple_del.py:9:5:9:22 | Function __del__ | Y1.__del__ | multiple_del.py:23:9:23:24 | ControlFlowNode for Attribute() | this call | multiple_del.py:24:9:24:24 | ControlFlowNode for Attribute() | this call | multiple_del.py:9:5:9:22 | Function __del__ | Y1.__del__ | multiple_del.py:15:5:15:22 | Function __del__ | Y2.__del__ |
|
||||
| multiple_del.py:43:5:43:22 | Function __del__ | This finalization method calls $@ multiple times, via $@ and $@, resolving to $@ and $@ respectively. | multiple_del.py:32:5:32:22 | Function __del__ | Z1.__del__ | multiple_del.py:45:9:45:24 | ControlFlowNode for Attribute() | this call | multiple_del.py:46:9:46:24 | ControlFlowNode for Attribute() | this call | multiple_del.py:32:5:32:22 | Function __del__ | Z1.__del__ | multiple_del.py:37:5:37:22 | Function __del__ | Z2.__del__ |
|
||||
| multiple_del.py:21:5:21:22 | Function __del__ | This finalization method calls $@ multiple times, via $@ and $@, resolving to $@ and $@ respectively. | multiple_del.py:9:5:9:22 | Function __del__ | Y1.__del__ | multiple_del.py:23:9:23:24 | After Attribute() | this call | multiple_del.py:24:9:24:24 | After Attribute() | this call | multiple_del.py:9:5:9:22 | Function __del__ | Y1.__del__ | multiple_del.py:15:5:15:22 | Function __del__ | Y2.__del__ |
|
||||
| multiple_del.py:43:5:43:22 | Function __del__ | This finalization method calls $@ multiple times, via $@ and $@, resolving to $@ and $@ respectively. | multiple_del.py:32:5:32:22 | Function __del__ | Z1.__del__ | multiple_del.py:45:9:45:24 | After Attribute() | this call | multiple_del.py:46:9:46:24 | After Attribute() | this call | multiple_del.py:32:5:32:22 | Function __del__ | Z1.__del__ | multiple_del.py:37:5:37:22 | Function __del__ | Z2.__del__ |
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
| multiple_init.py:21:5:21:23 | Function __init__ | This initialization method calls $@ multiple times, via $@ and $@, resolving to $@ and $@ respectively. | multiple_init.py:9:5:9:23 | Function __init__ | C1.__init__ | multiple_init.py:23:9:23:25 | ControlFlowNode for Attribute() | this call | multiple_init.py:24:9:24:25 | ControlFlowNode for Attribute() | this call | multiple_init.py:9:5:9:23 | Function __init__ | C1.__init__ | multiple_init.py:15:5:15:23 | Function __init__ | C2.__init__ |
|
||||
| multiple_init.py:42:5:42:23 | Function __init__ | This initialization method calls $@ multiple times, via $@ and $@, resolving to $@ and $@ respectively. | multiple_init.py:31:5:31:23 | Function __init__ | D1.__init__ | multiple_init.py:44:9:44:25 | ControlFlowNode for Attribute() | this call | multiple_init.py:45:9:45:25 | ControlFlowNode for Attribute() | this call | multiple_init.py:31:5:31:23 | Function __init__ | D1.__init__ | multiple_init.py:36:5:36:23 | Function __init__ | D2.__init__ |
|
||||
| multiple_init.py:84:5:84:23 | Function __init__ | This initialization method calls $@ multiple times, via $@ and $@, resolving to $@ and $@ respectively. | multiple_init.py:80:5:80:23 | Function __init__ | F3.__init__ | multiple_init.py:86:9:86:25 | ControlFlowNode for Attribute() | this call | multiple_init.py:87:9:87:25 | ControlFlowNode for Attribute() | this call | multiple_init.py:75:5:75:23 | Function __init__ | F2.__init__ | multiple_init.py:80:5:80:23 | Function __init__ | F3.__init__ |
|
||||
| multiple_init.py:111:5:111:23 | Function __init__ | This initialization method calls $@ multiple times, via $@ and $@, resolving to $@ and $@ respectively. | multiple_init.py:92:5:92:23 | Function __init__ | G1.__init__ | multiple_init.py:113:9:113:25 | ControlFlowNode for Attribute() | this call | multiple_init.py:114:9:114:25 | ControlFlowNode for Attribute() | this call | multiple_init.py:96:5:96:23 | Function __init__ | G2.__init__ | multiple_init.py:101:5:101:23 | Function __init__ | G3.__init__ |
|
||||
| multiple_init.py:21:5:21:23 | Function __init__ | This initialization method calls $@ multiple times, via $@ and $@, resolving to $@ and $@ respectively. | multiple_init.py:9:5:9:23 | Function __init__ | C1.__init__ | multiple_init.py:23:9:23:25 | After Attribute() | this call | multiple_init.py:24:9:24:25 | After Attribute() | this call | multiple_init.py:9:5:9:23 | Function __init__ | C1.__init__ | multiple_init.py:15:5:15:23 | Function __init__ | C2.__init__ |
|
||||
| multiple_init.py:42:5:42:23 | Function __init__ | This initialization method calls $@ multiple times, via $@ and $@, resolving to $@ and $@ respectively. | multiple_init.py:31:5:31:23 | Function __init__ | D1.__init__ | multiple_init.py:44:9:44:25 | After Attribute() | this call | multiple_init.py:45:9:45:25 | After Attribute() | this call | multiple_init.py:31:5:31:23 | Function __init__ | D1.__init__ | multiple_init.py:36:5:36:23 | Function __init__ | D2.__init__ |
|
||||
| multiple_init.py:84:5:84:23 | Function __init__ | This initialization method calls $@ multiple times, via $@ and $@, resolving to $@ and $@ respectively. | multiple_init.py:80:5:80:23 | Function __init__ | F3.__init__ | multiple_init.py:86:9:86:25 | After Attribute() | this call | multiple_init.py:87:9:87:25 | After Attribute() | this call | multiple_init.py:75:5:75:23 | Function __init__ | F2.__init__ | multiple_init.py:80:5:80:23 | Function __init__ | F3.__init__ |
|
||||
| multiple_init.py:111:5:111:23 | Function __init__ | This initialization method calls $@ multiple times, via $@ and $@, resolving to $@ and $@ respectively. | multiple_init.py:92:5:92:23 | Function __init__ | G1.__init__ | multiple_init.py:113:9:113:25 | After Attribute() | this call | multiple_init.py:114:9:114:25 | After Attribute() | this call | multiple_init.py:96:5:96:23 | Function __init__ | G2.__init__ | multiple_init.py:101:5:101:23 | Function __init__ | G3.__init__ |
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
| subclass_shadowing.py:11:5:11:21 | Function shadow | This method is shadowed by $@ in superclass $@. | subclass_shadowing.py:7:9:7:19 | ControlFlowNode for Attribute | attribute shadow | subclass_shadowing.py:4:1:4:11 | Class Base | Base |
|
||||
| subclass_shadowing.py:41:5:41:18 | Function foo | This method is shadowed by $@ in superclass $@. (read-only property may cause an error if written to in the superclass) | subclass_shadowing.py:35:9:35:16 | ControlFlowNode for Attribute | attribute foo | subclass_shadowing.py:33:1:33:12 | Class Base3 | Base3 |
|
||||
| subclass_shadowing.py:11:5:11:21 | Function shadow | This method is shadowed by $@ in superclass $@. | subclass_shadowing.py:7:9:7:19 | After Attribute | attribute shadow | subclass_shadowing.py:4:1:4:11 | Class Base | Base |
|
||||
| subclass_shadowing.py:41:5:41:18 | Function foo | This method is shadowed by $@ in superclass $@. (read-only property may cause an error if written to in the superclass) | subclass_shadowing.py:35:9:35:16 | After Attribute | attribute foo | subclass_shadowing.py:33:1:33:12 | Class Base3 | Base3 |
|
||||
|
||||
@@ -1 +1 @@
|
||||
| test.py:10:9:10:27 | ControlFlowNode for super() | First argument to super() should be NotMyDict. |
|
||||
| test.py:10:9:10:27 | After super() | First argument to super() should be NotMyDict. |
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
| pythagorean_test.py:6:12:6:28 | ControlFlowNode for sqrt() | Pythagorean calculation with sub-optimal numerics. |
|
||||
| pythagorean_test.py:9:12:9:26 | ControlFlowNode for sqrt() | Pythagorean calculation with sub-optimal numerics. |
|
||||
| pythagorean_test.py:14:12:14:24 | ControlFlowNode for sqrt() | Pythagorean calculation with sub-optimal numerics. |
|
||||
| pythagorean_test.py:6:12:6:28 | After sqrt() | Pythagorean calculation with sub-optimal numerics. |
|
||||
| pythagorean_test.py:9:12:9:26 | After sqrt() | Pythagorean calculation with sub-optimal numerics. |
|
||||
| pythagorean_test.py:14:12:14:24 | After sqrt() | Pythagorean calculation with sub-optimal numerics. |
|
||||
|
||||
@@ -1,63 +1,63 @@
|
||||
#select
|
||||
| BindToAllInterfaces_test.py:5:9:5:24 | ControlFlowNode for Tuple | BindToAllInterfaces_test.py:5:9:5:17 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:5:9:5:24 | ControlFlowNode for Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:5:9:5:17 | ControlFlowNode for StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:9:9:9:16 | ControlFlowNode for Tuple | BindToAllInterfaces_test.py:9:9:9:10 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:9:9:9:16 | ControlFlowNode for Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:9:9:9:10 | ControlFlowNode for StringLiteral | '' |
|
||||
| BindToAllInterfaces_test.py:17:9:17:24 | ControlFlowNode for Tuple | BindToAllInterfaces_test.py:16:14:16:22 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:17:9:17:24 | ControlFlowNode for Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:16:14:16:22 | ControlFlowNode for StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:21:8:21:10 | ControlFlowNode for tup | BindToAllInterfaces_test.py:16:14:16:22 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:21:8:21:10 | ControlFlowNode for tup | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:16:14:16:22 | ControlFlowNode for StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:26:9:26:18 | ControlFlowNode for Tuple | BindToAllInterfaces_test.py:26:9:26:12 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:26:9:26:18 | ControlFlowNode for Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:26:9:26:12 | ControlFlowNode for StringLiteral | '::' |
|
||||
| BindToAllInterfaces_test.py:39:17:39:41 | ControlFlowNode for Tuple | BindToAllInterfaces_test.py:34:26:34:34 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:39:17:39:41 | ControlFlowNode for Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:34:26:34:34 | ControlFlowNode for StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:48:9:48:18 | ControlFlowNode for Tuple | BindToAllInterfaces_test.py:46:35:46:43 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:48:9:48:18 | ControlFlowNode for Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:46:35:46:43 | ControlFlowNode for StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:53:10:53:25 | ControlFlowNode for Tuple | BindToAllInterfaces_test.py:53:10:53:18 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:53:10:53:25 | ControlFlowNode for Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:53:10:53:18 | ControlFlowNode for StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:58:10:58:25 | ControlFlowNode for Tuple | BindToAllInterfaces_test.py:58:10:58:18 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:58:10:58:25 | ControlFlowNode for Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:58:10:58:18 | ControlFlowNode for StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:5:9:5:24 | After Tuple | BindToAllInterfaces_test.py:5:9:5:17 | StringLiteral | BindToAllInterfaces_test.py:5:9:5:24 | After Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:5:9:5:17 | StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:9:9:9:16 | After Tuple | BindToAllInterfaces_test.py:9:9:9:10 | StringLiteral | BindToAllInterfaces_test.py:9:9:9:16 | After Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:9:9:9:10 | StringLiteral | '' |
|
||||
| BindToAllInterfaces_test.py:17:9:17:24 | After Tuple | BindToAllInterfaces_test.py:16:14:16:22 | StringLiteral | BindToAllInterfaces_test.py:17:9:17:24 | After Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:16:14:16:22 | StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:21:8:21:10 | tup | BindToAllInterfaces_test.py:16:14:16:22 | StringLiteral | BindToAllInterfaces_test.py:21:8:21:10 | tup | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:16:14:16:22 | StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:26:9:26:18 | After Tuple | BindToAllInterfaces_test.py:26:9:26:12 | StringLiteral | BindToAllInterfaces_test.py:26:9:26:18 | After Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:26:9:26:12 | StringLiteral | '::' |
|
||||
| BindToAllInterfaces_test.py:39:17:39:41 | After Tuple | BindToAllInterfaces_test.py:34:26:34:34 | StringLiteral | BindToAllInterfaces_test.py:39:17:39:41 | After Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:34:26:34:34 | StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:48:9:48:18 | After Tuple | BindToAllInterfaces_test.py:46:35:46:43 | StringLiteral | BindToAllInterfaces_test.py:48:9:48:18 | After Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:46:35:46:43 | StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:53:10:53:25 | After Tuple | BindToAllInterfaces_test.py:53:10:53:18 | StringLiteral | BindToAllInterfaces_test.py:53:10:53:25 | After Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:53:10:53:18 | StringLiteral | '0.0.0.0' |
|
||||
| BindToAllInterfaces_test.py:58:10:58:25 | After Tuple | BindToAllInterfaces_test.py:58:10:58:18 | StringLiteral | BindToAllInterfaces_test.py:58:10:58:25 | After Tuple | Binding a socket to all interfaces (using $@) is a security risk. | BindToAllInterfaces_test.py:58:10:58:18 | StringLiteral | '0.0.0.0' |
|
||||
edges
|
||||
| BindToAllInterfaces_test.py:5:9:5:17 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:5:9:5:24 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:9:9:9:10 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:9:9:9:16 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:16:1:16:10 | ControlFlowNode for ALL_LOCALS | BindToAllInterfaces_test.py:17:9:17:24 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:16:1:16:10 | ControlFlowNode for ALL_LOCALS | BindToAllInterfaces_test.py:20:1:20:3 | ControlFlowNode for tup | provenance | |
|
||||
| BindToAllInterfaces_test.py:16:14:16:22 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:16:1:16:10 | ControlFlowNode for ALL_LOCALS | provenance | |
|
||||
| BindToAllInterfaces_test.py:20:1:20:3 | ControlFlowNode for tup | BindToAllInterfaces_test.py:21:8:21:10 | ControlFlowNode for tup | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:26:9:26:12 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:26:9:26:18 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:33:18:33:21 | ControlFlowNode for self [Return] [Attribute bind_addr] | BindToAllInterfaces_test.py:41:10:41:17 | ControlFlowNode for Server() [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:34:9:34:12 | [post] ControlFlowNode for self [Attribute bind_addr] | BindToAllInterfaces_test.py:33:18:33:21 | ControlFlowNode for self [Return] [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:34:26:34:34 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:34:9:34:12 | [post] ControlFlowNode for self [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:37:15:37:18 | ControlFlowNode for self [Attribute bind_addr] | BindToAllInterfaces_test.py:39:17:39:20 | ControlFlowNode for self [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:39:17:39:20 | ControlFlowNode for self [Attribute bind_addr] | BindToAllInterfaces_test.py:39:17:39:30 | ControlFlowNode for Attribute | provenance | |
|
||||
| BindToAllInterfaces_test.py:39:17:39:30 | ControlFlowNode for Attribute | BindToAllInterfaces_test.py:39:17:39:41 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:41:1:41:6 | ControlFlowNode for server [Attribute bind_addr] | BindToAllInterfaces_test.py:42:1:42:6 | ControlFlowNode for server [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:41:10:41:17 | ControlFlowNode for Server() [Attribute bind_addr] | BindToAllInterfaces_test.py:41:1:41:6 | ControlFlowNode for server [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:42:1:42:6 | ControlFlowNode for server [Attribute bind_addr] | BindToAllInterfaces_test.py:37:15:37:18 | ControlFlowNode for self [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:46:1:46:4 | ControlFlowNode for host | BindToAllInterfaces_test.py:48:9:48:18 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:46:8:46:44 | ControlFlowNode for Attribute() | BindToAllInterfaces_test.py:46:1:46:4 | ControlFlowNode for host | provenance | |
|
||||
| BindToAllInterfaces_test.py:46:35:46:43 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:46:8:46:44 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| BindToAllInterfaces_test.py:53:10:53:18 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:53:10:53:25 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:58:10:58:18 | ControlFlowNode for StringLiteral | BindToAllInterfaces_test.py:58:10:58:25 | ControlFlowNode for Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:5:9:5:17 | StringLiteral | BindToAllInterfaces_test.py:5:9:5:24 | After Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:9:9:9:10 | StringLiteral | BindToAllInterfaces_test.py:9:9:9:16 | After Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:16:1:16:10 | ALL_LOCALS | BindToAllInterfaces_test.py:17:9:17:24 | After Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:16:1:16:10 | ALL_LOCALS | BindToAllInterfaces_test.py:20:1:20:3 | tup | provenance | |
|
||||
| BindToAllInterfaces_test.py:16:14:16:22 | StringLiteral | BindToAllInterfaces_test.py:16:1:16:10 | ALL_LOCALS | provenance | |
|
||||
| BindToAllInterfaces_test.py:20:1:20:3 | tup | BindToAllInterfaces_test.py:21:8:21:10 | tup | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:26:9:26:12 | StringLiteral | BindToAllInterfaces_test.py:26:9:26:18 | After Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:33:18:33:21 | self [Return] [Attribute bind_addr] | BindToAllInterfaces_test.py:41:10:41:17 | After Server() [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:34:9:34:12 | [post] self [Attribute bind_addr] | BindToAllInterfaces_test.py:33:18:33:21 | self [Return] [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:34:26:34:34 | StringLiteral | BindToAllInterfaces_test.py:34:9:34:12 | [post] self [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:37:15:37:18 | self [Attribute bind_addr] | BindToAllInterfaces_test.py:39:17:39:20 | self [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:39:17:39:20 | self [Attribute bind_addr] | BindToAllInterfaces_test.py:39:17:39:30 | After Attribute | provenance | |
|
||||
| BindToAllInterfaces_test.py:39:17:39:30 | After Attribute | BindToAllInterfaces_test.py:39:17:39:41 | After Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:41:1:41:6 | server [Attribute bind_addr] | BindToAllInterfaces_test.py:42:1:42:6 | server [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:41:10:41:17 | After Server() [Attribute bind_addr] | BindToAllInterfaces_test.py:41:1:41:6 | server [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:42:1:42:6 | server [Attribute bind_addr] | BindToAllInterfaces_test.py:37:15:37:18 | self [Attribute bind_addr] | provenance | |
|
||||
| BindToAllInterfaces_test.py:46:1:46:4 | host | BindToAllInterfaces_test.py:48:9:48:18 | After Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:46:8:46:44 | After Attribute() | BindToAllInterfaces_test.py:46:1:46:4 | host | provenance | |
|
||||
| BindToAllInterfaces_test.py:46:35:46:43 | StringLiteral | BindToAllInterfaces_test.py:46:8:46:44 | After Attribute() | provenance | dict.get |
|
||||
| BindToAllInterfaces_test.py:53:10:53:18 | StringLiteral | BindToAllInterfaces_test.py:53:10:53:25 | After Tuple | provenance | Sink:MaD:63 |
|
||||
| BindToAllInterfaces_test.py:58:10:58:18 | StringLiteral | BindToAllInterfaces_test.py:58:10:58:25 | After Tuple | provenance | Sink:MaD:63 |
|
||||
nodes
|
||||
| BindToAllInterfaces_test.py:5:9:5:17 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| BindToAllInterfaces_test.py:5:9:5:24 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
| BindToAllInterfaces_test.py:9:9:9:10 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| BindToAllInterfaces_test.py:9:9:9:16 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
| BindToAllInterfaces_test.py:16:1:16:10 | ControlFlowNode for ALL_LOCALS | semmle.label | ControlFlowNode for ALL_LOCALS |
|
||||
| BindToAllInterfaces_test.py:16:14:16:22 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| BindToAllInterfaces_test.py:17:9:17:24 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
| BindToAllInterfaces_test.py:20:1:20:3 | ControlFlowNode for tup | semmle.label | ControlFlowNode for tup |
|
||||
| BindToAllInterfaces_test.py:21:8:21:10 | ControlFlowNode for tup | semmle.label | ControlFlowNode for tup |
|
||||
| BindToAllInterfaces_test.py:26:9:26:12 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| BindToAllInterfaces_test.py:26:9:26:18 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
| BindToAllInterfaces_test.py:33:18:33:21 | ControlFlowNode for self [Return] [Attribute bind_addr] | semmle.label | ControlFlowNode for self [Return] [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:34:9:34:12 | [post] ControlFlowNode for self [Attribute bind_addr] | semmle.label | [post] ControlFlowNode for self [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:34:26:34:34 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| BindToAllInterfaces_test.py:37:15:37:18 | ControlFlowNode for self [Attribute bind_addr] | semmle.label | ControlFlowNode for self [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:39:17:39:20 | ControlFlowNode for self [Attribute bind_addr] | semmle.label | ControlFlowNode for self [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:39:17:39:30 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| BindToAllInterfaces_test.py:39:17:39:41 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
| BindToAllInterfaces_test.py:41:1:41:6 | ControlFlowNode for server [Attribute bind_addr] | semmle.label | ControlFlowNode for server [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:41:10:41:17 | ControlFlowNode for Server() [Attribute bind_addr] | semmle.label | ControlFlowNode for Server() [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:42:1:42:6 | ControlFlowNode for server [Attribute bind_addr] | semmle.label | ControlFlowNode for server [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:46:1:46:4 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| BindToAllInterfaces_test.py:46:8:46:44 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| BindToAllInterfaces_test.py:46:35:46:43 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| BindToAllInterfaces_test.py:48:9:48:18 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
| BindToAllInterfaces_test.py:53:10:53:18 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| BindToAllInterfaces_test.py:53:10:53:25 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
| BindToAllInterfaces_test.py:58:10:58:18 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| BindToAllInterfaces_test.py:58:10:58:25 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
|
||||
| BindToAllInterfaces_test.py:5:9:5:17 | StringLiteral | semmle.label | StringLiteral |
|
||||
| BindToAllInterfaces_test.py:5:9:5:24 | After Tuple | semmle.label | After Tuple |
|
||||
| BindToAllInterfaces_test.py:9:9:9:10 | StringLiteral | semmle.label | StringLiteral |
|
||||
| BindToAllInterfaces_test.py:9:9:9:16 | After Tuple | semmle.label | After Tuple |
|
||||
| BindToAllInterfaces_test.py:16:1:16:10 | ALL_LOCALS | semmle.label | ALL_LOCALS |
|
||||
| BindToAllInterfaces_test.py:16:14:16:22 | StringLiteral | semmle.label | StringLiteral |
|
||||
| BindToAllInterfaces_test.py:17:9:17:24 | After Tuple | semmle.label | After Tuple |
|
||||
| BindToAllInterfaces_test.py:20:1:20:3 | tup | semmle.label | tup |
|
||||
| BindToAllInterfaces_test.py:21:8:21:10 | tup | semmle.label | tup |
|
||||
| BindToAllInterfaces_test.py:26:9:26:12 | StringLiteral | semmle.label | StringLiteral |
|
||||
| BindToAllInterfaces_test.py:26:9:26:18 | After Tuple | semmle.label | After Tuple |
|
||||
| BindToAllInterfaces_test.py:33:18:33:21 | self [Return] [Attribute bind_addr] | semmle.label | self [Return] [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:34:9:34:12 | [post] self [Attribute bind_addr] | semmle.label | [post] self [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:34:26:34:34 | StringLiteral | semmle.label | StringLiteral |
|
||||
| BindToAllInterfaces_test.py:37:15:37:18 | self [Attribute bind_addr] | semmle.label | self [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:39:17:39:20 | self [Attribute bind_addr] | semmle.label | self [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:39:17:39:30 | After Attribute | semmle.label | After Attribute |
|
||||
| BindToAllInterfaces_test.py:39:17:39:41 | After Tuple | semmle.label | After Tuple |
|
||||
| BindToAllInterfaces_test.py:41:1:41:6 | server [Attribute bind_addr] | semmle.label | server [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:41:10:41:17 | After Server() [Attribute bind_addr] | semmle.label | After Server() [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:42:1:42:6 | server [Attribute bind_addr] | semmle.label | server [Attribute bind_addr] |
|
||||
| BindToAllInterfaces_test.py:46:1:46:4 | host | semmle.label | host |
|
||||
| BindToAllInterfaces_test.py:46:8:46:44 | After Attribute() | semmle.label | After Attribute() |
|
||||
| BindToAllInterfaces_test.py:46:35:46:43 | StringLiteral | semmle.label | StringLiteral |
|
||||
| BindToAllInterfaces_test.py:48:9:48:18 | After Tuple | semmle.label | After Tuple |
|
||||
| BindToAllInterfaces_test.py:53:10:53:18 | StringLiteral | semmle.label | StringLiteral |
|
||||
| BindToAllInterfaces_test.py:53:10:53:25 | After Tuple | semmle.label | After Tuple |
|
||||
| BindToAllInterfaces_test.py:58:10:58:18 | StringLiteral | semmle.label | StringLiteral |
|
||||
| BindToAllInterfaces_test.py:58:10:58:25 | After Tuple | semmle.label | After Tuple |
|
||||
subpaths
|
||||
|
||||
@@ -1,28 +1,28 @@
|
||||
edges
|
||||
| django_tests.py:4:25:4:31 | ControlFlowNode for request | django_tests.py:6:21:6:31 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| django_tests.py:4:25:4:31 | ControlFlowNode for request | django_tests.py:7:21:7:31 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| django_tests.py:6:21:6:31 | ControlFlowNode for Attribute | django_tests.py:6:21:6:43 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| django_tests.py:7:21:7:31 | ControlFlowNode for Attribute | django_tests.py:7:21:7:44 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| django_tests.py:11:26:11:32 | ControlFlowNode for request | django_tests.py:13:33:13:43 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| django_tests.py:11:26:11:32 | ControlFlowNode for request | django_tests.py:13:59:13:69 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| django_tests.py:13:33:13:43 | ControlFlowNode for Attribute | django_tests.py:13:33:13:55 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| django_tests.py:13:33:13:55 | ControlFlowNode for Attribute() | django_tests.py:13:30:13:100 | ControlFlowNode for Fstring | provenance | |
|
||||
| django_tests.py:13:59:13:69 | ControlFlowNode for Attribute | django_tests.py:13:59:13:82 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| django_tests.py:13:59:13:82 | ControlFlowNode for Attribute() | django_tests.py:13:30:13:100 | ControlFlowNode for Fstring | provenance | |
|
||||
| django_tests.py:4:25:4:31 | request | django_tests.py:6:21:6:31 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| django_tests.py:4:25:4:31 | request | django_tests.py:7:21:7:31 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| django_tests.py:6:21:6:31 | After Attribute | django_tests.py:6:21:6:43 | After Attribute() | provenance | dict.get |
|
||||
| django_tests.py:7:21:7:31 | After Attribute | django_tests.py:7:21:7:44 | After Attribute() | provenance | dict.get |
|
||||
| django_tests.py:11:26:11:32 | request | django_tests.py:13:33:13:43 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| django_tests.py:11:26:11:32 | request | django_tests.py:13:59:13:69 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| django_tests.py:13:33:13:43 | After Attribute | django_tests.py:13:33:13:55 | After Attribute() | provenance | dict.get |
|
||||
| django_tests.py:13:33:13:55 | After Attribute() | django_tests.py:13:30:13:100 | After Fstring | provenance | |
|
||||
| django_tests.py:13:59:13:69 | After Attribute | django_tests.py:13:59:13:82 | After Attribute() | provenance | dict.get |
|
||||
| django_tests.py:13:59:13:82 | After Attribute() | django_tests.py:13:30:13:100 | After Fstring | provenance | |
|
||||
nodes
|
||||
| django_tests.py:4:25:4:31 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| django_tests.py:6:21:6:31 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| django_tests.py:6:21:6:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| django_tests.py:7:21:7:31 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| django_tests.py:7:21:7:44 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| django_tests.py:11:26:11:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| django_tests.py:13:30:13:100 | ControlFlowNode for Fstring | semmle.label | ControlFlowNode for Fstring |
|
||||
| django_tests.py:13:33:13:43 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| django_tests.py:13:33:13:55 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| django_tests.py:13:59:13:69 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| django_tests.py:13:59:13:82 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| django_tests.py:4:25:4:31 | request | semmle.label | request |
|
||||
| django_tests.py:6:21:6:31 | After Attribute | semmle.label | After Attribute |
|
||||
| django_tests.py:6:21:6:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| django_tests.py:7:21:7:31 | After Attribute | semmle.label | After Attribute |
|
||||
| django_tests.py:7:21:7:44 | After Attribute() | semmle.label | After Attribute() |
|
||||
| django_tests.py:11:26:11:32 | request | semmle.label | request |
|
||||
| django_tests.py:13:30:13:100 | After Fstring | semmle.label | After Fstring |
|
||||
| django_tests.py:13:33:13:43 | After Attribute | semmle.label | After Attribute |
|
||||
| django_tests.py:13:33:13:55 | After Attribute() | semmle.label | After Attribute() |
|
||||
| django_tests.py:13:59:13:69 | After Attribute | semmle.label | After Attribute |
|
||||
| django_tests.py:13:59:13:82 | After Attribute() | semmle.label | After Attribute() |
|
||||
subpaths
|
||||
#select
|
||||
| django_tests.py:6:21:6:43 | ControlFlowNode for Attribute() | django_tests.py:4:25:4:31 | ControlFlowNode for request | django_tests.py:6:21:6:43 | ControlFlowNode for Attribute() | Cookie is constructed from a $@. | django_tests.py:4:25:4:31 | ControlFlowNode for request | user-supplied input |
|
||||
| django_tests.py:7:21:7:44 | ControlFlowNode for Attribute() | django_tests.py:4:25:4:31 | ControlFlowNode for request | django_tests.py:7:21:7:44 | ControlFlowNode for Attribute() | Cookie is constructed from a $@. | django_tests.py:4:25:4:31 | ControlFlowNode for request | user-supplied input |
|
||||
| django_tests.py:13:30:13:100 | ControlFlowNode for Fstring | django_tests.py:11:26:11:32 | ControlFlowNode for request | django_tests.py:13:30:13:100 | ControlFlowNode for Fstring | Cookie is constructed from a $@. | django_tests.py:11:26:11:32 | ControlFlowNode for request | user-supplied input |
|
||||
| django_tests.py:6:21:6:43 | After Attribute() | django_tests.py:4:25:4:31 | request | django_tests.py:6:21:6:43 | After Attribute() | Cookie is constructed from a $@. | django_tests.py:4:25:4:31 | request | user-supplied input |
|
||||
| django_tests.py:7:21:7:44 | After Attribute() | django_tests.py:4:25:4:31 | request | django_tests.py:7:21:7:44 | After Attribute() | Cookie is constructed from a $@. | django_tests.py:4:25:4:31 | request | user-supplied input |
|
||||
| django_tests.py:13:30:13:100 | After Fstring | django_tests.py:11:26:11:32 | request | django_tests.py:13:30:13:100 | After Fstring | Cookie is constructed from a $@. | django_tests.py:11:26:11:32 | request | user-supplied input |
|
||||
|
||||
@@ -1,75 +1,75 @@
|
||||
edges
|
||||
| test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:5:26:5:32 | ControlFlowNode for request | provenance | |
|
||||
| test.py:5:26:5:32 | ControlFlowNode for request | test.py:13:16:13:22 | ControlFlowNode for request | provenance | |
|
||||
| test.py:5:26:5:32 | ControlFlowNode for request | test.py:23:16:23:22 | ControlFlowNode for request | provenance | |
|
||||
| test.py:5:26:5:32 | ControlFlowNode for request | test.py:34:12:34:18 | ControlFlowNode for request | provenance | |
|
||||
| test.py:5:26:5:32 | ControlFlowNode for request | test.py:42:12:42:18 | ControlFlowNode for request | provenance | |
|
||||
| test.py:5:26:5:32 | ControlFlowNode for request | test.py:54:12:54:18 | ControlFlowNode for request | provenance | |
|
||||
| test.py:13:5:13:12 | ControlFlowNode for data_raw | test.py:14:5:14:8 | ControlFlowNode for data | provenance | Decoding-Base64 |
|
||||
| test.py:13:16:13:22 | ControlFlowNode for request | test.py:13:16:13:27 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:13:16:13:27 | ControlFlowNode for Attribute | test.py:13:16:13:39 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:13:16:13:39 | ControlFlowNode for Attribute() | test.py:13:5:13:12 | ControlFlowNode for data_raw | provenance | |
|
||||
| test.py:14:5:14:8 | ControlFlowNode for data | test.py:15:36:15:39 | ControlFlowNode for data | provenance | |
|
||||
| test.py:23:5:23:12 | ControlFlowNode for data_raw | test.py:24:5:24:8 | ControlFlowNode for data | provenance | Decoding-Base64 |
|
||||
| test.py:23:16:23:22 | ControlFlowNode for request | test.py:23:16:23:27 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:23:16:23:27 | ControlFlowNode for Attribute | test.py:23:16:23:39 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:23:16:23:39 | ControlFlowNode for Attribute() | test.py:23:5:23:12 | ControlFlowNode for data_raw | provenance | |
|
||||
| test.py:24:5:24:8 | ControlFlowNode for data | test.py:25:44:25:47 | ControlFlowNode for data | provenance | |
|
||||
| test.py:34:5:34:8 | ControlFlowNode for data | test.py:35:10:35:13 | ControlFlowNode for data | provenance | |
|
||||
| test.py:34:5:34:8 | ControlFlowNode for data | test.py:36:13:36:16 | ControlFlowNode for data | provenance | |
|
||||
| test.py:34:12:34:18 | ControlFlowNode for request | test.py:34:12:34:23 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:34:12:34:23 | ControlFlowNode for Attribute | test.py:34:12:34:35 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:34:12:34:35 | ControlFlowNode for Attribute() | test.py:34:5:34:8 | ControlFlowNode for data | provenance | |
|
||||
| test.py:42:5:42:8 | ControlFlowNode for data | test.py:43:22:43:25 | ControlFlowNode for data | provenance | |
|
||||
| test.py:42:5:42:8 | ControlFlowNode for data | test.py:44:25:44:28 | ControlFlowNode for data | provenance | |
|
||||
| test.py:42:12:42:18 | ControlFlowNode for request | test.py:42:12:42:23 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:42:12:42:23 | ControlFlowNode for Attribute | test.py:42:12:42:35 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:42:12:42:35 | ControlFlowNode for Attribute() | test.py:42:5:42:8 | ControlFlowNode for data | provenance | |
|
||||
| test.py:47:17:47:19 | ControlFlowNode for arg | test.py:50:32:50:34 | ControlFlowNode for arg | provenance | |
|
||||
| test.py:54:5:54:8 | ControlFlowNode for data | test.py:55:17:55:20 | ControlFlowNode for data | provenance | |
|
||||
| test.py:54:12:54:18 | ControlFlowNode for request | test.py:54:12:54:23 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:54:12:54:23 | ControlFlowNode for Attribute | test.py:54:12:54:35 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:54:12:54:35 | ControlFlowNode for Attribute() | test.py:54:5:54:8 | ControlFlowNode for data | provenance | |
|
||||
| test.py:55:17:55:20 | ControlFlowNode for data | test.py:47:17:47:19 | ControlFlowNode for arg | provenance | |
|
||||
| test.py:5:26:5:32 | After ImportMember | test.py:5:26:5:32 | request | provenance | |
|
||||
| test.py:5:26:5:32 | request | test.py:13:16:13:22 | request | provenance | |
|
||||
| test.py:5:26:5:32 | request | test.py:23:16:23:22 | request | provenance | |
|
||||
| test.py:5:26:5:32 | request | test.py:34:12:34:18 | request | provenance | |
|
||||
| test.py:5:26:5:32 | request | test.py:42:12:42:18 | request | provenance | |
|
||||
| test.py:5:26:5:32 | request | test.py:54:12:54:18 | request | provenance | |
|
||||
| test.py:13:5:13:12 | data_raw | test.py:14:5:14:8 | data | provenance | Decoding-Base64 |
|
||||
| test.py:13:16:13:22 | request | test.py:13:16:13:27 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:13:16:13:27 | After Attribute | test.py:13:16:13:39 | After Attribute() | provenance | dict.get |
|
||||
| test.py:13:16:13:39 | After Attribute() | test.py:13:5:13:12 | data_raw | provenance | |
|
||||
| test.py:14:5:14:8 | data | test.py:15:36:15:39 | data | provenance | |
|
||||
| test.py:23:5:23:12 | data_raw | test.py:24:5:24:8 | data | provenance | Decoding-Base64 |
|
||||
| test.py:23:16:23:22 | request | test.py:23:16:23:27 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:23:16:23:27 | After Attribute | test.py:23:16:23:39 | After Attribute() | provenance | dict.get |
|
||||
| test.py:23:16:23:39 | After Attribute() | test.py:23:5:23:12 | data_raw | provenance | |
|
||||
| test.py:24:5:24:8 | data | test.py:25:44:25:47 | data | provenance | |
|
||||
| test.py:34:5:34:8 | data | test.py:35:10:35:13 | data | provenance | |
|
||||
| test.py:34:5:34:8 | data | test.py:36:13:36:16 | data | provenance | |
|
||||
| test.py:34:12:34:18 | request | test.py:34:12:34:23 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:34:12:34:23 | After Attribute | test.py:34:12:34:35 | After Attribute() | provenance | dict.get |
|
||||
| test.py:34:12:34:35 | After Attribute() | test.py:34:5:34:8 | data | provenance | |
|
||||
| test.py:42:5:42:8 | data | test.py:43:22:43:25 | data | provenance | |
|
||||
| test.py:42:5:42:8 | data | test.py:44:25:44:28 | data | provenance | |
|
||||
| test.py:42:12:42:18 | request | test.py:42:12:42:23 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:42:12:42:23 | After Attribute | test.py:42:12:42:35 | After Attribute() | provenance | dict.get |
|
||||
| test.py:42:12:42:35 | After Attribute() | test.py:42:5:42:8 | data | provenance | |
|
||||
| test.py:47:17:47:19 | arg | test.py:50:32:50:34 | arg | provenance | |
|
||||
| test.py:54:5:54:8 | data | test.py:55:17:55:20 | data | provenance | |
|
||||
| test.py:54:12:54:18 | request | test.py:54:12:54:23 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:54:12:54:23 | After Attribute | test.py:54:12:54:35 | After Attribute() | provenance | dict.get |
|
||||
| test.py:54:12:54:35 | After Attribute() | test.py:54:5:54:8 | data | provenance | |
|
||||
| test.py:55:17:55:20 | data | test.py:47:17:47:19 | arg | provenance | |
|
||||
nodes
|
||||
| test.py:5:26:5:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| test.py:5:26:5:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:13:5:13:12 | ControlFlowNode for data_raw | semmle.label | ControlFlowNode for data_raw |
|
||||
| test.py:13:16:13:22 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:13:16:13:27 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:13:16:13:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:14:5:14:8 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| test.py:15:36:15:39 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| test.py:23:5:23:12 | ControlFlowNode for data_raw | semmle.label | ControlFlowNode for data_raw |
|
||||
| test.py:23:16:23:22 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:23:16:23:27 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:23:16:23:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:24:5:24:8 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| test.py:25:44:25:47 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| test.py:34:5:34:8 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| test.py:34:12:34:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:34:12:34:23 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:34:12:34:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:35:10:35:13 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| test.py:36:13:36:16 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| test.py:42:5:42:8 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| test.py:42:12:42:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:42:12:42:23 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:42:12:42:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:43:22:43:25 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| test.py:44:25:44:28 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| test.py:47:17:47:19 | ControlFlowNode for arg | semmle.label | ControlFlowNode for arg |
|
||||
| test.py:50:32:50:34 | ControlFlowNode for arg | semmle.label | ControlFlowNode for arg |
|
||||
| test.py:54:5:54:8 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| test.py:54:12:54:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:54:12:54:23 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:54:12:54:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:55:17:55:20 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| test.py:5:26:5:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| test.py:5:26:5:32 | request | semmle.label | request |
|
||||
| test.py:13:5:13:12 | data_raw | semmle.label | data_raw |
|
||||
| test.py:13:16:13:22 | request | semmle.label | request |
|
||||
| test.py:13:16:13:27 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:13:16:13:39 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:14:5:14:8 | data | semmle.label | data |
|
||||
| test.py:15:36:15:39 | data | semmle.label | data |
|
||||
| test.py:23:5:23:12 | data_raw | semmle.label | data_raw |
|
||||
| test.py:23:16:23:22 | request | semmle.label | request |
|
||||
| test.py:23:16:23:27 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:23:16:23:39 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:24:5:24:8 | data | semmle.label | data |
|
||||
| test.py:25:44:25:47 | data | semmle.label | data |
|
||||
| test.py:34:5:34:8 | data | semmle.label | data |
|
||||
| test.py:34:12:34:18 | request | semmle.label | request |
|
||||
| test.py:34:12:34:23 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:34:12:34:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:35:10:35:13 | data | semmle.label | data |
|
||||
| test.py:36:13:36:16 | data | semmle.label | data |
|
||||
| test.py:42:5:42:8 | data | semmle.label | data |
|
||||
| test.py:42:12:42:18 | request | semmle.label | request |
|
||||
| test.py:42:12:42:23 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:42:12:42:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:43:22:43:25 | data | semmle.label | data |
|
||||
| test.py:44:25:44:28 | data | semmle.label | data |
|
||||
| test.py:47:17:47:19 | arg | semmle.label | arg |
|
||||
| test.py:50:32:50:34 | arg | semmle.label | arg |
|
||||
| test.py:54:5:54:8 | data | semmle.label | data |
|
||||
| test.py:54:12:54:18 | request | semmle.label | request |
|
||||
| test.py:54:12:54:23 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:54:12:54:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:55:17:55:20 | data | semmle.label | data |
|
||||
subpaths
|
||||
#select
|
||||
| test.py:15:36:15:39 | ControlFlowNode for data | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:15:36:15:39 | ControlFlowNode for data | Call to hmac.new [position 1] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember |
|
||||
| test.py:25:44:25:47 | ControlFlowNode for data | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:25:44:25:47 | ControlFlowNode for data | Call to hmac.new [keyword msg] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember |
|
||||
| test.py:35:10:35:13 | ControlFlowNode for data | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:35:10:35:13 | ControlFlowNode for data | Call to unknown.lib.func [position 0] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember |
|
||||
| test.py:36:13:36:16 | ControlFlowNode for data | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:36:13:36:16 | ControlFlowNode for data | Call to unknown.lib.func [keyword kw] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember |
|
||||
| test.py:43:22:43:25 | ControlFlowNode for data | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:43:22:43:25 | ControlFlowNode for data | Call to unknown.lib.func [position 0] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember |
|
||||
| test.py:44:25:44:28 | ControlFlowNode for data | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:44:25:44:28 | ControlFlowNode for data | Call to unknown.lib.func [keyword kw] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember |
|
||||
| test.py:15:36:15:39 | data | test.py:5:26:5:32 | After ImportMember | test.py:15:36:15:39 | data | Call to hmac.new [position 1] with untrusted data from $@. | test.py:5:26:5:32 | After ImportMember | After ImportMember |
|
||||
| test.py:25:44:25:47 | data | test.py:5:26:5:32 | After ImportMember | test.py:25:44:25:47 | data | Call to hmac.new [keyword msg] with untrusted data from $@. | test.py:5:26:5:32 | After ImportMember | After ImportMember |
|
||||
| test.py:35:10:35:13 | data | test.py:5:26:5:32 | After ImportMember | test.py:35:10:35:13 | data | Call to unknown.lib.func [position 0] with untrusted data from $@. | test.py:5:26:5:32 | After ImportMember | After ImportMember |
|
||||
| test.py:36:13:36:16 | data | test.py:5:26:5:32 | After ImportMember | test.py:36:13:36:16 | data | Call to unknown.lib.func [keyword kw] with untrusted data from $@. | test.py:5:26:5:32 | After ImportMember | After ImportMember |
|
||||
| test.py:43:22:43:25 | data | test.py:5:26:5:32 | After ImportMember | test.py:43:22:43:25 | data | Call to unknown.lib.func [position 0] with untrusted data from $@. | test.py:5:26:5:32 | After ImportMember | After ImportMember |
|
||||
| test.py:44:25:44:28 | data | test.py:5:26:5:32 | After ImportMember | test.py:44:25:44:28 | data | Call to unknown.lib.func [keyword kw] with untrusted data from $@. | test.py:5:26:5:32 | After ImportMember | After ImportMember |
|
||||
|
||||
@@ -1 +1 @@
|
||||
| hosttest.py:6:28:6:50 | (www\|beta).example.com/ | This regular expression has an unescaped '.' before 'example.com/', so it might match more hosts than expected. | hosttest.py:6:27:6:51 | ControlFlowNode for StringLiteral | here |
|
||||
| hosttest.py:6:28:6:50 | (www\|beta).example.com/ | This regular expression has an unescaped '.' before 'example.com/', so it might match more hosts than expected. | hosttest.py:6:27:6:51 | StringLiteral | here |
|
||||
|
||||
@@ -1,16 +1,16 @@
|
||||
edges
|
||||
| JinjaSsti.py:7:7:7:13 | ControlFlowNode for request | JinjaSsti.py:9:5:9:12 | ControlFlowNode for template | provenance | AdditionalTaintStep |
|
||||
| JinjaSsti.py:9:5:9:12 | ControlFlowNode for template | JinjaSsti.py:10:18:10:25 | ControlFlowNode for template | provenance | |
|
||||
| JinjaSsti.py:16:7:16:13 | ControlFlowNode for request | JinjaSsti.py:19:5:19:12 | ControlFlowNode for template | provenance | AdditionalTaintStep |
|
||||
| JinjaSsti.py:19:5:19:12 | ControlFlowNode for template | JinjaSsti.py:21:25:21:32 | ControlFlowNode for template | provenance | |
|
||||
| JinjaSsti.py:7:7:7:13 | request | JinjaSsti.py:9:5:9:12 | template | provenance | AdditionalTaintStep |
|
||||
| JinjaSsti.py:9:5:9:12 | template | JinjaSsti.py:10:18:10:25 | template | provenance | |
|
||||
| JinjaSsti.py:16:7:16:13 | request | JinjaSsti.py:19:5:19:12 | template | provenance | AdditionalTaintStep |
|
||||
| JinjaSsti.py:19:5:19:12 | template | JinjaSsti.py:21:25:21:32 | template | provenance | |
|
||||
nodes
|
||||
| JinjaSsti.py:7:7:7:13 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| JinjaSsti.py:9:5:9:12 | ControlFlowNode for template | semmle.label | ControlFlowNode for template |
|
||||
| JinjaSsti.py:10:18:10:25 | ControlFlowNode for template | semmle.label | ControlFlowNode for template |
|
||||
| JinjaSsti.py:16:7:16:13 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| JinjaSsti.py:19:5:19:12 | ControlFlowNode for template | semmle.label | ControlFlowNode for template |
|
||||
| JinjaSsti.py:21:25:21:32 | ControlFlowNode for template | semmle.label | ControlFlowNode for template |
|
||||
| JinjaSsti.py:7:7:7:13 | request | semmle.label | request |
|
||||
| JinjaSsti.py:9:5:9:12 | template | semmle.label | template |
|
||||
| JinjaSsti.py:10:18:10:25 | template | semmle.label | template |
|
||||
| JinjaSsti.py:16:7:16:13 | request | semmle.label | request |
|
||||
| JinjaSsti.py:19:5:19:12 | template | semmle.label | template |
|
||||
| JinjaSsti.py:21:25:21:32 | template | semmle.label | template |
|
||||
subpaths
|
||||
#select
|
||||
| JinjaSsti.py:10:18:10:25 | ControlFlowNode for template | JinjaSsti.py:7:7:7:13 | ControlFlowNode for request | JinjaSsti.py:10:18:10:25 | ControlFlowNode for template | This template construction depends on a $@. | JinjaSsti.py:7:7:7:13 | ControlFlowNode for request | user-provided value |
|
||||
| JinjaSsti.py:21:25:21:32 | ControlFlowNode for template | JinjaSsti.py:16:7:16:13 | ControlFlowNode for request | JinjaSsti.py:21:25:21:32 | ControlFlowNode for template | This template construction depends on a $@. | JinjaSsti.py:16:7:16:13 | ControlFlowNode for request | user-provided value |
|
||||
| JinjaSsti.py:10:18:10:25 | template | JinjaSsti.py:7:7:7:13 | request | JinjaSsti.py:10:18:10:25 | template | This template construction depends on a $@. | JinjaSsti.py:7:7:7:13 | request | user-provided value |
|
||||
| JinjaSsti.py:21:25:21:32 | template | JinjaSsti.py:16:7:16:13 | request | JinjaSsti.py:21:25:21:32 | template | This template construction depends on a $@. | JinjaSsti.py:16:7:16:13 | request | user-provided value |
|
||||
|
||||
@@ -1,42 +1,42 @@
|
||||
edges
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:5:26:5:32 | ControlFlowNode for request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for request | command_injection.py:18:13:18:19 | ControlFlowNode for request | provenance | |
|
||||
| command_injection.py:18:5:18:9 | ControlFlowNode for files | command_injection.py:19:15:19:27 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | ControlFlowNode for files | command_injection.py:20:15:20:27 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | ControlFlowNode for files | command_injection.py:21:15:21:27 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | ControlFlowNode for files | command_injection.py:23:20:23:32 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | ControlFlowNode for files | command_injection.py:25:19:25:31 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | ControlFlowNode for files | command_injection.py:26:19:26:31 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | ControlFlowNode for files | command_injection.py:27:19:27:31 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | ControlFlowNode for files | command_injection.py:28:19:28:31 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | ControlFlowNode for files | command_injection.py:29:19:29:31 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:18:13:18:19 | ControlFlowNode for request | command_injection.py:18:13:18:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:18:13:18:24 | ControlFlowNode for Attribute | command_injection.py:18:13:18:41 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| command_injection.py:18:13:18:41 | ControlFlowNode for Attribute() | command_injection.py:18:5:18:9 | ControlFlowNode for files | provenance | |
|
||||
| command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:5:26:5:32 | request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | request | command_injection.py:18:13:18:19 | request | provenance | |
|
||||
| command_injection.py:18:5:18:9 | files | command_injection.py:19:15:19:27 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | files | command_injection.py:20:15:20:27 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | files | command_injection.py:21:15:21:27 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | files | command_injection.py:23:20:23:32 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | files | command_injection.py:25:19:25:31 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | files | command_injection.py:26:19:26:31 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | files | command_injection.py:27:19:27:31 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | files | command_injection.py:28:19:28:31 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:18:5:18:9 | files | command_injection.py:29:19:29:31 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:18:13:18:19 | request | command_injection.py:18:13:18:24 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:18:13:18:24 | After Attribute | command_injection.py:18:13:18:41 | After Attribute() | provenance | dict.get |
|
||||
| command_injection.py:18:13:18:41 | After Attribute() | command_injection.py:18:5:18:9 | files | provenance | |
|
||||
nodes
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| command_injection.py:18:5:18:9 | ControlFlowNode for files | semmle.label | ControlFlowNode for files |
|
||||
| command_injection.py:18:13:18:19 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| command_injection.py:18:13:18:24 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| command_injection.py:18:13:18:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| command_injection.py:19:15:19:27 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:20:15:20:27 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:21:15:21:27 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:23:20:23:32 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:25:19:25:31 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:26:19:26:31 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:27:19:27:31 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:28:19:28:31 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:29:19:29:31 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:5:26:5:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| command_injection.py:5:26:5:32 | request | semmle.label | request |
|
||||
| command_injection.py:18:5:18:9 | files | semmle.label | files |
|
||||
| command_injection.py:18:13:18:19 | request | semmle.label | request |
|
||||
| command_injection.py:18:13:18:24 | After Attribute | semmle.label | After Attribute |
|
||||
| command_injection.py:18:13:18:41 | After Attribute() | semmle.label | After Attribute() |
|
||||
| command_injection.py:19:15:19:27 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| command_injection.py:20:15:20:27 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| command_injection.py:21:15:21:27 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| command_injection.py:23:20:23:32 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| command_injection.py:25:19:25:31 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| command_injection.py:26:19:26:31 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| command_injection.py:27:19:27:31 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| command_injection.py:28:19:28:31 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| command_injection.py:29:19:29:31 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
subpaths
|
||||
#select
|
||||
| command_injection.py:19:15:19:27 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:19:15:19:27 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:20:15:20:27 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:20:15:20:27 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:21:15:21:27 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:21:15:21:27 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:23:20:23:32 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:23:20:23:32 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:25:19:25:31 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:25:19:25:31 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:26:19:26:31 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:26:19:26:31 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:27:19:27:31 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:27:19:27:31 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:28:19:28:31 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:28:19:28:31 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:29:19:29:31 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:29:19:29:31 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:19:15:19:27 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:19:15:19:27 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:20:15:20:27 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:20:15:20:27 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:21:15:21:27 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:21:15:21:27 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:23:20:23:32 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:23:20:23:32 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:25:19:25:31 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:25:19:25:31 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:26:19:26:31 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:26:19:26:31 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:27:19:27:31 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:27:19:27:31 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:28:19:28:31 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:28:19:28:31 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:29:19:29:31 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:29:19:29:31 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
|
||||
@@ -1,110 +1,110 @@
|
||||
edges
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:5:26:5:32 | ControlFlowNode for request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for request | command_injection.py:11:13:11:19 | ControlFlowNode for request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for request | command_injection.py:18:13:18:19 | ControlFlowNode for request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for request | command_injection.py:25:11:25:17 | ControlFlowNode for request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for request | command_injection.py:31:13:31:19 | ControlFlowNode for request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for request | command_injection.py:38:15:38:21 | ControlFlowNode for request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for request | command_injection.py:54:15:54:21 | ControlFlowNode for request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for request | command_injection.py:71:12:71:18 | ControlFlowNode for request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for request | command_injection.py:78:12:78:18 | ControlFlowNode for request | provenance | |
|
||||
| command_injection.py:11:5:11:9 | ControlFlowNode for files | command_injection.py:13:15:13:27 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:11:13:11:19 | ControlFlowNode for request | command_injection.py:11:13:11:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:11:13:11:24 | ControlFlowNode for Attribute | command_injection.py:11:13:11:41 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| command_injection.py:11:13:11:41 | ControlFlowNode for Attribute() | command_injection.py:11:5:11:9 | ControlFlowNode for files | provenance | |
|
||||
| command_injection.py:18:5:18:9 | ControlFlowNode for files | command_injection.py:20:22:20:34 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:18:13:18:19 | ControlFlowNode for request | command_injection.py:18:13:18:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:18:13:18:24 | ControlFlowNode for Attribute | command_injection.py:18:13:18:41 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| command_injection.py:18:13:18:41 | ControlFlowNode for Attribute() | command_injection.py:18:5:18:9 | ControlFlowNode for files | provenance | |
|
||||
| command_injection.py:25:5:25:7 | ControlFlowNode for cmd | command_injection.py:26:23:26:25 | ControlFlowNode for cmd | provenance | |
|
||||
| command_injection.py:25:11:25:17 | ControlFlowNode for request | command_injection.py:25:11:25:22 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:25:11:25:22 | ControlFlowNode for Attribute | command_injection.py:25:11:25:37 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| command_injection.py:25:11:25:37 | ControlFlowNode for Attribute() | command_injection.py:25:5:25:7 | ControlFlowNode for cmd | provenance | |
|
||||
| command_injection.py:31:5:31:9 | ControlFlowNode for files | command_injection.py:33:14:33:26 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:31:13:31:19 | ControlFlowNode for request | command_injection.py:31:13:31:24 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:31:13:31:24 | ControlFlowNode for Attribute | command_injection.py:31:13:31:41 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| command_injection.py:31:13:31:41 | ControlFlowNode for Attribute() | command_injection.py:31:5:31:9 | ControlFlowNode for files | provenance | |
|
||||
| command_injection.py:38:5:38:11 | ControlFlowNode for command | command_injection.py:41:15:41:21 | ControlFlowNode for command | provenance | |
|
||||
| command_injection.py:38:5:38:11 | ControlFlowNode for command | command_injection.py:42:15:42:21 | ControlFlowNode for command | provenance | |
|
||||
| command_injection.py:38:15:38:21 | ControlFlowNode for request | command_injection.py:38:15:38:26 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:38:15:38:26 | ControlFlowNode for Attribute | command_injection.py:38:15:38:45 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| command_injection.py:38:15:38:45 | ControlFlowNode for Attribute() | command_injection.py:38:5:38:11 | ControlFlowNode for command | provenance | |
|
||||
| command_injection.py:54:5:54:11 | ControlFlowNode for command | command_injection.py:55:15:55:21 | ControlFlowNode for command | provenance | |
|
||||
| command_injection.py:54:5:54:11 | ControlFlowNode for command | command_injection.py:56:14:56:20 | ControlFlowNode for command | provenance | |
|
||||
| command_injection.py:54:5:54:11 | ControlFlowNode for command | command_injection.py:57:21:57:27 | ControlFlowNode for command | provenance | |
|
||||
| command_injection.py:54:5:54:11 | ControlFlowNode for command | command_injection.py:58:27:58:33 | ControlFlowNode for command | provenance | |
|
||||
| command_injection.py:54:5:54:11 | ControlFlowNode for command | command_injection.py:59:20:59:26 | ControlFlowNode for command | provenance | |
|
||||
| command_injection.py:54:15:54:21 | ControlFlowNode for request | command_injection.py:54:15:54:26 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:54:15:54:26 | ControlFlowNode for Attribute | command_injection.py:54:15:54:45 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| command_injection.py:54:15:54:45 | ControlFlowNode for Attribute() | command_injection.py:54:5:54:11 | ControlFlowNode for command | provenance | |
|
||||
| command_injection.py:71:5:71:8 | ControlFlowNode for path | command_injection.py:73:19:73:30 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:71:12:71:18 | ControlFlowNode for request | command_injection.py:71:12:71:23 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:71:12:71:23 | ControlFlowNode for Attribute | command_injection.py:71:12:71:39 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| command_injection.py:71:12:71:39 | ControlFlowNode for Attribute() | command_injection.py:71:5:71:8 | ControlFlowNode for path | provenance | |
|
||||
| command_injection.py:78:5:78:8 | ControlFlowNode for path | command_injection.py:80:19:80:30 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| command_injection.py:78:12:78:18 | ControlFlowNode for request | command_injection.py:78:12:78:23 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:78:12:78:23 | ControlFlowNode for Attribute | command_injection.py:78:12:78:39 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| command_injection.py:78:12:78:39 | ControlFlowNode for Attribute() | command_injection.py:78:5:78:8 | ControlFlowNode for path | provenance | |
|
||||
| command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:5:26:5:32 | request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | request | command_injection.py:11:13:11:19 | request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | request | command_injection.py:18:13:18:19 | request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | request | command_injection.py:25:11:25:17 | request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | request | command_injection.py:31:13:31:19 | request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | request | command_injection.py:38:15:38:21 | request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | request | command_injection.py:54:15:54:21 | request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | request | command_injection.py:71:12:71:18 | request | provenance | |
|
||||
| command_injection.py:5:26:5:32 | request | command_injection.py:78:12:78:18 | request | provenance | |
|
||||
| command_injection.py:11:5:11:9 | files | command_injection.py:13:15:13:27 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:11:13:11:19 | request | command_injection.py:11:13:11:24 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:11:13:11:24 | After Attribute | command_injection.py:11:13:11:41 | After Attribute() | provenance | dict.get |
|
||||
| command_injection.py:11:13:11:41 | After Attribute() | command_injection.py:11:5:11:9 | files | provenance | |
|
||||
| command_injection.py:18:5:18:9 | files | command_injection.py:20:22:20:34 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:18:13:18:19 | request | command_injection.py:18:13:18:24 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:18:13:18:24 | After Attribute | command_injection.py:18:13:18:41 | After Attribute() | provenance | dict.get |
|
||||
| command_injection.py:18:13:18:41 | After Attribute() | command_injection.py:18:5:18:9 | files | provenance | |
|
||||
| command_injection.py:25:5:25:7 | cmd | command_injection.py:26:23:26:25 | cmd | provenance | |
|
||||
| command_injection.py:25:11:25:17 | request | command_injection.py:25:11:25:22 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:25:11:25:22 | After Attribute | command_injection.py:25:11:25:37 | After Attribute() | provenance | dict.get |
|
||||
| command_injection.py:25:11:25:37 | After Attribute() | command_injection.py:25:5:25:7 | cmd | provenance | |
|
||||
| command_injection.py:31:5:31:9 | files | command_injection.py:33:14:33:26 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:31:13:31:19 | request | command_injection.py:31:13:31:24 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:31:13:31:24 | After Attribute | command_injection.py:31:13:31:41 | After Attribute() | provenance | dict.get |
|
||||
| command_injection.py:31:13:31:41 | After Attribute() | command_injection.py:31:5:31:9 | files | provenance | |
|
||||
| command_injection.py:38:5:38:11 | command | command_injection.py:41:15:41:21 | command | provenance | |
|
||||
| command_injection.py:38:5:38:11 | command | command_injection.py:42:15:42:21 | command | provenance | |
|
||||
| command_injection.py:38:15:38:21 | request | command_injection.py:38:15:38:26 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:38:15:38:26 | After Attribute | command_injection.py:38:15:38:45 | After Attribute() | provenance | dict.get |
|
||||
| command_injection.py:38:15:38:45 | After Attribute() | command_injection.py:38:5:38:11 | command | provenance | |
|
||||
| command_injection.py:54:5:54:11 | command | command_injection.py:55:15:55:21 | command | provenance | |
|
||||
| command_injection.py:54:5:54:11 | command | command_injection.py:56:14:56:20 | command | provenance | |
|
||||
| command_injection.py:54:5:54:11 | command | command_injection.py:57:21:57:27 | command | provenance | |
|
||||
| command_injection.py:54:5:54:11 | command | command_injection.py:58:27:58:33 | command | provenance | |
|
||||
| command_injection.py:54:5:54:11 | command | command_injection.py:59:20:59:26 | command | provenance | |
|
||||
| command_injection.py:54:15:54:21 | request | command_injection.py:54:15:54:26 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:54:15:54:26 | After Attribute | command_injection.py:54:15:54:45 | After Attribute() | provenance | dict.get |
|
||||
| command_injection.py:54:15:54:45 | After Attribute() | command_injection.py:54:5:54:11 | command | provenance | |
|
||||
| command_injection.py:71:5:71:8 | path | command_injection.py:73:19:73:30 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:71:12:71:18 | request | command_injection.py:71:12:71:23 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:71:12:71:23 | After Attribute | command_injection.py:71:12:71:39 | After Attribute() | provenance | dict.get |
|
||||
| command_injection.py:71:12:71:39 | After Attribute() | command_injection.py:71:5:71:8 | path | provenance | |
|
||||
| command_injection.py:78:5:78:8 | path | command_injection.py:80:19:80:30 | After BinaryExpr | provenance | |
|
||||
| command_injection.py:78:12:78:18 | request | command_injection.py:78:12:78:23 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| command_injection.py:78:12:78:23 | After Attribute | command_injection.py:78:12:78:39 | After Attribute() | provenance | dict.get |
|
||||
| command_injection.py:78:12:78:39 | After Attribute() | command_injection.py:78:5:78:8 | path | provenance | |
|
||||
nodes
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| command_injection.py:5:26:5:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| command_injection.py:11:5:11:9 | ControlFlowNode for files | semmle.label | ControlFlowNode for files |
|
||||
| command_injection.py:11:13:11:19 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| command_injection.py:11:13:11:24 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| command_injection.py:11:13:11:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| command_injection.py:13:15:13:27 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:18:5:18:9 | ControlFlowNode for files | semmle.label | ControlFlowNode for files |
|
||||
| command_injection.py:18:13:18:19 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| command_injection.py:18:13:18:24 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| command_injection.py:18:13:18:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| command_injection.py:20:22:20:34 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:25:5:25:7 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| command_injection.py:25:11:25:17 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| command_injection.py:25:11:25:22 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| command_injection.py:25:11:25:37 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| command_injection.py:26:23:26:25 | ControlFlowNode for cmd | semmle.label | ControlFlowNode for cmd |
|
||||
| command_injection.py:31:5:31:9 | ControlFlowNode for files | semmle.label | ControlFlowNode for files |
|
||||
| command_injection.py:31:13:31:19 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| command_injection.py:31:13:31:24 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| command_injection.py:31:13:31:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| command_injection.py:33:14:33:26 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:38:5:38:11 | ControlFlowNode for command | semmle.label | ControlFlowNode for command |
|
||||
| command_injection.py:38:15:38:21 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| command_injection.py:38:15:38:26 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| command_injection.py:38:15:38:45 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| command_injection.py:41:15:41:21 | ControlFlowNode for command | semmle.label | ControlFlowNode for command |
|
||||
| command_injection.py:42:15:42:21 | ControlFlowNode for command | semmle.label | ControlFlowNode for command |
|
||||
| command_injection.py:54:5:54:11 | ControlFlowNode for command | semmle.label | ControlFlowNode for command |
|
||||
| command_injection.py:54:15:54:21 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| command_injection.py:54:15:54:26 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| command_injection.py:54:15:54:45 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| command_injection.py:55:15:55:21 | ControlFlowNode for command | semmle.label | ControlFlowNode for command |
|
||||
| command_injection.py:56:14:56:20 | ControlFlowNode for command | semmle.label | ControlFlowNode for command |
|
||||
| command_injection.py:57:21:57:27 | ControlFlowNode for command | semmle.label | ControlFlowNode for command |
|
||||
| command_injection.py:58:27:58:33 | ControlFlowNode for command | semmle.label | ControlFlowNode for command |
|
||||
| command_injection.py:59:20:59:26 | ControlFlowNode for command | semmle.label | ControlFlowNode for command |
|
||||
| command_injection.py:71:5:71:8 | ControlFlowNode for path | semmle.label | ControlFlowNode for path |
|
||||
| command_injection.py:71:12:71:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| command_injection.py:71:12:71:23 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| command_injection.py:71:12:71:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| command_injection.py:73:19:73:30 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:78:5:78:8 | ControlFlowNode for path | semmle.label | ControlFlowNode for path |
|
||||
| command_injection.py:78:12:78:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| command_injection.py:78:12:78:23 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| command_injection.py:78:12:78:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| command_injection.py:80:19:80:30 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| command_injection.py:5:26:5:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| command_injection.py:5:26:5:32 | request | semmle.label | request |
|
||||
| command_injection.py:11:5:11:9 | files | semmle.label | files |
|
||||
| command_injection.py:11:13:11:19 | request | semmle.label | request |
|
||||
| command_injection.py:11:13:11:24 | After Attribute | semmle.label | After Attribute |
|
||||
| command_injection.py:11:13:11:41 | After Attribute() | semmle.label | After Attribute() |
|
||||
| command_injection.py:13:15:13:27 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| command_injection.py:18:5:18:9 | files | semmle.label | files |
|
||||
| command_injection.py:18:13:18:19 | request | semmle.label | request |
|
||||
| command_injection.py:18:13:18:24 | After Attribute | semmle.label | After Attribute |
|
||||
| command_injection.py:18:13:18:41 | After Attribute() | semmle.label | After Attribute() |
|
||||
| command_injection.py:20:22:20:34 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| command_injection.py:25:5:25:7 | cmd | semmle.label | cmd |
|
||||
| command_injection.py:25:11:25:17 | request | semmle.label | request |
|
||||
| command_injection.py:25:11:25:22 | After Attribute | semmle.label | After Attribute |
|
||||
| command_injection.py:25:11:25:37 | After Attribute() | semmle.label | After Attribute() |
|
||||
| command_injection.py:26:23:26:25 | cmd | semmle.label | cmd |
|
||||
| command_injection.py:31:5:31:9 | files | semmle.label | files |
|
||||
| command_injection.py:31:13:31:19 | request | semmle.label | request |
|
||||
| command_injection.py:31:13:31:24 | After Attribute | semmle.label | After Attribute |
|
||||
| command_injection.py:31:13:31:41 | After Attribute() | semmle.label | After Attribute() |
|
||||
| command_injection.py:33:14:33:26 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| command_injection.py:38:5:38:11 | command | semmle.label | command |
|
||||
| command_injection.py:38:15:38:21 | request | semmle.label | request |
|
||||
| command_injection.py:38:15:38:26 | After Attribute | semmle.label | After Attribute |
|
||||
| command_injection.py:38:15:38:45 | After Attribute() | semmle.label | After Attribute() |
|
||||
| command_injection.py:41:15:41:21 | command | semmle.label | command |
|
||||
| command_injection.py:42:15:42:21 | command | semmle.label | command |
|
||||
| command_injection.py:54:5:54:11 | command | semmle.label | command |
|
||||
| command_injection.py:54:15:54:21 | request | semmle.label | request |
|
||||
| command_injection.py:54:15:54:26 | After Attribute | semmle.label | After Attribute |
|
||||
| command_injection.py:54:15:54:45 | After Attribute() | semmle.label | After Attribute() |
|
||||
| command_injection.py:55:15:55:21 | command | semmle.label | command |
|
||||
| command_injection.py:56:14:56:20 | command | semmle.label | command |
|
||||
| command_injection.py:57:21:57:27 | command | semmle.label | command |
|
||||
| command_injection.py:58:27:58:33 | command | semmle.label | command |
|
||||
| command_injection.py:59:20:59:26 | command | semmle.label | command |
|
||||
| command_injection.py:71:5:71:8 | path | semmle.label | path |
|
||||
| command_injection.py:71:12:71:18 | request | semmle.label | request |
|
||||
| command_injection.py:71:12:71:23 | After Attribute | semmle.label | After Attribute |
|
||||
| command_injection.py:71:12:71:39 | After Attribute() | semmle.label | After Attribute() |
|
||||
| command_injection.py:73:19:73:30 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| command_injection.py:78:5:78:8 | path | semmle.label | path |
|
||||
| command_injection.py:78:12:78:18 | request | semmle.label | request |
|
||||
| command_injection.py:78:12:78:23 | After Attribute | semmle.label | After Attribute |
|
||||
| command_injection.py:78:12:78:39 | After Attribute() | semmle.label | After Attribute() |
|
||||
| command_injection.py:80:19:80:30 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
subpaths
|
||||
#select
|
||||
| command_injection.py:13:15:13:27 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:13:15:13:27 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:20:22:20:34 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:20:22:20:34 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:26:23:26:25 | ControlFlowNode for cmd | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:26:23:26:25 | ControlFlowNode for cmd | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:33:14:33:26 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:33:14:33:26 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:41:15:41:21 | ControlFlowNode for command | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:41:15:41:21 | ControlFlowNode for command | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:42:15:42:21 | ControlFlowNode for command | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:42:15:42:21 | ControlFlowNode for command | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:55:15:55:21 | ControlFlowNode for command | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:55:15:55:21 | ControlFlowNode for command | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:56:14:56:20 | ControlFlowNode for command | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:56:14:56:20 | ControlFlowNode for command | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:57:21:57:27 | ControlFlowNode for command | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:57:21:57:27 | ControlFlowNode for command | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:58:27:58:33 | ControlFlowNode for command | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:58:27:58:33 | ControlFlowNode for command | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:59:20:59:26 | ControlFlowNode for command | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:59:20:59:26 | ControlFlowNode for command | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:73:19:73:30 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:73:19:73:30 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:80:19:80:30 | ControlFlowNode for BinaryExpr | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | command_injection.py:80:19:80:30 | ControlFlowNode for BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| command_injection.py:13:15:13:27 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:13:15:13:27 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:20:22:20:34 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:20:22:20:34 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:26:23:26:25 | cmd | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:26:23:26:25 | cmd | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:33:14:33:26 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:33:14:33:26 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:41:15:41:21 | command | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:41:15:41:21 | command | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:42:15:42:21 | command | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:42:15:42:21 | command | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:55:15:55:21 | command | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:55:15:55:21 | command | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:56:14:56:20 | command | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:56:14:56:20 | command | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:57:21:57:27 | command | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:57:21:57:27 | command | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:58:27:58:33 | command | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:58:27:58:33 | command | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:59:20:59:26 | command | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:59:20:59:26 | command | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:73:19:73:30 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:73:19:73:30 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
| command_injection.py:80:19:80:30 | After BinaryExpr | command_injection.py:5:26:5:32 | After ImportMember | command_injection.py:80:19:80:30 | After BinaryExpr | This command line depends on a $@. | command_injection.py:5:26:5:32 | After ImportMember | user-provided value |
|
||||
|
||||
@@ -1,38 +1,38 @@
|
||||
edges
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:5:25:5:28 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:8:23:8:26 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:11:25:11:38 | ControlFlowNode for Attribute() | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:14:25:14:40 | ControlFlowNode for Attribute() | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:17:32:17:35 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:20:27:20:30 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:26:20:26:23 | ControlFlowNode for name | src/unsafe_shell_test.py:29:30:29:33 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:36:22:36:25 | ControlFlowNode for name | src/unsafe_shell_test.py:39:30:39:33 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:36:22:36:25 | ControlFlowNode for name | src/unsafe_shell_test.py:44:20:44:23 | ControlFlowNode for name | provenance | |
|
||||
| src/unsafe_shell_test.py:41:24:41:24 | ControlFlowNode for x | src/unsafe_shell_test.py:42:34:42:34 | ControlFlowNode for x | provenance | |
|
||||
| src/unsafe_shell_test.py:44:20:44:23 | ControlFlowNode for name | src/unsafe_shell_test.py:41:24:41:24 | ControlFlowNode for x | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | name | src/unsafe_shell_test.py:5:25:5:28 | name | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | name | src/unsafe_shell_test.py:8:23:8:26 | name | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | name | src/unsafe_shell_test.py:11:25:11:38 | After Attribute() | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | name | src/unsafe_shell_test.py:14:25:14:40 | After Attribute() | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | name | src/unsafe_shell_test.py:17:32:17:35 | name | provenance | |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | name | src/unsafe_shell_test.py:20:27:20:30 | name | provenance | |
|
||||
| src/unsafe_shell_test.py:26:20:26:23 | name | src/unsafe_shell_test.py:29:30:29:33 | name | provenance | |
|
||||
| src/unsafe_shell_test.py:36:22:36:25 | name | src/unsafe_shell_test.py:39:30:39:33 | name | provenance | |
|
||||
| src/unsafe_shell_test.py:36:22:36:25 | name | src/unsafe_shell_test.py:44:20:44:23 | name | provenance | |
|
||||
| src/unsafe_shell_test.py:41:24:41:24 | x | src/unsafe_shell_test.py:42:34:42:34 | x | provenance | |
|
||||
| src/unsafe_shell_test.py:44:20:44:23 | name | src/unsafe_shell_test.py:41:24:41:24 | x | provenance | |
|
||||
nodes
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:5:25:5:28 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:8:23:8:26 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:11:25:11:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| src/unsafe_shell_test.py:14:25:14:40 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| src/unsafe_shell_test.py:17:32:17:35 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:20:27:20:30 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:26:20:26:23 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:29:30:29:33 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:36:22:36:25 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:39:30:39:33 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:41:24:41:24 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
|
||||
| src/unsafe_shell_test.py:42:34:42:34 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
|
||||
| src/unsafe_shell_test.py:44:20:44:23 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| src/unsafe_shell_test.py:4:22:4:25 | name | semmle.label | name |
|
||||
| src/unsafe_shell_test.py:5:25:5:28 | name | semmle.label | name |
|
||||
| src/unsafe_shell_test.py:8:23:8:26 | name | semmle.label | name |
|
||||
| src/unsafe_shell_test.py:11:25:11:38 | After Attribute() | semmle.label | After Attribute() |
|
||||
| src/unsafe_shell_test.py:14:25:14:40 | After Attribute() | semmle.label | After Attribute() |
|
||||
| src/unsafe_shell_test.py:17:32:17:35 | name | semmle.label | name |
|
||||
| src/unsafe_shell_test.py:20:27:20:30 | name | semmle.label | name |
|
||||
| src/unsafe_shell_test.py:26:20:26:23 | name | semmle.label | name |
|
||||
| src/unsafe_shell_test.py:29:30:29:33 | name | semmle.label | name |
|
||||
| src/unsafe_shell_test.py:36:22:36:25 | name | semmle.label | name |
|
||||
| src/unsafe_shell_test.py:39:30:39:33 | name | semmle.label | name |
|
||||
| src/unsafe_shell_test.py:41:24:41:24 | x | semmle.label | x |
|
||||
| src/unsafe_shell_test.py:42:34:42:34 | x | semmle.label | x |
|
||||
| src/unsafe_shell_test.py:44:20:44:23 | name | semmle.label | name |
|
||||
subpaths
|
||||
#select
|
||||
| src/unsafe_shell_test.py:5:15:5:28 | ControlFlowNode for BinaryExpr | src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:5:25:5:28 | ControlFlowNode for name | This string concatenation which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | library input | src/unsafe_shell_test.py:5:5:5:29 | ControlFlowNode for Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:8:15:8:28 | ControlFlowNode for Fstring | src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:8:23:8:26 | ControlFlowNode for name | This f-string which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | library input | src/unsafe_shell_test.py:8:5:8:29 | ControlFlowNode for Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:11:15:11:38 | ControlFlowNode for BinaryExpr | src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:11:25:11:38 | ControlFlowNode for Attribute() | This string concatenation which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | library input | src/unsafe_shell_test.py:11:5:11:39 | ControlFlowNode for Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:14:15:14:40 | ControlFlowNode for BinaryExpr | src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:14:25:14:40 | ControlFlowNode for Attribute() | This string concatenation which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | library input | src/unsafe_shell_test.py:14:5:14:41 | ControlFlowNode for Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:17:15:17:36 | ControlFlowNode for Attribute() | src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:17:32:17:35 | ControlFlowNode for name | This formatted string which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | library input | src/unsafe_shell_test.py:17:5:17:37 | ControlFlowNode for Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:20:15:20:30 | ControlFlowNode for BinaryExpr | src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | src/unsafe_shell_test.py:20:27:20:30 | ControlFlowNode for name | This formatted string which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:4:22:4:25 | ControlFlowNode for name | library input | src/unsafe_shell_test.py:20:5:20:31 | ControlFlowNode for Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:29:20:29:33 | ControlFlowNode for BinaryExpr | src/unsafe_shell_test.py:26:20:26:23 | ControlFlowNode for name | src/unsafe_shell_test.py:29:30:29:33 | ControlFlowNode for name | This string concatenation which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:26:20:26:23 | ControlFlowNode for name | library input | src/unsafe_shell_test.py:29:5:29:46 | ControlFlowNode for Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:39:20:39:33 | ControlFlowNode for BinaryExpr | src/unsafe_shell_test.py:36:22:36:25 | ControlFlowNode for name | src/unsafe_shell_test.py:39:30:39:33 | ControlFlowNode for name | This string concatenation which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:36:22:36:25 | ControlFlowNode for name | library input | src/unsafe_shell_test.py:39:5:39:46 | ControlFlowNode for Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:42:24:42:34 | ControlFlowNode for BinaryExpr | src/unsafe_shell_test.py:36:22:36:25 | ControlFlowNode for name | src/unsafe_shell_test.py:42:34:42:34 | ControlFlowNode for x | This string concatenation which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:36:22:36:25 | ControlFlowNode for name | library input | src/unsafe_shell_test.py:42:9:42:47 | ControlFlowNode for Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:5:15:5:28 | After BinaryExpr | src/unsafe_shell_test.py:4:22:4:25 | name | src/unsafe_shell_test.py:5:25:5:28 | name | This string concatenation which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:4:22:4:25 | name | library input | src/unsafe_shell_test.py:5:5:5:29 | After Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:8:15:8:28 | After Fstring | src/unsafe_shell_test.py:4:22:4:25 | name | src/unsafe_shell_test.py:8:23:8:26 | name | This f-string which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:4:22:4:25 | name | library input | src/unsafe_shell_test.py:8:5:8:29 | After Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:11:15:11:38 | After BinaryExpr | src/unsafe_shell_test.py:4:22:4:25 | name | src/unsafe_shell_test.py:11:25:11:38 | After Attribute() | This string concatenation which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:4:22:4:25 | name | library input | src/unsafe_shell_test.py:11:5:11:39 | After Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:14:15:14:40 | After BinaryExpr | src/unsafe_shell_test.py:4:22:4:25 | name | src/unsafe_shell_test.py:14:25:14:40 | After Attribute() | This string concatenation which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:4:22:4:25 | name | library input | src/unsafe_shell_test.py:14:5:14:41 | After Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:17:15:17:36 | After Attribute() | src/unsafe_shell_test.py:4:22:4:25 | name | src/unsafe_shell_test.py:17:32:17:35 | name | This formatted string which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:4:22:4:25 | name | library input | src/unsafe_shell_test.py:17:5:17:37 | After Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:20:15:20:30 | After BinaryExpr | src/unsafe_shell_test.py:4:22:4:25 | name | src/unsafe_shell_test.py:20:27:20:30 | name | This formatted string which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:4:22:4:25 | name | library input | src/unsafe_shell_test.py:20:5:20:31 | After Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:29:20:29:33 | After BinaryExpr | src/unsafe_shell_test.py:26:20:26:23 | name | src/unsafe_shell_test.py:29:30:29:33 | name | This string concatenation which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:26:20:26:23 | name | library input | src/unsafe_shell_test.py:29:5:29:46 | After Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:39:20:39:33 | After BinaryExpr | src/unsafe_shell_test.py:36:22:36:25 | name | src/unsafe_shell_test.py:39:30:39:33 | name | This string concatenation which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:36:22:36:25 | name | library input | src/unsafe_shell_test.py:39:5:39:46 | After Attribute() | shell command |
|
||||
| src/unsafe_shell_test.py:42:24:42:34 | After BinaryExpr | src/unsafe_shell_test.py:36:22:36:25 | name | src/unsafe_shell_test.py:42:34:42:34 | x | This string concatenation which depends on $@ is later used in a $@. | src/unsafe_shell_test.py:36:22:36:25 | name | library input | src/unsafe_shell_test.py:42:9:42:47 | After Attribute() | shell command |
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
| jinja2_escaping.py:9:14:9:39 | ControlFlowNode for Environment() | Using jinja2 templates with autoescape=False can potentially allow XSS attacks. |
|
||||
| jinja2_escaping.py:41:5:41:29 | ControlFlowNode for Environment() | Using jinja2 templates with autoescape=False can potentially allow XSS attacks. |
|
||||
| jinja2_escaping.py:43:1:43:3 | ControlFlowNode for E() | Using jinja2 templates with autoescape=False can potentially allow XSS attacks. |
|
||||
| jinja2_escaping.py:44:1:44:15 | ControlFlowNode for E() | Using jinja2 templates with autoescape=False can potentially allow XSS attacks. |
|
||||
| jinja2_escaping.py:50:13:50:40 | ControlFlowNode for Environment() | Using jinja2 templates with autoescape=False can potentially allow XSS attacks. |
|
||||
| jinja2_escaping.py:53:15:53:43 | ControlFlowNode for Template() | Using jinja2 templates with autoescape=False can potentially allow XSS attacks. |
|
||||
| jinja2_escaping.py:9:14:9:39 | After Environment() | Using jinja2 templates with autoescape=False can potentially allow XSS attacks. |
|
||||
| jinja2_escaping.py:41:5:41:29 | After Environment() | Using jinja2 templates with autoescape=False can potentially allow XSS attacks. |
|
||||
| jinja2_escaping.py:43:1:43:3 | After E() | Using jinja2 templates with autoescape=False can potentially allow XSS attacks. |
|
||||
| jinja2_escaping.py:44:1:44:15 | After E() | Using jinja2 templates with autoescape=False can potentially allow XSS attacks. |
|
||||
| jinja2_escaping.py:50:13:50:40 | After Environment() | Using jinja2 templates with autoescape=False can potentially allow XSS attacks. |
|
||||
| jinja2_escaping.py:53:15:53:43 | After Template() | Using jinja2 templates with autoescape=False can potentially allow XSS attacks. |
|
||||
|
||||
@@ -1,32 +1,32 @@
|
||||
edges
|
||||
| reflected_xss.py:2:26:2:32 | ControlFlowNode for ImportMember | reflected_xss.py:2:26:2:32 | ControlFlowNode for request | provenance | |
|
||||
| reflected_xss.py:2:26:2:32 | ControlFlowNode for request | reflected_xss.py:9:18:9:24 | ControlFlowNode for request | provenance | |
|
||||
| reflected_xss.py:2:26:2:32 | ControlFlowNode for request | reflected_xss.py:21:23:21:29 | ControlFlowNode for request | provenance | |
|
||||
| reflected_xss.py:2:26:2:32 | ControlFlowNode for request | reflected_xss.py:27:23:27:29 | ControlFlowNode for request | provenance | |
|
||||
| reflected_xss.py:9:5:9:14 | ControlFlowNode for first_name | reflected_xss.py:10:26:10:53 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| reflected_xss.py:9:18:9:24 | ControlFlowNode for request | reflected_xss.py:9:18:9:29 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:9:18:9:29 | ControlFlowNode for Attribute | reflected_xss.py:9:18:9:45 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| reflected_xss.py:9:18:9:45 | ControlFlowNode for Attribute() | reflected_xss.py:9:5:9:14 | ControlFlowNode for first_name | provenance | |
|
||||
| reflected_xss.py:21:5:21:8 | ControlFlowNode for data | reflected_xss.py:22:26:22:41 | ControlFlowNode for Attribute() | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:21:23:21:29 | ControlFlowNode for request | reflected_xss.py:21:5:21:8 | ControlFlowNode for data | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:27:5:27:8 | ControlFlowNode for data | reflected_xss.py:28:26:28:41 | ControlFlowNode for Attribute() | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:27:23:27:29 | ControlFlowNode for request | reflected_xss.py:27:5:27:8 | ControlFlowNode for data | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:2:26:2:32 | After ImportMember | reflected_xss.py:2:26:2:32 | request | provenance | |
|
||||
| reflected_xss.py:2:26:2:32 | request | reflected_xss.py:9:18:9:24 | request | provenance | |
|
||||
| reflected_xss.py:2:26:2:32 | request | reflected_xss.py:21:23:21:29 | request | provenance | |
|
||||
| reflected_xss.py:2:26:2:32 | request | reflected_xss.py:27:23:27:29 | request | provenance | |
|
||||
| reflected_xss.py:9:5:9:14 | first_name | reflected_xss.py:10:26:10:53 | After BinaryExpr | provenance | |
|
||||
| reflected_xss.py:9:18:9:24 | request | reflected_xss.py:9:18:9:29 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:9:18:9:29 | After Attribute | reflected_xss.py:9:18:9:45 | After Attribute() | provenance | dict.get |
|
||||
| reflected_xss.py:9:18:9:45 | After Attribute() | reflected_xss.py:9:5:9:14 | first_name | provenance | |
|
||||
| reflected_xss.py:21:5:21:8 | data | reflected_xss.py:22:26:22:41 | After Attribute() | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:21:23:21:29 | request | reflected_xss.py:21:5:21:8 | data | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:27:5:27:8 | data | reflected_xss.py:28:26:28:41 | After Attribute() | provenance | AdditionalTaintStep |
|
||||
| reflected_xss.py:27:23:27:29 | request | reflected_xss.py:27:5:27:8 | data | provenance | AdditionalTaintStep |
|
||||
nodes
|
||||
| reflected_xss.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| reflected_xss.py:2:26:2:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| reflected_xss.py:9:5:9:14 | ControlFlowNode for first_name | semmle.label | ControlFlowNode for first_name |
|
||||
| reflected_xss.py:9:18:9:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| reflected_xss.py:9:18:9:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| reflected_xss.py:9:18:9:45 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| reflected_xss.py:10:26:10:53 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| reflected_xss.py:21:5:21:8 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| reflected_xss.py:21:23:21:29 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| reflected_xss.py:22:26:22:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| reflected_xss.py:27:5:27:8 | ControlFlowNode for data | semmle.label | ControlFlowNode for data |
|
||||
| reflected_xss.py:27:23:27:29 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| reflected_xss.py:28:26:28:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| reflected_xss.py:2:26:2:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| reflected_xss.py:2:26:2:32 | request | semmle.label | request |
|
||||
| reflected_xss.py:9:5:9:14 | first_name | semmle.label | first_name |
|
||||
| reflected_xss.py:9:18:9:24 | request | semmle.label | request |
|
||||
| reflected_xss.py:9:18:9:29 | After Attribute | semmle.label | After Attribute |
|
||||
| reflected_xss.py:9:18:9:45 | After Attribute() | semmle.label | After Attribute() |
|
||||
| reflected_xss.py:10:26:10:53 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| reflected_xss.py:21:5:21:8 | data | semmle.label | data |
|
||||
| reflected_xss.py:21:23:21:29 | request | semmle.label | request |
|
||||
| reflected_xss.py:22:26:22:41 | After Attribute() | semmle.label | After Attribute() |
|
||||
| reflected_xss.py:27:5:27:8 | data | semmle.label | data |
|
||||
| reflected_xss.py:27:23:27:29 | request | semmle.label | request |
|
||||
| reflected_xss.py:28:26:28:41 | After Attribute() | semmle.label | After Attribute() |
|
||||
subpaths
|
||||
#select
|
||||
| reflected_xss.py:10:26:10:53 | ControlFlowNode for BinaryExpr | reflected_xss.py:2:26:2:32 | ControlFlowNode for ImportMember | reflected_xss.py:10:26:10:53 | ControlFlowNode for BinaryExpr | Cross-site scripting vulnerability due to a $@. | reflected_xss.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| reflected_xss.py:22:26:22:41 | ControlFlowNode for Attribute() | reflected_xss.py:2:26:2:32 | ControlFlowNode for ImportMember | reflected_xss.py:22:26:22:41 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to a $@. | reflected_xss.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| reflected_xss.py:28:26:28:41 | ControlFlowNode for Attribute() | reflected_xss.py:2:26:2:32 | ControlFlowNode for ImportMember | reflected_xss.py:28:26:28:41 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to a $@. | reflected_xss.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| reflected_xss.py:10:26:10:53 | After BinaryExpr | reflected_xss.py:2:26:2:32 | After ImportMember | reflected_xss.py:10:26:10:53 | After BinaryExpr | Cross-site scripting vulnerability due to a $@. | reflected_xss.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| reflected_xss.py:22:26:22:41 | After Attribute() | reflected_xss.py:2:26:2:32 | After ImportMember | reflected_xss.py:22:26:22:41 | After Attribute() | Cross-site scripting vulnerability due to a $@. | reflected_xss.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| reflected_xss.py:28:26:28:41 | After Attribute() | reflected_xss.py:2:26:2:32 | After ImportMember | reflected_xss.py:28:26:28:41 | After Attribute() | Cross-site scripting vulnerability due to a $@. | reflected_xss.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
#select
|
||||
| test.py:6:14:6:24 | ControlFlowNode for Subscript | test.py:6:14:6:21 | ControlFlowNode for Attribute | test.py:6:14:6:24 | ControlFlowNode for Subscript | This SQL query depends on a $@. | test.py:6:14:6:21 | ControlFlowNode for Attribute | user-provided value |
|
||||
| test.py:6:14:6:24 | After Subscript | test.py:6:14:6:21 | After Attribute | test.py:6:14:6:24 | After Subscript | This SQL query depends on a $@. | test.py:6:14:6:21 | After Attribute | user-provided value |
|
||||
edges
|
||||
| test.py:6:14:6:21 | ControlFlowNode for Attribute | test.py:6:14:6:24 | ControlFlowNode for Subscript | provenance | Src:MaD:1 |
|
||||
| test.py:6:14:6:21 | After Attribute | test.py:6:14:6:24 | After Subscript | provenance | Src:MaD:1 |
|
||||
models
|
||||
| 1 | Source: sys; Member[argv]; commandargs |
|
||||
nodes
|
||||
| test.py:6:14:6:21 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:6:14:6:24 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| test.py:6:14:6:21 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:6:14:6:24 | After Subscript | semmle.label | After Subscript |
|
||||
subpaths
|
||||
|
||||
@@ -1,54 +1,54 @@
|
||||
edges
|
||||
| sql_injection.py:14:15:14:22 | ControlFlowNode for username | sql_injection.py:21:24:21:77 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| sql_injection.py:14:15:14:22 | ControlFlowNode for username | sql_injection.py:24:38:24:95 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| sql_injection.py:14:15:14:22 | ControlFlowNode for username | sql_injection.py:25:26:25:83 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| sql_injection.py:14:15:14:22 | ControlFlowNode for username | sql_injection.py:26:28:26:85 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:27:28:27:87 | ControlFlowNode for Attribute() | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:31:50:31:72 | ControlFlowNode for Attribute() | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:41:26:41:33 | ControlFlowNode for username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:42:31:42:38 | ControlFlowNode for username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:43:30:43:37 | ControlFlowNode for username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:44:35:44:42 | ControlFlowNode for username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:45:41:45:48 | ControlFlowNode for username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:46:46:46:53 | ControlFlowNode for username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:47:47:47:54 | ControlFlowNode for username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:48:52:48:59 | ControlFlowNode for username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:50:18:50:25 | ControlFlowNode for username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:51:24:51:31 | ControlFlowNode for username | provenance | |
|
||||
| sql_injection.py:14:15:14:22 | username | sql_injection.py:21:24:21:77 | After BinaryExpr | provenance | |
|
||||
| sql_injection.py:14:15:14:22 | username | sql_injection.py:24:38:24:95 | After BinaryExpr | provenance | |
|
||||
| sql_injection.py:14:15:14:22 | username | sql_injection.py:25:26:25:83 | After BinaryExpr | provenance | |
|
||||
| sql_injection.py:14:15:14:22 | username | sql_injection.py:26:28:26:85 | After BinaryExpr | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:27:28:27:87 | After Attribute() | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:31:50:31:72 | After Attribute() | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:41:26:41:33 | username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:42:31:42:38 | username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:43:30:43:37 | username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:44:35:44:42 | username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:45:41:45:48 | username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:46:46:46:53 | username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:47:47:47:54 | username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:48:52:48:59 | username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:50:18:50:25 | username | provenance | |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:51:24:51:31 | username | provenance | |
|
||||
nodes
|
||||
| sql_injection.py:14:15:14:22 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| sql_injection.py:21:24:21:77 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| sql_injection.py:24:38:24:95 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| sql_injection.py:25:26:25:83 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| sql_injection.py:26:28:26:85 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| sqlalchemy_textclause.py:27:28:27:87 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| sqlalchemy_textclause.py:31:50:31:72 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| sqlalchemy_textclause.py:41:26:41:33 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| sqlalchemy_textclause.py:42:31:42:38 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| sqlalchemy_textclause.py:43:30:43:37 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| sqlalchemy_textclause.py:44:35:44:42 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| sqlalchemy_textclause.py:45:41:45:48 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| sqlalchemy_textclause.py:46:46:46:53 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| sqlalchemy_textclause.py:47:47:47:54 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| sqlalchemy_textclause.py:48:52:48:59 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| sqlalchemy_textclause.py:50:18:50:25 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| sqlalchemy_textclause.py:51:24:51:31 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| sql_injection.py:14:15:14:22 | username | semmle.label | username |
|
||||
| sql_injection.py:21:24:21:77 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| sql_injection.py:24:38:24:95 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| sql_injection.py:25:26:25:83 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| sql_injection.py:26:28:26:85 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| sqlalchemy_textclause.py:23:15:23:22 | username | semmle.label | username |
|
||||
| sqlalchemy_textclause.py:27:28:27:87 | After Attribute() | semmle.label | After Attribute() |
|
||||
| sqlalchemy_textclause.py:31:50:31:72 | After Attribute() | semmle.label | After Attribute() |
|
||||
| sqlalchemy_textclause.py:41:26:41:33 | username | semmle.label | username |
|
||||
| sqlalchemy_textclause.py:42:31:42:38 | username | semmle.label | username |
|
||||
| sqlalchemy_textclause.py:43:30:43:37 | username | semmle.label | username |
|
||||
| sqlalchemy_textclause.py:44:35:44:42 | username | semmle.label | username |
|
||||
| sqlalchemy_textclause.py:45:41:45:48 | username | semmle.label | username |
|
||||
| sqlalchemy_textclause.py:46:46:46:53 | username | semmle.label | username |
|
||||
| sqlalchemy_textclause.py:47:47:47:54 | username | semmle.label | username |
|
||||
| sqlalchemy_textclause.py:48:52:48:59 | username | semmle.label | username |
|
||||
| sqlalchemy_textclause.py:50:18:50:25 | username | semmle.label | username |
|
||||
| sqlalchemy_textclause.py:51:24:51:31 | username | semmle.label | username |
|
||||
subpaths
|
||||
#select
|
||||
| sql_injection.py:21:24:21:77 | ControlFlowNode for BinaryExpr | sql_injection.py:14:15:14:22 | ControlFlowNode for username | sql_injection.py:21:24:21:77 | ControlFlowNode for BinaryExpr | This SQL query depends on a $@. | sql_injection.py:14:15:14:22 | ControlFlowNode for username | user-provided value |
|
||||
| sql_injection.py:24:38:24:95 | ControlFlowNode for BinaryExpr | sql_injection.py:14:15:14:22 | ControlFlowNode for username | sql_injection.py:24:38:24:95 | ControlFlowNode for BinaryExpr | This SQL query depends on a $@. | sql_injection.py:14:15:14:22 | ControlFlowNode for username | user-provided value |
|
||||
| sql_injection.py:25:26:25:83 | ControlFlowNode for BinaryExpr | sql_injection.py:14:15:14:22 | ControlFlowNode for username | sql_injection.py:25:26:25:83 | ControlFlowNode for BinaryExpr | This SQL query depends on a $@. | sql_injection.py:14:15:14:22 | ControlFlowNode for username | user-provided value |
|
||||
| sql_injection.py:26:28:26:85 | ControlFlowNode for BinaryExpr | sql_injection.py:14:15:14:22 | ControlFlowNode for username | sql_injection.py:26:28:26:85 | ControlFlowNode for BinaryExpr | This SQL query depends on a $@. | sql_injection.py:14:15:14:22 | ControlFlowNode for username | user-provided value |
|
||||
| sqlalchemy_textclause.py:27:28:27:87 | ControlFlowNode for Attribute() | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:27:28:27:87 | ControlFlowNode for Attribute() | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | user-provided value |
|
||||
| sqlalchemy_textclause.py:31:50:31:72 | ControlFlowNode for Attribute() | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:31:50:31:72 | ControlFlowNode for Attribute() | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | user-provided value |
|
||||
| sqlalchemy_textclause.py:41:26:41:33 | ControlFlowNode for username | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:41:26:41:33 | ControlFlowNode for username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | user-provided value |
|
||||
| sqlalchemy_textclause.py:42:31:42:38 | ControlFlowNode for username | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:42:31:42:38 | ControlFlowNode for username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | user-provided value |
|
||||
| sqlalchemy_textclause.py:43:30:43:37 | ControlFlowNode for username | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:43:30:43:37 | ControlFlowNode for username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | user-provided value |
|
||||
| sqlalchemy_textclause.py:44:35:44:42 | ControlFlowNode for username | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:44:35:44:42 | ControlFlowNode for username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | user-provided value |
|
||||
| sqlalchemy_textclause.py:45:41:45:48 | ControlFlowNode for username | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:45:41:45:48 | ControlFlowNode for username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | user-provided value |
|
||||
| sqlalchemy_textclause.py:46:46:46:53 | ControlFlowNode for username | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:46:46:46:53 | ControlFlowNode for username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | user-provided value |
|
||||
| sqlalchemy_textclause.py:47:47:47:54 | ControlFlowNode for username | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:47:47:47:54 | ControlFlowNode for username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | user-provided value |
|
||||
| sqlalchemy_textclause.py:48:52:48:59 | ControlFlowNode for username | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:48:52:48:59 | ControlFlowNode for username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | user-provided value |
|
||||
| sqlalchemy_textclause.py:50:18:50:25 | ControlFlowNode for username | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:50:18:50:25 | ControlFlowNode for username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | user-provided value |
|
||||
| sqlalchemy_textclause.py:51:24:51:31 | ControlFlowNode for username | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | sqlalchemy_textclause.py:51:24:51:31 | ControlFlowNode for username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | ControlFlowNode for username | user-provided value |
|
||||
| sql_injection.py:21:24:21:77 | After BinaryExpr | sql_injection.py:14:15:14:22 | username | sql_injection.py:21:24:21:77 | After BinaryExpr | This SQL query depends on a $@. | sql_injection.py:14:15:14:22 | username | user-provided value |
|
||||
| sql_injection.py:24:38:24:95 | After BinaryExpr | sql_injection.py:14:15:14:22 | username | sql_injection.py:24:38:24:95 | After BinaryExpr | This SQL query depends on a $@. | sql_injection.py:14:15:14:22 | username | user-provided value |
|
||||
| sql_injection.py:25:26:25:83 | After BinaryExpr | sql_injection.py:14:15:14:22 | username | sql_injection.py:25:26:25:83 | After BinaryExpr | This SQL query depends on a $@. | sql_injection.py:14:15:14:22 | username | user-provided value |
|
||||
| sql_injection.py:26:28:26:85 | After BinaryExpr | sql_injection.py:14:15:14:22 | username | sql_injection.py:26:28:26:85 | After BinaryExpr | This SQL query depends on a $@. | sql_injection.py:14:15:14:22 | username | user-provided value |
|
||||
| sqlalchemy_textclause.py:27:28:27:87 | After Attribute() | sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:27:28:27:87 | After Attribute() | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | username | user-provided value |
|
||||
| sqlalchemy_textclause.py:31:50:31:72 | After Attribute() | sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:31:50:31:72 | After Attribute() | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | username | user-provided value |
|
||||
| sqlalchemy_textclause.py:41:26:41:33 | username | sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:41:26:41:33 | username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | username | user-provided value |
|
||||
| sqlalchemy_textclause.py:42:31:42:38 | username | sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:42:31:42:38 | username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | username | user-provided value |
|
||||
| sqlalchemy_textclause.py:43:30:43:37 | username | sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:43:30:43:37 | username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | username | user-provided value |
|
||||
| sqlalchemy_textclause.py:44:35:44:42 | username | sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:44:35:44:42 | username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | username | user-provided value |
|
||||
| sqlalchemy_textclause.py:45:41:45:48 | username | sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:45:41:45:48 | username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | username | user-provided value |
|
||||
| sqlalchemy_textclause.py:46:46:46:53 | username | sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:46:46:46:53 | username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | username | user-provided value |
|
||||
| sqlalchemy_textclause.py:47:47:47:54 | username | sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:47:47:47:54 | username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | username | user-provided value |
|
||||
| sqlalchemy_textclause.py:48:52:48:59 | username | sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:48:52:48:59 | username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | username | user-provided value |
|
||||
| sqlalchemy_textclause.py:50:18:50:25 | username | sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:50:18:50:25 | username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | username | user-provided value |
|
||||
| sqlalchemy_textclause.py:51:24:51:31 | username | sqlalchemy_textclause.py:23:15:23:22 | username | sqlalchemy_textclause.py:51:24:51:31 | username | This SQL query depends on a $@. | sqlalchemy_textclause.py:23:15:23:22 | username | user-provided value |
|
||||
|
||||
@@ -1,121 +1,121 @@
|
||||
edges
|
||||
| ldap3_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap3_bad.py:1:19:1:25 | ControlFlowNode for request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap3_bad.py:1:19:1:25 | ControlFlowNode for request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | ControlFlowNode for request | ldap3_bad.py:13:17:13:23 | ControlFlowNode for request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | ControlFlowNode for request | ldap3_bad.py:13:17:13:23 | ControlFlowNode for request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | ControlFlowNode for request | ldap3_bad.py:14:21:14:27 | ControlFlowNode for request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | ControlFlowNode for request | ldap3_bad.py:30:17:30:23 | ControlFlowNode for request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | ControlFlowNode for request | ldap3_bad.py:30:17:30:23 | ControlFlowNode for request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | ControlFlowNode for request | ldap3_bad.py:31:21:31:27 | ControlFlowNode for request | provenance | |
|
||||
| ldap3_bad.py:13:5:13:13 | ControlFlowNode for unsafe_dc | ldap3_bad.py:16:5:16:6 | ControlFlowNode for dn | provenance | |
|
||||
| ldap3_bad.py:13:17:13:23 | ControlFlowNode for request | ldap3_bad.py:13:5:13:13 | ControlFlowNode for unsafe_dc | provenance | AdditionalTaintStep |
|
||||
| ldap3_bad.py:13:17:13:23 | ControlFlowNode for request | ldap3_bad.py:14:5:14:17 | ControlFlowNode for unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap3_bad.py:14:5:14:17 | ControlFlowNode for unsafe_filter | ldap3_bad.py:17:5:17:17 | ControlFlowNode for search_filter | provenance | |
|
||||
| ldap3_bad.py:14:21:14:27 | ControlFlowNode for request | ldap3_bad.py:14:5:14:17 | ControlFlowNode for unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap3_bad.py:16:5:16:6 | ControlFlowNode for dn | ldap3_bad.py:21:17:21:18 | ControlFlowNode for dn | provenance | |
|
||||
| ldap3_bad.py:17:5:17:17 | ControlFlowNode for search_filter | ldap3_bad.py:21:21:21:33 | ControlFlowNode for search_filter | provenance | |
|
||||
| ldap3_bad.py:30:5:30:13 | ControlFlowNode for unsafe_dc | ldap3_bad.py:33:5:33:6 | ControlFlowNode for dn | provenance | |
|
||||
| ldap3_bad.py:30:17:30:23 | ControlFlowNode for request | ldap3_bad.py:30:5:30:13 | ControlFlowNode for unsafe_dc | provenance | AdditionalTaintStep |
|
||||
| ldap3_bad.py:30:17:30:23 | ControlFlowNode for request | ldap3_bad.py:31:5:31:17 | ControlFlowNode for unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap3_bad.py:31:5:31:17 | ControlFlowNode for unsafe_filter | ldap3_bad.py:34:5:34:17 | ControlFlowNode for search_filter | provenance | |
|
||||
| ldap3_bad.py:31:21:31:27 | ControlFlowNode for request | ldap3_bad.py:31:5:31:17 | ControlFlowNode for unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap3_bad.py:33:5:33:6 | ControlFlowNode for dn | ldap3_bad.py:38:9:38:10 | ControlFlowNode for dn | provenance | |
|
||||
| ldap3_bad.py:34:5:34:17 | ControlFlowNode for search_filter | ldap3_bad.py:38:13:38:25 | ControlFlowNode for search_filter | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap_bad.py:1:19:1:25 | ControlFlowNode for request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap_bad.py:1:19:1:25 | ControlFlowNode for request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for request | ldap_bad.py:13:17:13:23 | ControlFlowNode for request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for request | ldap_bad.py:13:17:13:23 | ControlFlowNode for request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for request | ldap_bad.py:14:21:14:27 | ControlFlowNode for request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for request | ldap_bad.py:30:17:30:23 | ControlFlowNode for request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for request | ldap_bad.py:30:17:30:23 | ControlFlowNode for request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for request | ldap_bad.py:31:21:31:27 | ControlFlowNode for request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for request | ldap_bad.py:47:17:47:23 | ControlFlowNode for request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for request | ldap_bad.py:47:17:47:23 | ControlFlowNode for request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for request | ldap_bad.py:48:21:48:27 | ControlFlowNode for request | provenance | |
|
||||
| ldap_bad.py:13:5:13:13 | ControlFlowNode for unsafe_dc | ldap_bad.py:16:5:16:6 | ControlFlowNode for dn | provenance | |
|
||||
| ldap_bad.py:13:17:13:23 | ControlFlowNode for request | ldap_bad.py:13:5:13:13 | ControlFlowNode for unsafe_dc | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:13:17:13:23 | ControlFlowNode for request | ldap_bad.py:14:5:14:17 | ControlFlowNode for unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:14:5:14:17 | ControlFlowNode for unsafe_filter | ldap_bad.py:17:5:17:17 | ControlFlowNode for search_filter | provenance | |
|
||||
| ldap_bad.py:14:21:14:27 | ControlFlowNode for request | ldap_bad.py:14:5:14:17 | ControlFlowNode for unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:16:5:16:6 | ControlFlowNode for dn | ldap_bad.py:21:9:21:10 | ControlFlowNode for dn | provenance | |
|
||||
| ldap_bad.py:17:5:17:17 | ControlFlowNode for search_filter | ldap_bad.py:21:33:21:45 | ControlFlowNode for search_filter | provenance | |
|
||||
| ldap_bad.py:30:5:30:13 | ControlFlowNode for unsafe_dc | ldap_bad.py:33:5:33:6 | ControlFlowNode for dn | provenance | |
|
||||
| ldap_bad.py:30:17:30:23 | ControlFlowNode for request | ldap_bad.py:30:5:30:13 | ControlFlowNode for unsafe_dc | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:30:17:30:23 | ControlFlowNode for request | ldap_bad.py:31:5:31:17 | ControlFlowNode for unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:31:5:31:17 | ControlFlowNode for unsafe_filter | ldap_bad.py:34:5:34:17 | ControlFlowNode for search_filter | provenance | |
|
||||
| ldap_bad.py:31:21:31:27 | ControlFlowNode for request | ldap_bad.py:31:5:31:17 | ControlFlowNode for unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:33:5:33:6 | ControlFlowNode for dn | ldap_bad.py:37:9:37:10 | ControlFlowNode for dn | provenance | |
|
||||
| ldap_bad.py:34:5:34:17 | ControlFlowNode for search_filter | ldap_bad.py:37:33:37:45 | ControlFlowNode for search_filter | provenance | |
|
||||
| ldap_bad.py:47:5:47:13 | ControlFlowNode for unsafe_dc | ldap_bad.py:50:5:50:6 | ControlFlowNode for dn | provenance | |
|
||||
| ldap_bad.py:47:17:47:23 | ControlFlowNode for request | ldap_bad.py:47:5:47:13 | ControlFlowNode for unsafe_dc | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:47:17:47:23 | ControlFlowNode for request | ldap_bad.py:48:5:48:17 | ControlFlowNode for unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:48:5:48:17 | ControlFlowNode for unsafe_filter | ldap_bad.py:51:5:51:17 | ControlFlowNode for search_filter | provenance | |
|
||||
| ldap_bad.py:48:21:48:27 | ControlFlowNode for request | ldap_bad.py:48:5:48:17 | ControlFlowNode for unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:50:5:50:6 | ControlFlowNode for dn | ldap_bad.py:55:9:55:10 | ControlFlowNode for dn | provenance | |
|
||||
| ldap_bad.py:51:5:51:17 | ControlFlowNode for search_filter | ldap_bad.py:55:43:55:55 | ControlFlowNode for search_filter | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | After ImportMember | ldap3_bad.py:1:19:1:25 | request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | After ImportMember | ldap3_bad.py:1:19:1:25 | request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | request | ldap3_bad.py:13:17:13:23 | request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | request | ldap3_bad.py:13:17:13:23 | request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | request | ldap3_bad.py:14:21:14:27 | request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | request | ldap3_bad.py:30:17:30:23 | request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | request | ldap3_bad.py:30:17:30:23 | request | provenance | |
|
||||
| ldap3_bad.py:1:19:1:25 | request | ldap3_bad.py:31:21:31:27 | request | provenance | |
|
||||
| ldap3_bad.py:13:5:13:13 | unsafe_dc | ldap3_bad.py:16:5:16:6 | dn | provenance | |
|
||||
| ldap3_bad.py:13:17:13:23 | request | ldap3_bad.py:13:5:13:13 | unsafe_dc | provenance | AdditionalTaintStep |
|
||||
| ldap3_bad.py:13:17:13:23 | request | ldap3_bad.py:14:5:14:17 | unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap3_bad.py:14:5:14:17 | unsafe_filter | ldap3_bad.py:17:5:17:17 | search_filter | provenance | |
|
||||
| ldap3_bad.py:14:21:14:27 | request | ldap3_bad.py:14:5:14:17 | unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap3_bad.py:16:5:16:6 | dn | ldap3_bad.py:21:17:21:18 | dn | provenance | |
|
||||
| ldap3_bad.py:17:5:17:17 | search_filter | ldap3_bad.py:21:21:21:33 | search_filter | provenance | |
|
||||
| ldap3_bad.py:30:5:30:13 | unsafe_dc | ldap3_bad.py:33:5:33:6 | dn | provenance | |
|
||||
| ldap3_bad.py:30:17:30:23 | request | ldap3_bad.py:30:5:30:13 | unsafe_dc | provenance | AdditionalTaintStep |
|
||||
| ldap3_bad.py:30:17:30:23 | request | ldap3_bad.py:31:5:31:17 | unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap3_bad.py:31:5:31:17 | unsafe_filter | ldap3_bad.py:34:5:34:17 | search_filter | provenance | |
|
||||
| ldap3_bad.py:31:21:31:27 | request | ldap3_bad.py:31:5:31:17 | unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap3_bad.py:33:5:33:6 | dn | ldap3_bad.py:38:9:38:10 | dn | provenance | |
|
||||
| ldap3_bad.py:34:5:34:17 | search_filter | ldap3_bad.py:38:13:38:25 | search_filter | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | After ImportMember | ldap_bad.py:1:19:1:25 | request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | After ImportMember | ldap_bad.py:1:19:1:25 | request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | request | ldap_bad.py:13:17:13:23 | request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | request | ldap_bad.py:13:17:13:23 | request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | request | ldap_bad.py:14:21:14:27 | request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | request | ldap_bad.py:30:17:30:23 | request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | request | ldap_bad.py:30:17:30:23 | request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | request | ldap_bad.py:31:21:31:27 | request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | request | ldap_bad.py:47:17:47:23 | request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | request | ldap_bad.py:47:17:47:23 | request | provenance | |
|
||||
| ldap_bad.py:1:19:1:25 | request | ldap_bad.py:48:21:48:27 | request | provenance | |
|
||||
| ldap_bad.py:13:5:13:13 | unsafe_dc | ldap_bad.py:16:5:16:6 | dn | provenance | |
|
||||
| ldap_bad.py:13:17:13:23 | request | ldap_bad.py:13:5:13:13 | unsafe_dc | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:13:17:13:23 | request | ldap_bad.py:14:5:14:17 | unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:14:5:14:17 | unsafe_filter | ldap_bad.py:17:5:17:17 | search_filter | provenance | |
|
||||
| ldap_bad.py:14:21:14:27 | request | ldap_bad.py:14:5:14:17 | unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:16:5:16:6 | dn | ldap_bad.py:21:9:21:10 | dn | provenance | |
|
||||
| ldap_bad.py:17:5:17:17 | search_filter | ldap_bad.py:21:33:21:45 | search_filter | provenance | |
|
||||
| ldap_bad.py:30:5:30:13 | unsafe_dc | ldap_bad.py:33:5:33:6 | dn | provenance | |
|
||||
| ldap_bad.py:30:17:30:23 | request | ldap_bad.py:30:5:30:13 | unsafe_dc | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:30:17:30:23 | request | ldap_bad.py:31:5:31:17 | unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:31:5:31:17 | unsafe_filter | ldap_bad.py:34:5:34:17 | search_filter | provenance | |
|
||||
| ldap_bad.py:31:21:31:27 | request | ldap_bad.py:31:5:31:17 | unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:33:5:33:6 | dn | ldap_bad.py:37:9:37:10 | dn | provenance | |
|
||||
| ldap_bad.py:34:5:34:17 | search_filter | ldap_bad.py:37:33:37:45 | search_filter | provenance | |
|
||||
| ldap_bad.py:47:5:47:13 | unsafe_dc | ldap_bad.py:50:5:50:6 | dn | provenance | |
|
||||
| ldap_bad.py:47:17:47:23 | request | ldap_bad.py:47:5:47:13 | unsafe_dc | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:47:17:47:23 | request | ldap_bad.py:48:5:48:17 | unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:48:5:48:17 | unsafe_filter | ldap_bad.py:51:5:51:17 | search_filter | provenance | |
|
||||
| ldap_bad.py:48:21:48:27 | request | ldap_bad.py:48:5:48:17 | unsafe_filter | provenance | AdditionalTaintStep |
|
||||
| ldap_bad.py:50:5:50:6 | dn | ldap_bad.py:55:9:55:10 | dn | provenance | |
|
||||
| ldap_bad.py:51:5:51:17 | search_filter | ldap_bad.py:55:43:55:55 | search_filter | provenance | |
|
||||
nodes
|
||||
| ldap3_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| ldap3_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| ldap3_bad.py:1:19:1:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap3_bad.py:1:19:1:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap3_bad.py:13:5:13:13 | ControlFlowNode for unsafe_dc | semmle.label | ControlFlowNode for unsafe_dc |
|
||||
| ldap3_bad.py:13:17:13:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap3_bad.py:13:17:13:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap3_bad.py:14:5:14:17 | ControlFlowNode for unsafe_filter | semmle.label | ControlFlowNode for unsafe_filter |
|
||||
| ldap3_bad.py:14:21:14:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap3_bad.py:16:5:16:6 | ControlFlowNode for dn | semmle.label | ControlFlowNode for dn |
|
||||
| ldap3_bad.py:17:5:17:17 | ControlFlowNode for search_filter | semmle.label | ControlFlowNode for search_filter |
|
||||
| ldap3_bad.py:21:17:21:18 | ControlFlowNode for dn | semmle.label | ControlFlowNode for dn |
|
||||
| ldap3_bad.py:21:21:21:33 | ControlFlowNode for search_filter | semmle.label | ControlFlowNode for search_filter |
|
||||
| ldap3_bad.py:30:5:30:13 | ControlFlowNode for unsafe_dc | semmle.label | ControlFlowNode for unsafe_dc |
|
||||
| ldap3_bad.py:30:17:30:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap3_bad.py:30:17:30:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap3_bad.py:31:5:31:17 | ControlFlowNode for unsafe_filter | semmle.label | ControlFlowNode for unsafe_filter |
|
||||
| ldap3_bad.py:31:21:31:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap3_bad.py:33:5:33:6 | ControlFlowNode for dn | semmle.label | ControlFlowNode for dn |
|
||||
| ldap3_bad.py:34:5:34:17 | ControlFlowNode for search_filter | semmle.label | ControlFlowNode for search_filter |
|
||||
| ldap3_bad.py:38:9:38:10 | ControlFlowNode for dn | semmle.label | ControlFlowNode for dn |
|
||||
| ldap3_bad.py:38:13:38:25 | ControlFlowNode for search_filter | semmle.label | ControlFlowNode for search_filter |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap_bad.py:1:19:1:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap_bad.py:13:5:13:13 | ControlFlowNode for unsafe_dc | semmle.label | ControlFlowNode for unsafe_dc |
|
||||
| ldap_bad.py:13:17:13:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap_bad.py:13:17:13:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap_bad.py:14:5:14:17 | ControlFlowNode for unsafe_filter | semmle.label | ControlFlowNode for unsafe_filter |
|
||||
| ldap_bad.py:14:21:14:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap_bad.py:16:5:16:6 | ControlFlowNode for dn | semmle.label | ControlFlowNode for dn |
|
||||
| ldap_bad.py:17:5:17:17 | ControlFlowNode for search_filter | semmle.label | ControlFlowNode for search_filter |
|
||||
| ldap_bad.py:21:9:21:10 | ControlFlowNode for dn | semmle.label | ControlFlowNode for dn |
|
||||
| ldap_bad.py:21:33:21:45 | ControlFlowNode for search_filter | semmle.label | ControlFlowNode for search_filter |
|
||||
| ldap_bad.py:30:5:30:13 | ControlFlowNode for unsafe_dc | semmle.label | ControlFlowNode for unsafe_dc |
|
||||
| ldap_bad.py:30:17:30:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap_bad.py:30:17:30:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap_bad.py:31:5:31:17 | ControlFlowNode for unsafe_filter | semmle.label | ControlFlowNode for unsafe_filter |
|
||||
| ldap_bad.py:31:21:31:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap_bad.py:33:5:33:6 | ControlFlowNode for dn | semmle.label | ControlFlowNode for dn |
|
||||
| ldap_bad.py:34:5:34:17 | ControlFlowNode for search_filter | semmle.label | ControlFlowNode for search_filter |
|
||||
| ldap_bad.py:37:9:37:10 | ControlFlowNode for dn | semmle.label | ControlFlowNode for dn |
|
||||
| ldap_bad.py:37:33:37:45 | ControlFlowNode for search_filter | semmle.label | ControlFlowNode for search_filter |
|
||||
| ldap_bad.py:47:5:47:13 | ControlFlowNode for unsafe_dc | semmle.label | ControlFlowNode for unsafe_dc |
|
||||
| ldap_bad.py:47:17:47:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap_bad.py:47:17:47:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap_bad.py:48:5:48:17 | ControlFlowNode for unsafe_filter | semmle.label | ControlFlowNode for unsafe_filter |
|
||||
| ldap_bad.py:48:21:48:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap_bad.py:50:5:50:6 | ControlFlowNode for dn | semmle.label | ControlFlowNode for dn |
|
||||
| ldap_bad.py:51:5:51:17 | ControlFlowNode for search_filter | semmle.label | ControlFlowNode for search_filter |
|
||||
| ldap_bad.py:55:9:55:10 | ControlFlowNode for dn | semmle.label | ControlFlowNode for dn |
|
||||
| ldap_bad.py:55:43:55:55 | ControlFlowNode for search_filter | semmle.label | ControlFlowNode for search_filter |
|
||||
| ldap3_bad.py:1:19:1:25 | After ImportMember | semmle.label | After ImportMember |
|
||||
| ldap3_bad.py:1:19:1:25 | After ImportMember | semmle.label | After ImportMember |
|
||||
| ldap3_bad.py:1:19:1:25 | request | semmle.label | request |
|
||||
| ldap3_bad.py:1:19:1:25 | request | semmle.label | request |
|
||||
| ldap3_bad.py:13:5:13:13 | unsafe_dc | semmle.label | unsafe_dc |
|
||||
| ldap3_bad.py:13:17:13:23 | request | semmle.label | request |
|
||||
| ldap3_bad.py:13:17:13:23 | request | semmle.label | request |
|
||||
| ldap3_bad.py:14:5:14:17 | unsafe_filter | semmle.label | unsafe_filter |
|
||||
| ldap3_bad.py:14:21:14:27 | request | semmle.label | request |
|
||||
| ldap3_bad.py:16:5:16:6 | dn | semmle.label | dn |
|
||||
| ldap3_bad.py:17:5:17:17 | search_filter | semmle.label | search_filter |
|
||||
| ldap3_bad.py:21:17:21:18 | dn | semmle.label | dn |
|
||||
| ldap3_bad.py:21:21:21:33 | search_filter | semmle.label | search_filter |
|
||||
| ldap3_bad.py:30:5:30:13 | unsafe_dc | semmle.label | unsafe_dc |
|
||||
| ldap3_bad.py:30:17:30:23 | request | semmle.label | request |
|
||||
| ldap3_bad.py:30:17:30:23 | request | semmle.label | request |
|
||||
| ldap3_bad.py:31:5:31:17 | unsafe_filter | semmle.label | unsafe_filter |
|
||||
| ldap3_bad.py:31:21:31:27 | request | semmle.label | request |
|
||||
| ldap3_bad.py:33:5:33:6 | dn | semmle.label | dn |
|
||||
| ldap3_bad.py:34:5:34:17 | search_filter | semmle.label | search_filter |
|
||||
| ldap3_bad.py:38:9:38:10 | dn | semmle.label | dn |
|
||||
| ldap3_bad.py:38:13:38:25 | search_filter | semmle.label | search_filter |
|
||||
| ldap_bad.py:1:19:1:25 | After ImportMember | semmle.label | After ImportMember |
|
||||
| ldap_bad.py:1:19:1:25 | After ImportMember | semmle.label | After ImportMember |
|
||||
| ldap_bad.py:1:19:1:25 | request | semmle.label | request |
|
||||
| ldap_bad.py:1:19:1:25 | request | semmle.label | request |
|
||||
| ldap_bad.py:13:5:13:13 | unsafe_dc | semmle.label | unsafe_dc |
|
||||
| ldap_bad.py:13:17:13:23 | request | semmle.label | request |
|
||||
| ldap_bad.py:13:17:13:23 | request | semmle.label | request |
|
||||
| ldap_bad.py:14:5:14:17 | unsafe_filter | semmle.label | unsafe_filter |
|
||||
| ldap_bad.py:14:21:14:27 | request | semmle.label | request |
|
||||
| ldap_bad.py:16:5:16:6 | dn | semmle.label | dn |
|
||||
| ldap_bad.py:17:5:17:17 | search_filter | semmle.label | search_filter |
|
||||
| ldap_bad.py:21:9:21:10 | dn | semmle.label | dn |
|
||||
| ldap_bad.py:21:33:21:45 | search_filter | semmle.label | search_filter |
|
||||
| ldap_bad.py:30:5:30:13 | unsafe_dc | semmle.label | unsafe_dc |
|
||||
| ldap_bad.py:30:17:30:23 | request | semmle.label | request |
|
||||
| ldap_bad.py:30:17:30:23 | request | semmle.label | request |
|
||||
| ldap_bad.py:31:5:31:17 | unsafe_filter | semmle.label | unsafe_filter |
|
||||
| ldap_bad.py:31:21:31:27 | request | semmle.label | request |
|
||||
| ldap_bad.py:33:5:33:6 | dn | semmle.label | dn |
|
||||
| ldap_bad.py:34:5:34:17 | search_filter | semmle.label | search_filter |
|
||||
| ldap_bad.py:37:9:37:10 | dn | semmle.label | dn |
|
||||
| ldap_bad.py:37:33:37:45 | search_filter | semmle.label | search_filter |
|
||||
| ldap_bad.py:47:5:47:13 | unsafe_dc | semmle.label | unsafe_dc |
|
||||
| ldap_bad.py:47:17:47:23 | request | semmle.label | request |
|
||||
| ldap_bad.py:47:17:47:23 | request | semmle.label | request |
|
||||
| ldap_bad.py:48:5:48:17 | unsafe_filter | semmle.label | unsafe_filter |
|
||||
| ldap_bad.py:48:21:48:27 | request | semmle.label | request |
|
||||
| ldap_bad.py:50:5:50:6 | dn | semmle.label | dn |
|
||||
| ldap_bad.py:51:5:51:17 | search_filter | semmle.label | search_filter |
|
||||
| ldap_bad.py:55:9:55:10 | dn | semmle.label | dn |
|
||||
| ldap_bad.py:55:43:55:55 | search_filter | semmle.label | search_filter |
|
||||
subpaths
|
||||
#select
|
||||
| ldap3_bad.py:21:17:21:18 | ControlFlowNode for dn | ldap3_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap3_bad.py:21:17:21:18 | ControlFlowNode for dn | LDAP query parameter (DN) depends on a $@. | ldap3_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| ldap3_bad.py:21:21:21:33 | ControlFlowNode for search_filter | ldap3_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap3_bad.py:21:21:21:33 | ControlFlowNode for search_filter | LDAP query parameter (filter) depends on a $@. | ldap3_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| ldap3_bad.py:38:9:38:10 | ControlFlowNode for dn | ldap3_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap3_bad.py:38:9:38:10 | ControlFlowNode for dn | LDAP query parameter (DN) depends on a $@. | ldap3_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| ldap3_bad.py:38:13:38:25 | ControlFlowNode for search_filter | ldap3_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap3_bad.py:38:13:38:25 | ControlFlowNode for search_filter | LDAP query parameter (filter) depends on a $@. | ldap3_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| ldap_bad.py:21:9:21:10 | ControlFlowNode for dn | ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap_bad.py:21:9:21:10 | ControlFlowNode for dn | LDAP query parameter (DN) depends on a $@. | ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| ldap_bad.py:21:33:21:45 | ControlFlowNode for search_filter | ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap_bad.py:21:33:21:45 | ControlFlowNode for search_filter | LDAP query parameter (filter) depends on a $@. | ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| ldap_bad.py:37:9:37:10 | ControlFlowNode for dn | ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap_bad.py:37:9:37:10 | ControlFlowNode for dn | LDAP query parameter (DN) depends on a $@. | ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| ldap_bad.py:37:33:37:45 | ControlFlowNode for search_filter | ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap_bad.py:37:33:37:45 | ControlFlowNode for search_filter | LDAP query parameter (filter) depends on a $@. | ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| ldap_bad.py:55:9:55:10 | ControlFlowNode for dn | ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap_bad.py:55:9:55:10 | ControlFlowNode for dn | LDAP query parameter (DN) depends on a $@. | ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| ldap_bad.py:55:43:55:55 | ControlFlowNode for search_filter | ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | ldap_bad.py:55:43:55:55 | ControlFlowNode for search_filter | LDAP query parameter (filter) depends on a $@. | ldap_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| ldap3_bad.py:21:17:21:18 | dn | ldap3_bad.py:1:19:1:25 | After ImportMember | ldap3_bad.py:21:17:21:18 | dn | LDAP query parameter (DN) depends on a $@. | ldap3_bad.py:1:19:1:25 | After ImportMember | user-provided value |
|
||||
| ldap3_bad.py:21:21:21:33 | search_filter | ldap3_bad.py:1:19:1:25 | After ImportMember | ldap3_bad.py:21:21:21:33 | search_filter | LDAP query parameter (filter) depends on a $@. | ldap3_bad.py:1:19:1:25 | After ImportMember | user-provided value |
|
||||
| ldap3_bad.py:38:9:38:10 | dn | ldap3_bad.py:1:19:1:25 | After ImportMember | ldap3_bad.py:38:9:38:10 | dn | LDAP query parameter (DN) depends on a $@. | ldap3_bad.py:1:19:1:25 | After ImportMember | user-provided value |
|
||||
| ldap3_bad.py:38:13:38:25 | search_filter | ldap3_bad.py:1:19:1:25 | After ImportMember | ldap3_bad.py:38:13:38:25 | search_filter | LDAP query parameter (filter) depends on a $@. | ldap3_bad.py:1:19:1:25 | After ImportMember | user-provided value |
|
||||
| ldap_bad.py:21:9:21:10 | dn | ldap_bad.py:1:19:1:25 | After ImportMember | ldap_bad.py:21:9:21:10 | dn | LDAP query parameter (DN) depends on a $@. | ldap_bad.py:1:19:1:25 | After ImportMember | user-provided value |
|
||||
| ldap_bad.py:21:33:21:45 | search_filter | ldap_bad.py:1:19:1:25 | After ImportMember | ldap_bad.py:21:33:21:45 | search_filter | LDAP query parameter (filter) depends on a $@. | ldap_bad.py:1:19:1:25 | After ImportMember | user-provided value |
|
||||
| ldap_bad.py:37:9:37:10 | dn | ldap_bad.py:1:19:1:25 | After ImportMember | ldap_bad.py:37:9:37:10 | dn | LDAP query parameter (DN) depends on a $@. | ldap_bad.py:1:19:1:25 | After ImportMember | user-provided value |
|
||||
| ldap_bad.py:37:33:37:45 | search_filter | ldap_bad.py:1:19:1:25 | After ImportMember | ldap_bad.py:37:33:37:45 | search_filter | LDAP query parameter (filter) depends on a $@. | ldap_bad.py:1:19:1:25 | After ImportMember | user-provided value |
|
||||
| ldap_bad.py:55:9:55:10 | dn | ldap_bad.py:1:19:1:25 | After ImportMember | ldap_bad.py:55:9:55:10 | dn | LDAP query parameter (DN) depends on a $@. | ldap_bad.py:1:19:1:25 | After ImportMember | user-provided value |
|
||||
| ldap_bad.py:55:43:55:55 | search_filter | ldap_bad.py:1:19:1:25 | After ImportMember | ldap_bad.py:55:43:55:55 | search_filter | LDAP query parameter (filter) depends on a $@. | ldap_bad.py:1:19:1:25 | After ImportMember | user-provided value |
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
| test.py:8:5:8:38 | ControlFlowNode for Attribute() | Sensitive server cookie is set without HttpOnly flag. |
|
||||
| test.py:9:5:9:51 | ControlFlowNode for Attribute() | Sensitive server cookie is set without HttpOnly flag. |
|
||||
| test.py:11:5:11:57 | ControlFlowNode for Attribute() | Sensitive server cookie is set without HttpOnly flag. |
|
||||
| test.py:8:5:8:38 | After Attribute() | Sensitive server cookie is set without HttpOnly flag. |
|
||||
| test.py:9:5:9:51 | After Attribute() | Sensitive server cookie is set without HttpOnly flag. |
|
||||
| test.py:11:5:11:57 | After Attribute() | Sensitive server cookie is set without HttpOnly flag. |
|
||||
|
||||
@@ -1,68 +1,68 @@
|
||||
#select
|
||||
| flask_tests.py:13:17:13:26 | ControlFlowNode for rfs_header | flask_tests.py:1:29:1:35 | ControlFlowNode for ImportMember | flask_tests.py:13:17:13:26 | ControlFlowNode for rfs_header | This HTTP header is constructed from a $@. | flask_tests.py:1:29:1:35 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| flask_tests.py:20:36:20:61 | ControlFlowNode for Subscript | flask_tests.py:1:29:1:35 | ControlFlowNode for ImportMember | flask_tests.py:20:36:20:61 | ControlFlowNode for Subscript | This HTTP header is constructed from a $@. | flask_tests.py:1:29:1:35 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| flask_tests.py:33:11:33:20 | ControlFlowNode for rfs_header | flask_tests.py:1:29:1:35 | ControlFlowNode for ImportMember | flask_tests.py:33:11:33:20 | ControlFlowNode for rfs_header | This HTTP header is constructed from a $@. | flask_tests.py:1:29:1:35 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| flask_tests.py:35:12:35:21 | ControlFlowNode for rfs_header | flask_tests.py:1:29:1:35 | ControlFlowNode for ImportMember | flask_tests.py:35:12:35:21 | ControlFlowNode for rfs_header | This HTTP header is constructed from a $@. | flask_tests.py:1:29:1:35 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| http_test.py:12:40:12:50 | ControlFlowNode for input_value | http_test.py:5:16:5:19 | ControlFlowNode for self | http_test.py:12:40:12:50 | ControlFlowNode for input_value | This HTTP header is constructed from a $@. | http_test.py:5:16:5:19 | ControlFlowNode for self | user-provided value |
|
||||
| wsgiref_tests.py:8:17:8:22 | ControlFlowNode for h_name | wsgiref_tests.py:4:14:4:20 | ControlFlowNode for environ | wsgiref_tests.py:8:17:8:22 | ControlFlowNode for h_name | This HTTP header is constructed from a $@. | wsgiref_tests.py:4:14:4:20 | ControlFlowNode for environ | user-provided value |
|
||||
| wsgiref_tests.py:8:42:8:46 | ControlFlowNode for h_val | wsgiref_tests.py:4:14:4:20 | ControlFlowNode for environ | wsgiref_tests.py:8:42:8:46 | ControlFlowNode for h_val | This HTTP header is constructed from a $@. | wsgiref_tests.py:4:14:4:20 | ControlFlowNode for environ | user-provided value |
|
||||
| flask_tests.py:13:17:13:26 | rfs_header | flask_tests.py:1:29:1:35 | After ImportMember | flask_tests.py:13:17:13:26 | rfs_header | This HTTP header is constructed from a $@. | flask_tests.py:1:29:1:35 | After ImportMember | user-provided value |
|
||||
| flask_tests.py:20:36:20:61 | After Subscript | flask_tests.py:1:29:1:35 | After ImportMember | flask_tests.py:20:36:20:61 | After Subscript | This HTTP header is constructed from a $@. | flask_tests.py:1:29:1:35 | After ImportMember | user-provided value |
|
||||
| flask_tests.py:33:11:33:20 | rfs_header | flask_tests.py:1:29:1:35 | After ImportMember | flask_tests.py:33:11:33:20 | rfs_header | This HTTP header is constructed from a $@. | flask_tests.py:1:29:1:35 | After ImportMember | user-provided value |
|
||||
| flask_tests.py:35:12:35:21 | rfs_header | flask_tests.py:1:29:1:35 | After ImportMember | flask_tests.py:35:12:35:21 | rfs_header | This HTTP header is constructed from a $@. | flask_tests.py:1:29:1:35 | After ImportMember | user-provided value |
|
||||
| http_test.py:12:40:12:50 | input_value | http_test.py:5:16:5:19 | self | http_test.py:12:40:12:50 | input_value | This HTTP header is constructed from a $@. | http_test.py:5:16:5:19 | self | user-provided value |
|
||||
| wsgiref_tests.py:8:17:8:22 | h_name | wsgiref_tests.py:4:14:4:20 | environ | wsgiref_tests.py:8:17:8:22 | h_name | This HTTP header is constructed from a $@. | wsgiref_tests.py:4:14:4:20 | environ | user-provided value |
|
||||
| wsgiref_tests.py:8:42:8:46 | h_val | wsgiref_tests.py:4:14:4:20 | environ | wsgiref_tests.py:8:42:8:46 | h_val | This HTTP header is constructed from a $@. | wsgiref_tests.py:4:14:4:20 | environ | user-provided value |
|
||||
edges
|
||||
| flask_tests.py:1:29:1:35 | ControlFlowNode for ImportMember | flask_tests.py:1:29:1:35 | ControlFlowNode for request | provenance | |
|
||||
| flask_tests.py:1:29:1:35 | ControlFlowNode for request | flask_tests.py:9:18:9:24 | ControlFlowNode for request | provenance | |
|
||||
| flask_tests.py:1:29:1:35 | ControlFlowNode for request | flask_tests.py:19:18:19:24 | ControlFlowNode for request | provenance | |
|
||||
| flask_tests.py:1:29:1:35 | ControlFlowNode for request | flask_tests.py:20:36:20:42 | ControlFlowNode for request | provenance | |
|
||||
| flask_tests.py:1:29:1:35 | ControlFlowNode for request | flask_tests.py:31:18:31:24 | ControlFlowNode for request | provenance | |
|
||||
| flask_tests.py:9:5:9:14 | ControlFlowNode for rfs_header | flask_tests.py:13:17:13:26 | ControlFlowNode for rfs_header | provenance | |
|
||||
| flask_tests.py:9:18:9:24 | ControlFlowNode for request | flask_tests.py:9:5:9:14 | ControlFlowNode for rfs_header | provenance | AdditionalTaintStep |
|
||||
| flask_tests.py:19:18:19:24 | ControlFlowNode for request | flask_tests.py:20:36:20:61 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| flask_tests.py:20:36:20:42 | ControlFlowNode for request | flask_tests.py:20:36:20:61 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| flask_tests.py:31:5:31:14 | ControlFlowNode for rfs_header | flask_tests.py:33:11:33:20 | ControlFlowNode for rfs_header | provenance | |
|
||||
| flask_tests.py:31:5:31:14 | ControlFlowNode for rfs_header | flask_tests.py:35:12:35:21 | ControlFlowNode for rfs_header | provenance | |
|
||||
| flask_tests.py:31:18:31:24 | ControlFlowNode for request | flask_tests.py:31:5:31:14 | ControlFlowNode for rfs_header | provenance | AdditionalTaintStep |
|
||||
| http_test.py:5:16:5:19 | ControlFlowNode for self | http_test.py:6:45:6:53 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| http_test.py:6:9:6:19 | ControlFlowNode for parsed_path | http_test.py:7:40:7:56 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| http_test.py:6:23:6:54 | ControlFlowNode for Attribute() | http_test.py:6:9:6:19 | ControlFlowNode for parsed_path | provenance | |
|
||||
| http_test.py:6:45:6:53 | ControlFlowNode for Attribute | http_test.py:6:23:6:54 | ControlFlowNode for Attribute() | provenance | MaD:2 |
|
||||
| http_test.py:7:9:7:14 | ControlFlowNode for params | http_test.py:8:23:8:28 | ControlFlowNode for params | provenance | |
|
||||
| http_test.py:7:18:7:57 | ControlFlowNode for Attribute() | http_test.py:7:9:7:14 | ControlFlowNode for params | provenance | |
|
||||
| http_test.py:7:40:7:56 | ControlFlowNode for Attribute | http_test.py:7:18:7:57 | ControlFlowNode for Attribute() | provenance | MaD:1 |
|
||||
| http_test.py:8:9:8:19 | ControlFlowNode for input_value | http_test.py:12:40:12:50 | ControlFlowNode for input_value | provenance | |
|
||||
| http_test.py:8:23:8:28 | ControlFlowNode for params | http_test.py:8:23:8:47 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| http_test.py:8:23:8:47 | ControlFlowNode for Attribute() | http_test.py:8:9:8:19 | ControlFlowNode for input_value | provenance | |
|
||||
| wsgiref_tests.py:4:14:4:20 | ControlFlowNode for environ | wsgiref_tests.py:6:5:6:10 | ControlFlowNode for h_name | provenance | |
|
||||
| wsgiref_tests.py:4:14:4:20 | ControlFlowNode for environ | wsgiref_tests.py:7:5:7:9 | ControlFlowNode for h_val | provenance | |
|
||||
| wsgiref_tests.py:6:5:6:10 | ControlFlowNode for h_name | wsgiref_tests.py:8:17:8:22 | ControlFlowNode for h_name | provenance | |
|
||||
| wsgiref_tests.py:7:5:7:9 | ControlFlowNode for h_val | wsgiref_tests.py:8:42:8:46 | ControlFlowNode for h_val | provenance | |
|
||||
| flask_tests.py:1:29:1:35 | After ImportMember | flask_tests.py:1:29:1:35 | request | provenance | |
|
||||
| flask_tests.py:1:29:1:35 | request | flask_tests.py:9:18:9:24 | request | provenance | |
|
||||
| flask_tests.py:1:29:1:35 | request | flask_tests.py:19:18:19:24 | request | provenance | |
|
||||
| flask_tests.py:1:29:1:35 | request | flask_tests.py:20:36:20:42 | request | provenance | |
|
||||
| flask_tests.py:1:29:1:35 | request | flask_tests.py:31:18:31:24 | request | provenance | |
|
||||
| flask_tests.py:9:5:9:14 | rfs_header | flask_tests.py:13:17:13:26 | rfs_header | provenance | |
|
||||
| flask_tests.py:9:18:9:24 | request | flask_tests.py:9:5:9:14 | rfs_header | provenance | AdditionalTaintStep |
|
||||
| flask_tests.py:19:18:19:24 | request | flask_tests.py:20:36:20:61 | After Subscript | provenance | AdditionalTaintStep |
|
||||
| flask_tests.py:20:36:20:42 | request | flask_tests.py:20:36:20:61 | After Subscript | provenance | AdditionalTaintStep |
|
||||
| flask_tests.py:31:5:31:14 | rfs_header | flask_tests.py:33:11:33:20 | rfs_header | provenance | |
|
||||
| flask_tests.py:31:5:31:14 | rfs_header | flask_tests.py:35:12:35:21 | rfs_header | provenance | |
|
||||
| flask_tests.py:31:18:31:24 | request | flask_tests.py:31:5:31:14 | rfs_header | provenance | AdditionalTaintStep |
|
||||
| http_test.py:5:16:5:19 | self | http_test.py:6:45:6:53 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| http_test.py:6:9:6:19 | parsed_path | http_test.py:7:40:7:56 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| http_test.py:6:23:6:54 | After Attribute() | http_test.py:6:9:6:19 | parsed_path | provenance | |
|
||||
| http_test.py:6:45:6:53 | After Attribute | http_test.py:6:23:6:54 | After Attribute() | provenance | MaD:2 |
|
||||
| http_test.py:7:9:7:14 | params | http_test.py:8:23:8:28 | params | provenance | |
|
||||
| http_test.py:7:18:7:57 | After Attribute() | http_test.py:7:9:7:14 | params | provenance | |
|
||||
| http_test.py:7:40:7:56 | After Attribute | http_test.py:7:18:7:57 | After Attribute() | provenance | MaD:1 |
|
||||
| http_test.py:8:9:8:19 | input_value | http_test.py:12:40:12:50 | input_value | provenance | |
|
||||
| http_test.py:8:23:8:28 | params | http_test.py:8:23:8:47 | After Attribute() | provenance | dict.get |
|
||||
| http_test.py:8:23:8:47 | After Attribute() | http_test.py:8:9:8:19 | input_value | provenance | |
|
||||
| wsgiref_tests.py:4:14:4:20 | environ | wsgiref_tests.py:6:5:6:10 | h_name | provenance | |
|
||||
| wsgiref_tests.py:4:14:4:20 | environ | wsgiref_tests.py:7:5:7:9 | h_val | provenance | |
|
||||
| wsgiref_tests.py:6:5:6:10 | h_name | wsgiref_tests.py:8:17:8:22 | h_name | provenance | |
|
||||
| wsgiref_tests.py:7:5:7:9 | h_val | wsgiref_tests.py:8:42:8:46 | h_val | provenance | |
|
||||
models
|
||||
| 1 | Summary: urllib; Member[parse].Member[parse_qs]; Argument[0,qs:]; ReturnValue; taint |
|
||||
| 2 | Summary: urllib; Member[parse].Member[urlparse]; Argument[0,urlstring:]; ReturnValue; taint |
|
||||
nodes
|
||||
| flask_tests.py:1:29:1:35 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| flask_tests.py:1:29:1:35 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_tests.py:9:5:9:14 | ControlFlowNode for rfs_header | semmle.label | ControlFlowNode for rfs_header |
|
||||
| flask_tests.py:9:18:9:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_tests.py:13:17:13:26 | ControlFlowNode for rfs_header | semmle.label | ControlFlowNode for rfs_header |
|
||||
| flask_tests.py:19:18:19:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_tests.py:20:36:20:42 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_tests.py:20:36:20:61 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_tests.py:31:5:31:14 | ControlFlowNode for rfs_header | semmle.label | ControlFlowNode for rfs_header |
|
||||
| flask_tests.py:31:18:31:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_tests.py:33:11:33:20 | ControlFlowNode for rfs_header | semmle.label | ControlFlowNode for rfs_header |
|
||||
| flask_tests.py:35:12:35:21 | ControlFlowNode for rfs_header | semmle.label | ControlFlowNode for rfs_header |
|
||||
| http_test.py:5:16:5:19 | ControlFlowNode for self | semmle.label | ControlFlowNode for self |
|
||||
| http_test.py:6:9:6:19 | ControlFlowNode for parsed_path | semmle.label | ControlFlowNode for parsed_path |
|
||||
| http_test.py:6:23:6:54 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| http_test.py:6:45:6:53 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| http_test.py:7:9:7:14 | ControlFlowNode for params | semmle.label | ControlFlowNode for params |
|
||||
| http_test.py:7:18:7:57 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| http_test.py:7:40:7:56 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| http_test.py:8:9:8:19 | ControlFlowNode for input_value | semmle.label | ControlFlowNode for input_value |
|
||||
| http_test.py:8:23:8:28 | ControlFlowNode for params | semmle.label | ControlFlowNode for params |
|
||||
| http_test.py:8:23:8:47 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| http_test.py:12:40:12:50 | ControlFlowNode for input_value | semmle.label | ControlFlowNode for input_value |
|
||||
| wsgiref_tests.py:4:14:4:20 | ControlFlowNode for environ | semmle.label | ControlFlowNode for environ |
|
||||
| wsgiref_tests.py:6:5:6:10 | ControlFlowNode for h_name | semmle.label | ControlFlowNode for h_name |
|
||||
| wsgiref_tests.py:7:5:7:9 | ControlFlowNode for h_val | semmle.label | ControlFlowNode for h_val |
|
||||
| wsgiref_tests.py:8:17:8:22 | ControlFlowNode for h_name | semmle.label | ControlFlowNode for h_name |
|
||||
| wsgiref_tests.py:8:42:8:46 | ControlFlowNode for h_val | semmle.label | ControlFlowNode for h_val |
|
||||
| flask_tests.py:1:29:1:35 | After ImportMember | semmle.label | After ImportMember |
|
||||
| flask_tests.py:1:29:1:35 | request | semmle.label | request |
|
||||
| flask_tests.py:9:5:9:14 | rfs_header | semmle.label | rfs_header |
|
||||
| flask_tests.py:9:18:9:24 | request | semmle.label | request |
|
||||
| flask_tests.py:13:17:13:26 | rfs_header | semmle.label | rfs_header |
|
||||
| flask_tests.py:19:18:19:24 | request | semmle.label | request |
|
||||
| flask_tests.py:20:36:20:42 | request | semmle.label | request |
|
||||
| flask_tests.py:20:36:20:61 | After Subscript | semmle.label | After Subscript |
|
||||
| flask_tests.py:31:5:31:14 | rfs_header | semmle.label | rfs_header |
|
||||
| flask_tests.py:31:18:31:24 | request | semmle.label | request |
|
||||
| flask_tests.py:33:11:33:20 | rfs_header | semmle.label | rfs_header |
|
||||
| flask_tests.py:35:12:35:21 | rfs_header | semmle.label | rfs_header |
|
||||
| http_test.py:5:16:5:19 | self | semmle.label | self |
|
||||
| http_test.py:6:9:6:19 | parsed_path | semmle.label | parsed_path |
|
||||
| http_test.py:6:23:6:54 | After Attribute() | semmle.label | After Attribute() |
|
||||
| http_test.py:6:45:6:53 | After Attribute | semmle.label | After Attribute |
|
||||
| http_test.py:7:9:7:14 | params | semmle.label | params |
|
||||
| http_test.py:7:18:7:57 | After Attribute() | semmle.label | After Attribute() |
|
||||
| http_test.py:7:40:7:56 | After Attribute | semmle.label | After Attribute |
|
||||
| http_test.py:8:9:8:19 | input_value | semmle.label | input_value |
|
||||
| http_test.py:8:23:8:28 | params | semmle.label | params |
|
||||
| http_test.py:8:23:8:47 | After Attribute() | semmle.label | After Attribute() |
|
||||
| http_test.py:12:40:12:50 | input_value | semmle.label | input_value |
|
||||
| wsgiref_tests.py:4:14:4:20 | environ | semmle.label | environ |
|
||||
| wsgiref_tests.py:6:5:6:10 | h_name | semmle.label | h_name |
|
||||
| wsgiref_tests.py:7:5:7:9 | h_val | semmle.label | h_val |
|
||||
| wsgiref_tests.py:8:17:8:22 | h_name | semmle.label | h_name |
|
||||
| wsgiref_tests.py:8:42:8:46 | h_val | semmle.label | h_val |
|
||||
subpaths
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
source
|
||||
| wsgiref_tests.py:7:14:7:20 | ControlFlowNode for environ |
|
||||
| wsgiref_tests.py:7:14:7:20 | environ |
|
||||
sink
|
||||
headerWrite
|
||||
| wsgiref_tests.py:12:5:12:35 | ControlFlowNode for start_response() | wsgiref_tests.py:11:17:11:22 | ControlFlowNode for h_name | wsgiref_tests.py:11:25:11:29 | ControlFlowNode for StringLiteral | false | false |
|
||||
| wsgiref_tests.py:12:5:12:35 | ControlFlowNode for start_response() | wsgiref_tests.py:11:17:11:22 | ControlFlowNode for h_name | wsgiref_tests.py:11:42:11:46 | ControlFlowNode for h_val | false | false |
|
||||
| wsgiref_tests.py:12:5:12:35 | ControlFlowNode for start_response() | wsgiref_tests.py:11:34:11:39 | ControlFlowNode for StringLiteral | wsgiref_tests.py:11:25:11:29 | ControlFlowNode for StringLiteral | false | false |
|
||||
| wsgiref_tests.py:12:5:12:35 | ControlFlowNode for start_response() | wsgiref_tests.py:11:34:11:39 | ControlFlowNode for StringLiteral | wsgiref_tests.py:11:42:11:46 | ControlFlowNode for h_val | false | false |
|
||||
| wsgiref_tests.py:12:5:12:35 | After start_response() | wsgiref_tests.py:11:17:11:22 | h_name | wsgiref_tests.py:11:25:11:29 | StringLiteral | false | false |
|
||||
| wsgiref_tests.py:12:5:12:35 | After start_response() | wsgiref_tests.py:11:17:11:22 | h_name | wsgiref_tests.py:11:42:11:46 | h_val | false | false |
|
||||
| wsgiref_tests.py:12:5:12:35 | After start_response() | wsgiref_tests.py:11:34:11:39 | StringLiteral | wsgiref_tests.py:11:25:11:29 | StringLiteral | false | false |
|
||||
| wsgiref_tests.py:12:5:12:35 | After start_response() | wsgiref_tests.py:11:34:11:39 | StringLiteral | wsgiref_tests.py:11:42:11:46 | h_val | false | false |
|
||||
|
||||
@@ -1,51 +1,51 @@
|
||||
edges
|
||||
| LogInjectionBad.py:7:19:7:25 | ControlFlowNode for ImportMember | LogInjectionBad.py:7:19:7:25 | ControlFlowNode for request | provenance | |
|
||||
| LogInjectionBad.py:7:19:7:25 | ControlFlowNode for request | LogInjectionBad.py:17:12:17:18 | ControlFlowNode for request | provenance | |
|
||||
| LogInjectionBad.py:7:19:7:25 | ControlFlowNode for request | LogInjectionBad.py:23:12:23:18 | ControlFlowNode for request | provenance | |
|
||||
| LogInjectionBad.py:7:19:7:25 | ControlFlowNode for request | LogInjectionBad.py:29:12:29:18 | ControlFlowNode for request | provenance | |
|
||||
| LogInjectionBad.py:7:19:7:25 | ControlFlowNode for request | LogInjectionBad.py:35:12:35:18 | ControlFlowNode for request | provenance | |
|
||||
| LogInjectionBad.py:17:5:17:8 | ControlFlowNode for name | LogInjectionBad.py:18:21:18:40 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| LogInjectionBad.py:17:12:17:18 | ControlFlowNode for request | LogInjectionBad.py:17:12:17:23 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| LogInjectionBad.py:17:12:17:23 | ControlFlowNode for Attribute | LogInjectionBad.py:17:12:17:35 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| LogInjectionBad.py:17:12:17:35 | ControlFlowNode for Attribute() | LogInjectionBad.py:17:5:17:8 | ControlFlowNode for name | provenance | |
|
||||
| LogInjectionBad.py:23:5:23:8 | ControlFlowNode for name | LogInjectionBad.py:24:18:24:37 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| LogInjectionBad.py:23:12:23:18 | ControlFlowNode for request | LogInjectionBad.py:23:12:23:23 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| LogInjectionBad.py:23:12:23:23 | ControlFlowNode for Attribute | LogInjectionBad.py:23:12:23:35 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| LogInjectionBad.py:23:12:23:35 | ControlFlowNode for Attribute() | LogInjectionBad.py:23:5:23:8 | ControlFlowNode for name | provenance | |
|
||||
| LogInjectionBad.py:29:5:29:8 | ControlFlowNode for name | LogInjectionBad.py:30:25:30:44 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| LogInjectionBad.py:29:12:29:18 | ControlFlowNode for request | LogInjectionBad.py:29:12:29:23 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| LogInjectionBad.py:29:12:29:23 | ControlFlowNode for Attribute | LogInjectionBad.py:29:12:29:35 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| LogInjectionBad.py:29:12:29:35 | ControlFlowNode for Attribute() | LogInjectionBad.py:29:5:29:8 | ControlFlowNode for name | provenance | |
|
||||
| LogInjectionBad.py:35:5:35:8 | ControlFlowNode for name | LogInjectionBad.py:37:19:37:38 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| LogInjectionBad.py:35:12:35:18 | ControlFlowNode for request | LogInjectionBad.py:35:12:35:23 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| LogInjectionBad.py:35:12:35:23 | ControlFlowNode for Attribute | LogInjectionBad.py:35:12:35:35 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| LogInjectionBad.py:35:12:35:35 | ControlFlowNode for Attribute() | LogInjectionBad.py:35:5:35:8 | ControlFlowNode for name | provenance | |
|
||||
| LogInjectionBad.py:7:19:7:25 | After ImportMember | LogInjectionBad.py:7:19:7:25 | request | provenance | |
|
||||
| LogInjectionBad.py:7:19:7:25 | request | LogInjectionBad.py:17:12:17:18 | request | provenance | |
|
||||
| LogInjectionBad.py:7:19:7:25 | request | LogInjectionBad.py:23:12:23:18 | request | provenance | |
|
||||
| LogInjectionBad.py:7:19:7:25 | request | LogInjectionBad.py:29:12:29:18 | request | provenance | |
|
||||
| LogInjectionBad.py:7:19:7:25 | request | LogInjectionBad.py:35:12:35:18 | request | provenance | |
|
||||
| LogInjectionBad.py:17:5:17:8 | name | LogInjectionBad.py:18:21:18:40 | After BinaryExpr | provenance | |
|
||||
| LogInjectionBad.py:17:12:17:18 | request | LogInjectionBad.py:17:12:17:23 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| LogInjectionBad.py:17:12:17:23 | After Attribute | LogInjectionBad.py:17:12:17:35 | After Attribute() | provenance | dict.get |
|
||||
| LogInjectionBad.py:17:12:17:35 | After Attribute() | LogInjectionBad.py:17:5:17:8 | name | provenance | |
|
||||
| LogInjectionBad.py:23:5:23:8 | name | LogInjectionBad.py:24:18:24:37 | After BinaryExpr | provenance | |
|
||||
| LogInjectionBad.py:23:12:23:18 | request | LogInjectionBad.py:23:12:23:23 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| LogInjectionBad.py:23:12:23:23 | After Attribute | LogInjectionBad.py:23:12:23:35 | After Attribute() | provenance | dict.get |
|
||||
| LogInjectionBad.py:23:12:23:35 | After Attribute() | LogInjectionBad.py:23:5:23:8 | name | provenance | |
|
||||
| LogInjectionBad.py:29:5:29:8 | name | LogInjectionBad.py:30:25:30:44 | After BinaryExpr | provenance | |
|
||||
| LogInjectionBad.py:29:12:29:18 | request | LogInjectionBad.py:29:12:29:23 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| LogInjectionBad.py:29:12:29:23 | After Attribute | LogInjectionBad.py:29:12:29:35 | After Attribute() | provenance | dict.get |
|
||||
| LogInjectionBad.py:29:12:29:35 | After Attribute() | LogInjectionBad.py:29:5:29:8 | name | provenance | |
|
||||
| LogInjectionBad.py:35:5:35:8 | name | LogInjectionBad.py:37:19:37:38 | After BinaryExpr | provenance | |
|
||||
| LogInjectionBad.py:35:12:35:18 | request | LogInjectionBad.py:35:12:35:23 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| LogInjectionBad.py:35:12:35:23 | After Attribute | LogInjectionBad.py:35:12:35:35 | After Attribute() | provenance | dict.get |
|
||||
| LogInjectionBad.py:35:12:35:35 | After Attribute() | LogInjectionBad.py:35:5:35:8 | name | provenance | |
|
||||
nodes
|
||||
| LogInjectionBad.py:7:19:7:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| LogInjectionBad.py:7:19:7:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| LogInjectionBad.py:17:5:17:8 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| LogInjectionBad.py:17:12:17:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| LogInjectionBad.py:17:12:17:23 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| LogInjectionBad.py:17:12:17:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| LogInjectionBad.py:18:21:18:40 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| LogInjectionBad.py:23:5:23:8 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| LogInjectionBad.py:23:12:23:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| LogInjectionBad.py:23:12:23:23 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| LogInjectionBad.py:23:12:23:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| LogInjectionBad.py:24:18:24:37 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| LogInjectionBad.py:29:5:29:8 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| LogInjectionBad.py:29:12:29:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| LogInjectionBad.py:29:12:29:23 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| LogInjectionBad.py:29:12:29:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| LogInjectionBad.py:30:25:30:44 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| LogInjectionBad.py:35:5:35:8 | ControlFlowNode for name | semmle.label | ControlFlowNode for name |
|
||||
| LogInjectionBad.py:35:12:35:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| LogInjectionBad.py:35:12:35:23 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| LogInjectionBad.py:35:12:35:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| LogInjectionBad.py:37:19:37:38 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| LogInjectionBad.py:7:19:7:25 | After ImportMember | semmle.label | After ImportMember |
|
||||
| LogInjectionBad.py:7:19:7:25 | request | semmle.label | request |
|
||||
| LogInjectionBad.py:17:5:17:8 | name | semmle.label | name |
|
||||
| LogInjectionBad.py:17:12:17:18 | request | semmle.label | request |
|
||||
| LogInjectionBad.py:17:12:17:23 | After Attribute | semmle.label | After Attribute |
|
||||
| LogInjectionBad.py:17:12:17:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| LogInjectionBad.py:18:21:18:40 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| LogInjectionBad.py:23:5:23:8 | name | semmle.label | name |
|
||||
| LogInjectionBad.py:23:12:23:18 | request | semmle.label | request |
|
||||
| LogInjectionBad.py:23:12:23:23 | After Attribute | semmle.label | After Attribute |
|
||||
| LogInjectionBad.py:23:12:23:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| LogInjectionBad.py:24:18:24:37 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| LogInjectionBad.py:29:5:29:8 | name | semmle.label | name |
|
||||
| LogInjectionBad.py:29:12:29:18 | request | semmle.label | request |
|
||||
| LogInjectionBad.py:29:12:29:23 | After Attribute | semmle.label | After Attribute |
|
||||
| LogInjectionBad.py:29:12:29:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| LogInjectionBad.py:30:25:30:44 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| LogInjectionBad.py:35:5:35:8 | name | semmle.label | name |
|
||||
| LogInjectionBad.py:35:12:35:18 | request | semmle.label | request |
|
||||
| LogInjectionBad.py:35:12:35:23 | After Attribute | semmle.label | After Attribute |
|
||||
| LogInjectionBad.py:35:12:35:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| LogInjectionBad.py:37:19:37:38 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
subpaths
|
||||
#select
|
||||
| LogInjectionBad.py:18:21:18:40 | ControlFlowNode for BinaryExpr | LogInjectionBad.py:7:19:7:25 | ControlFlowNode for ImportMember | LogInjectionBad.py:18:21:18:40 | ControlFlowNode for BinaryExpr | This log entry depends on a $@. | LogInjectionBad.py:7:19:7:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| LogInjectionBad.py:24:18:24:37 | ControlFlowNode for BinaryExpr | LogInjectionBad.py:7:19:7:25 | ControlFlowNode for ImportMember | LogInjectionBad.py:24:18:24:37 | ControlFlowNode for BinaryExpr | This log entry depends on a $@. | LogInjectionBad.py:7:19:7:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| LogInjectionBad.py:30:25:30:44 | ControlFlowNode for BinaryExpr | LogInjectionBad.py:7:19:7:25 | ControlFlowNode for ImportMember | LogInjectionBad.py:30:25:30:44 | ControlFlowNode for BinaryExpr | This log entry depends on a $@. | LogInjectionBad.py:7:19:7:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| LogInjectionBad.py:37:19:37:38 | ControlFlowNode for BinaryExpr | LogInjectionBad.py:7:19:7:25 | ControlFlowNode for ImportMember | LogInjectionBad.py:37:19:37:38 | ControlFlowNode for BinaryExpr | This log entry depends on a $@. | LogInjectionBad.py:7:19:7:25 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| LogInjectionBad.py:18:21:18:40 | After BinaryExpr | LogInjectionBad.py:7:19:7:25 | After ImportMember | LogInjectionBad.py:18:21:18:40 | After BinaryExpr | This log entry depends on a $@. | LogInjectionBad.py:7:19:7:25 | After ImportMember | user-provided value |
|
||||
| LogInjectionBad.py:24:18:24:37 | After BinaryExpr | LogInjectionBad.py:7:19:7:25 | After ImportMember | LogInjectionBad.py:24:18:24:37 | After BinaryExpr | This log entry depends on a $@. | LogInjectionBad.py:7:19:7:25 | After ImportMember | user-provided value |
|
||||
| LogInjectionBad.py:30:25:30:44 | After BinaryExpr | LogInjectionBad.py:7:19:7:25 | After ImportMember | LogInjectionBad.py:30:25:30:44 | After BinaryExpr | This log entry depends on a $@. | LogInjectionBad.py:7:19:7:25 | After ImportMember | user-provided value |
|
||||
| LogInjectionBad.py:37:19:37:38 | After BinaryExpr | LogInjectionBad.py:7:19:7:25 | After ImportMember | LogInjectionBad.py:37:19:37:38 | After BinaryExpr | This log entry depends on a $@. | LogInjectionBad.py:7:19:7:25 | After ImportMember | user-provided value |
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
| test.py:10:5:10:60 | ControlFlowNode for Attribute() | Sensitive cookie with SameSite set to 'None'. |
|
||||
| test.py:13:5:13:78 | ControlFlowNode for Attribute() | Sensitive cookie with SameSite set to 'None'. |
|
||||
| test.py:10:5:10:60 | After Attribute() | Sensitive cookie with SameSite set to 'None'. |
|
||||
| test.py:13:5:13:78 | After Attribute() | Sensitive cookie with SameSite set to 'None'. |
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
| test.py:10:1:10:19 | ControlFlowNode for Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
|
||||
| test.py:11:1:11:27 | ControlFlowNode for Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
|
||||
| test.py:26:1:26:20 | ControlFlowNode for Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
|
||||
| test.py:30:1:30:20 | ControlFlowNode for Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
|
||||
| test.py:38:1:38:18 | ControlFlowNode for runapp() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
|
||||
| test.py:43:1:43:35 | ControlFlowNode for Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
|
||||
| test.py:10:1:10:19 | After Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
|
||||
| test.py:11:1:11:27 | After Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
|
||||
| test.py:26:1:26:20 | After Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
|
||||
| test.py:30:1:30:20 | After Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
|
||||
| test.py:38:1:38:18 | After runapp() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
|
||||
| test.py:43:1:43:35 | After Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
|
||||
|
||||
@@ -1,24 +1,24 @@
|
||||
edges
|
||||
| pam_test.py:4:26:4:32 | ControlFlowNode for ImportMember | pam_test.py:4:26:4:32 | ControlFlowNode for request | provenance | |
|
||||
| pam_test.py:4:26:4:32 | ControlFlowNode for request | pam_test.py:71:16:71:22 | ControlFlowNode for request | provenance | |
|
||||
| pam_test.py:71:5:71:12 | ControlFlowNode for username | pam_test.py:74:33:74:40 | ControlFlowNode for username | provenance | |
|
||||
| pam_test.py:71:16:71:22 | ControlFlowNode for request | pam_test.py:71:16:71:27 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| pam_test.py:71:16:71:27 | ControlFlowNode for Attribute | pam_test.py:71:16:71:47 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| pam_test.py:71:16:71:47 | ControlFlowNode for Attribute() | pam_test.py:71:5:71:12 | ControlFlowNode for username | provenance | |
|
||||
| pam_test.py:74:33:74:40 | ControlFlowNode for username | pam_test.py:74:62:74:67 | ControlFlowNode for handle | provenance | Config |
|
||||
| pam_test.py:74:62:74:67 | ControlFlowNode for handle | pam_test.py:76:31:76:36 | ControlFlowNode for handle | provenance | |
|
||||
| pam_test.py:76:31:76:36 | ControlFlowNode for handle | pam_test.py:76:14:76:40 | ControlFlowNode for pam_authenticate() | provenance | Config |
|
||||
| pam_test.py:4:26:4:32 | After ImportMember | pam_test.py:4:26:4:32 | request | provenance | |
|
||||
| pam_test.py:4:26:4:32 | request | pam_test.py:71:16:71:22 | request | provenance | |
|
||||
| pam_test.py:71:5:71:12 | username | pam_test.py:74:33:74:40 | username | provenance | |
|
||||
| pam_test.py:71:16:71:22 | request | pam_test.py:71:16:71:27 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| pam_test.py:71:16:71:27 | After Attribute | pam_test.py:71:16:71:47 | After Attribute() | provenance | dict.get |
|
||||
| pam_test.py:71:16:71:47 | After Attribute() | pam_test.py:71:5:71:12 | username | provenance | |
|
||||
| pam_test.py:74:33:74:40 | username | pam_test.py:74:62:74:67 | handle | provenance | Config |
|
||||
| pam_test.py:74:62:74:67 | handle | pam_test.py:76:31:76:36 | handle | provenance | |
|
||||
| pam_test.py:76:31:76:36 | handle | pam_test.py:76:14:76:40 | After pam_authenticate() | provenance | Config |
|
||||
nodes
|
||||
| pam_test.py:4:26:4:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| pam_test.py:4:26:4:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| pam_test.py:71:5:71:12 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| pam_test.py:71:16:71:22 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| pam_test.py:71:16:71:27 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| pam_test.py:71:16:71:47 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| pam_test.py:74:33:74:40 | ControlFlowNode for username | semmle.label | ControlFlowNode for username |
|
||||
| pam_test.py:74:62:74:67 | ControlFlowNode for handle | semmle.label | ControlFlowNode for handle |
|
||||
| pam_test.py:76:14:76:40 | ControlFlowNode for pam_authenticate() | semmle.label | ControlFlowNode for pam_authenticate() |
|
||||
| pam_test.py:76:31:76:36 | ControlFlowNode for handle | semmle.label | ControlFlowNode for handle |
|
||||
| pam_test.py:4:26:4:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| pam_test.py:4:26:4:32 | request | semmle.label | request |
|
||||
| pam_test.py:71:5:71:12 | username | semmle.label | username |
|
||||
| pam_test.py:71:16:71:22 | request | semmle.label | request |
|
||||
| pam_test.py:71:16:71:27 | After Attribute | semmle.label | After Attribute |
|
||||
| pam_test.py:71:16:71:47 | After Attribute() | semmle.label | After Attribute() |
|
||||
| pam_test.py:74:33:74:40 | username | semmle.label | username |
|
||||
| pam_test.py:74:62:74:67 | handle | semmle.label | handle |
|
||||
| pam_test.py:76:14:76:40 | After pam_authenticate() | semmle.label | After pam_authenticate() |
|
||||
| pam_test.py:76:31:76:36 | handle | semmle.label | handle |
|
||||
subpaths
|
||||
#select
|
||||
| pam_test.py:76:14:76:40 | ControlFlowNode for pam_authenticate() | pam_test.py:4:26:4:32 | ControlFlowNode for ImportMember | pam_test.py:76:14:76:40 | ControlFlowNode for pam_authenticate() | This PAM authentication depends on a $@, and 'pam_acct_mgmt' is not called afterwards. | pam_test.py:4:26:4:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| pam_test.py:76:14:76:40 | After pam_authenticate() | pam_test.py:4:26:4:32 | After ImportMember | pam_test.py:76:14:76:40 | After pam_authenticate() | This PAM authentication depends on a $@, and 'pam_acct_mgmt' is not called afterwards. | pam_test.py:4:26:4:32 | After ImportMember | user-provided value |
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
| paramiko_host_key.py:5:1:5:49 | ControlFlowNode for Attribute() | Setting missing host key policy to AutoAddPolicy may be unsafe. |
|
||||
| paramiko_host_key.py:7:1:7:49 | ControlFlowNode for Attribute() | Setting missing host key policy to WarningPolicy may be unsafe. |
|
||||
| paramiko_host_key.py:11:1:11:51 | ControlFlowNode for Attribute() | Setting missing host key policy to AutoAddPolicy may be unsafe. |
|
||||
| paramiko_host_key.py:13:1:13:51 | ControlFlowNode for Attribute() | Setting missing host key policy to WarningPolicy may be unsafe. |
|
||||
| paramiko_host_key.py:20:1:20:58 | ControlFlowNode for Attribute() | Setting missing host key policy to AutoAddPolicy may be unsafe. |
|
||||
| paramiko_host_key.py:5:1:5:49 | After Attribute() | Setting missing host key policy to AutoAddPolicy may be unsafe. |
|
||||
| paramiko_host_key.py:7:1:7:49 | After Attribute() | Setting missing host key policy to WarningPolicy may be unsafe. |
|
||||
| paramiko_host_key.py:11:1:11:51 | After Attribute() | Setting missing host key policy to AutoAddPolicy may be unsafe. |
|
||||
| paramiko_host_key.py:13:1:13:51 | After Attribute() | Setting missing host key policy to WarningPolicy may be unsafe. |
|
||||
| paramiko_host_key.py:20:1:20:58 | After Attribute() | Setting missing host key policy to AutoAddPolicy may be unsafe. |
|
||||
|
||||
@@ -1,100 +1,100 @@
|
||||
edges
|
||||
| test.py:19:5:19:12 | ControlFlowNode for password | test.py:20:48:20:55 | ControlFlowNode for password | provenance | |
|
||||
| test.py:19:5:19:12 | ControlFlowNode for password | test.py:22:58:22:65 | ControlFlowNode for password | provenance | |
|
||||
| test.py:19:5:19:12 | ControlFlowNode for password | test.py:23:58:23:65 | ControlFlowNode for password | provenance | |
|
||||
| test.py:19:5:19:12 | ControlFlowNode for password | test.py:27:40:27:47 | ControlFlowNode for password | provenance | |
|
||||
| test.py:19:5:19:12 | ControlFlowNode for password | test.py:30:58:30:65 | ControlFlowNode for password | provenance | |
|
||||
| test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:19:5:19:12 | ControlFlowNode for password | provenance | |
|
||||
| test.py:44:5:44:5 | ControlFlowNode for x | test.py:45:11:45:11 | ControlFlowNode for x | provenance | |
|
||||
| test.py:44:9:44:25 | ControlFlowNode for Attribute() | test.py:44:5:44:5 | ControlFlowNode for x | provenance | |
|
||||
| test.py:48:14:48:35 | ControlFlowNode for social_security_number | test.py:49:15:49:36 | ControlFlowNode for social_security_number | provenance | |
|
||||
| test.py:48:38:48:40 | ControlFlowNode for ssn | test.py:50:15:50:17 | ControlFlowNode for ssn | provenance | |
|
||||
| test.py:48:54:48:63 | ControlFlowNode for passportNo | test.py:52:15:52:24 | ControlFlowNode for passportNo | provenance | |
|
||||
| test.py:54:14:54:22 | ControlFlowNode for post_code | test.py:55:15:55:23 | ControlFlowNode for post_code | provenance | |
|
||||
| test.py:54:25:54:31 | ControlFlowNode for zipCode | test.py:56:15:56:21 | ControlFlowNode for zipCode | provenance | |
|
||||
| test.py:54:34:54:45 | ControlFlowNode for home_address | test.py:57:15:57:26 | ControlFlowNode for home_address | provenance | |
|
||||
| test.py:59:14:59:26 | ControlFlowNode for user_latitude | test.py:60:15:60:27 | ControlFlowNode for user_latitude | provenance | |
|
||||
| test.py:59:29:59:42 | ControlFlowNode for user_longitude | test.py:61:15:61:28 | ControlFlowNode for user_longitude | provenance | |
|
||||
| test.py:63:14:63:26 | ControlFlowNode for mobile_number | test.py:64:15:64:27 | ControlFlowNode for mobile_number | provenance | |
|
||||
| test.py:63:29:63:35 | ControlFlowNode for phoneNo | test.py:65:15:65:21 | ControlFlowNode for phoneNo | provenance | |
|
||||
| test.py:67:14:67:23 | ControlFlowNode for creditcard | test.py:68:15:68:24 | ControlFlowNode for creditcard | provenance | |
|
||||
| test.py:67:26:67:35 | ControlFlowNode for debit_card | test.py:69:15:69:24 | ControlFlowNode for debit_card | provenance | |
|
||||
| test.py:67:38:67:48 | ControlFlowNode for bank_number | test.py:70:15:70:25 | ControlFlowNode for bank_number | provenance | |
|
||||
| test.py:67:76:67:78 | ControlFlowNode for ccn | test.py:73:15:73:17 | ControlFlowNode for ccn | provenance | |
|
||||
| test.py:67:81:67:88 | ControlFlowNode for user_ccn | test.py:74:15:74:22 | ControlFlowNode for user_ccn | provenance | |
|
||||
| test.py:101:5:101:10 | ControlFlowNode for config | test.py:105:11:105:31 | ControlFlowNode for Subscript | provenance | |
|
||||
| test.py:103:21:103:37 | ControlFlowNode for Attribute | test.py:101:5:101:10 | ControlFlowNode for config | provenance | |
|
||||
| test.py:19:5:19:12 | password | test.py:20:48:20:55 | password | provenance | |
|
||||
| test.py:19:5:19:12 | password | test.py:22:58:22:65 | password | provenance | |
|
||||
| test.py:19:5:19:12 | password | test.py:23:58:23:65 | password | provenance | |
|
||||
| test.py:19:5:19:12 | password | test.py:27:40:27:47 | password | provenance | |
|
||||
| test.py:19:5:19:12 | password | test.py:30:58:30:65 | password | provenance | |
|
||||
| test.py:19:16:19:29 | After get_password() | test.py:19:5:19:12 | password | provenance | |
|
||||
| test.py:44:5:44:5 | x | test.py:45:11:45:11 | x | provenance | |
|
||||
| test.py:44:9:44:25 | After Attribute() | test.py:44:5:44:5 | x | provenance | |
|
||||
| test.py:48:14:48:35 | social_security_number | test.py:49:15:49:36 | social_security_number | provenance | |
|
||||
| test.py:48:38:48:40 | ssn | test.py:50:15:50:17 | ssn | provenance | |
|
||||
| test.py:48:54:48:63 | passportNo | test.py:52:15:52:24 | passportNo | provenance | |
|
||||
| test.py:54:14:54:22 | post_code | test.py:55:15:55:23 | post_code | provenance | |
|
||||
| test.py:54:25:54:31 | zipCode | test.py:56:15:56:21 | zipCode | provenance | |
|
||||
| test.py:54:34:54:45 | home_address | test.py:57:15:57:26 | home_address | provenance | |
|
||||
| test.py:59:14:59:26 | user_latitude | test.py:60:15:60:27 | user_latitude | provenance | |
|
||||
| test.py:59:29:59:42 | user_longitude | test.py:61:15:61:28 | user_longitude | provenance | |
|
||||
| test.py:63:14:63:26 | mobile_number | test.py:64:15:64:27 | mobile_number | provenance | |
|
||||
| test.py:63:29:63:35 | phoneNo | test.py:65:15:65:21 | phoneNo | provenance | |
|
||||
| test.py:67:14:67:23 | creditcard | test.py:68:15:68:24 | creditcard | provenance | |
|
||||
| test.py:67:26:67:35 | debit_card | test.py:69:15:69:24 | debit_card | provenance | |
|
||||
| test.py:67:38:67:48 | bank_number | test.py:70:15:70:25 | bank_number | provenance | |
|
||||
| test.py:67:76:67:78 | ccn | test.py:73:15:73:17 | ccn | provenance | |
|
||||
| test.py:67:81:67:88 | user_ccn | test.py:74:15:74:22 | user_ccn | provenance | |
|
||||
| test.py:101:5:101:10 | config | test.py:105:11:105:31 | After Subscript | provenance | |
|
||||
| test.py:103:21:103:37 | After Attribute | test.py:101:5:101:10 | config | provenance | |
|
||||
nodes
|
||||
| test.py:19:5:19:12 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:19:16:19:29 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
|
||||
| test.py:20:48:20:55 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:22:58:22:65 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:23:58:23:65 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:27:40:27:47 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:30:58:30:65 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:37:11:37:24 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
|
||||
| test.py:39:22:39:35 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
|
||||
| test.py:40:22:40:35 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
|
||||
| test.py:44:5:44:5 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
|
||||
| test.py:44:9:44:25 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:45:11:45:11 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
|
||||
| test.py:48:14:48:35 | ControlFlowNode for social_security_number | semmle.label | ControlFlowNode for social_security_number |
|
||||
| test.py:48:38:48:40 | ControlFlowNode for ssn | semmle.label | ControlFlowNode for ssn |
|
||||
| test.py:48:54:48:63 | ControlFlowNode for passportNo | semmle.label | ControlFlowNode for passportNo |
|
||||
| test.py:49:15:49:36 | ControlFlowNode for social_security_number | semmle.label | ControlFlowNode for social_security_number |
|
||||
| test.py:50:15:50:17 | ControlFlowNode for ssn | semmle.label | ControlFlowNode for ssn |
|
||||
| test.py:52:15:52:24 | ControlFlowNode for passportNo | semmle.label | ControlFlowNode for passportNo |
|
||||
| test.py:54:14:54:22 | ControlFlowNode for post_code | semmle.label | ControlFlowNode for post_code |
|
||||
| test.py:54:25:54:31 | ControlFlowNode for zipCode | semmle.label | ControlFlowNode for zipCode |
|
||||
| test.py:54:34:54:45 | ControlFlowNode for home_address | semmle.label | ControlFlowNode for home_address |
|
||||
| test.py:55:15:55:23 | ControlFlowNode for post_code | semmle.label | ControlFlowNode for post_code |
|
||||
| test.py:56:15:56:21 | ControlFlowNode for zipCode | semmle.label | ControlFlowNode for zipCode |
|
||||
| test.py:57:15:57:26 | ControlFlowNode for home_address | semmle.label | ControlFlowNode for home_address |
|
||||
| test.py:59:14:59:26 | ControlFlowNode for user_latitude | semmle.label | ControlFlowNode for user_latitude |
|
||||
| test.py:59:29:59:42 | ControlFlowNode for user_longitude | semmle.label | ControlFlowNode for user_longitude |
|
||||
| test.py:60:15:60:27 | ControlFlowNode for user_latitude | semmle.label | ControlFlowNode for user_latitude |
|
||||
| test.py:61:15:61:28 | ControlFlowNode for user_longitude | semmle.label | ControlFlowNode for user_longitude |
|
||||
| test.py:63:14:63:26 | ControlFlowNode for mobile_number | semmle.label | ControlFlowNode for mobile_number |
|
||||
| test.py:63:29:63:35 | ControlFlowNode for phoneNo | semmle.label | ControlFlowNode for phoneNo |
|
||||
| test.py:64:15:64:27 | ControlFlowNode for mobile_number | semmle.label | ControlFlowNode for mobile_number |
|
||||
| test.py:65:15:65:21 | ControlFlowNode for phoneNo | semmle.label | ControlFlowNode for phoneNo |
|
||||
| test.py:67:14:67:23 | ControlFlowNode for creditcard | semmle.label | ControlFlowNode for creditcard |
|
||||
| test.py:67:26:67:35 | ControlFlowNode for debit_card | semmle.label | ControlFlowNode for debit_card |
|
||||
| test.py:67:38:67:48 | ControlFlowNode for bank_number | semmle.label | ControlFlowNode for bank_number |
|
||||
| test.py:67:76:67:78 | ControlFlowNode for ccn | semmle.label | ControlFlowNode for ccn |
|
||||
| test.py:67:81:67:88 | ControlFlowNode for user_ccn | semmle.label | ControlFlowNode for user_ccn |
|
||||
| test.py:68:15:68:24 | ControlFlowNode for creditcard | semmle.label | ControlFlowNode for creditcard |
|
||||
| test.py:69:15:69:24 | ControlFlowNode for debit_card | semmle.label | ControlFlowNode for debit_card |
|
||||
| test.py:70:15:70:25 | ControlFlowNode for bank_number | semmle.label | ControlFlowNode for bank_number |
|
||||
| test.py:73:15:73:17 | ControlFlowNode for ccn | semmle.label | ControlFlowNode for ccn |
|
||||
| test.py:74:15:74:22 | ControlFlowNode for user_ccn | semmle.label | ControlFlowNode for user_ccn |
|
||||
| test.py:101:5:101:10 | ControlFlowNode for config | semmle.label | ControlFlowNode for config |
|
||||
| test.py:103:21:103:37 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:105:11:105:31 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| test.py:19:5:19:12 | password | semmle.label | password |
|
||||
| test.py:19:16:19:29 | After get_password() | semmle.label | After get_password() |
|
||||
| test.py:20:48:20:55 | password | semmle.label | password |
|
||||
| test.py:22:58:22:65 | password | semmle.label | password |
|
||||
| test.py:23:58:23:65 | password | semmle.label | password |
|
||||
| test.py:27:40:27:47 | password | semmle.label | password |
|
||||
| test.py:30:58:30:65 | password | semmle.label | password |
|
||||
| test.py:37:11:37:24 | After get_password() | semmle.label | After get_password() |
|
||||
| test.py:39:22:39:35 | After get_password() | semmle.label | After get_password() |
|
||||
| test.py:40:22:40:35 | After get_password() | semmle.label | After get_password() |
|
||||
| test.py:44:5:44:5 | x | semmle.label | x |
|
||||
| test.py:44:9:44:25 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:45:11:45:11 | x | semmle.label | x |
|
||||
| test.py:48:14:48:35 | social_security_number | semmle.label | social_security_number |
|
||||
| test.py:48:38:48:40 | ssn | semmle.label | ssn |
|
||||
| test.py:48:54:48:63 | passportNo | semmle.label | passportNo |
|
||||
| test.py:49:15:49:36 | social_security_number | semmle.label | social_security_number |
|
||||
| test.py:50:15:50:17 | ssn | semmle.label | ssn |
|
||||
| test.py:52:15:52:24 | passportNo | semmle.label | passportNo |
|
||||
| test.py:54:14:54:22 | post_code | semmle.label | post_code |
|
||||
| test.py:54:25:54:31 | zipCode | semmle.label | zipCode |
|
||||
| test.py:54:34:54:45 | home_address | semmle.label | home_address |
|
||||
| test.py:55:15:55:23 | post_code | semmle.label | post_code |
|
||||
| test.py:56:15:56:21 | zipCode | semmle.label | zipCode |
|
||||
| test.py:57:15:57:26 | home_address | semmle.label | home_address |
|
||||
| test.py:59:14:59:26 | user_latitude | semmle.label | user_latitude |
|
||||
| test.py:59:29:59:42 | user_longitude | semmle.label | user_longitude |
|
||||
| test.py:60:15:60:27 | user_latitude | semmle.label | user_latitude |
|
||||
| test.py:61:15:61:28 | user_longitude | semmle.label | user_longitude |
|
||||
| test.py:63:14:63:26 | mobile_number | semmle.label | mobile_number |
|
||||
| test.py:63:29:63:35 | phoneNo | semmle.label | phoneNo |
|
||||
| test.py:64:15:64:27 | mobile_number | semmle.label | mobile_number |
|
||||
| test.py:65:15:65:21 | phoneNo | semmle.label | phoneNo |
|
||||
| test.py:67:14:67:23 | creditcard | semmle.label | creditcard |
|
||||
| test.py:67:26:67:35 | debit_card | semmle.label | debit_card |
|
||||
| test.py:67:38:67:48 | bank_number | semmle.label | bank_number |
|
||||
| test.py:67:76:67:78 | ccn | semmle.label | ccn |
|
||||
| test.py:67:81:67:88 | user_ccn | semmle.label | user_ccn |
|
||||
| test.py:68:15:68:24 | creditcard | semmle.label | creditcard |
|
||||
| test.py:69:15:69:24 | debit_card | semmle.label | debit_card |
|
||||
| test.py:70:15:70:25 | bank_number | semmle.label | bank_number |
|
||||
| test.py:73:15:73:17 | ccn | semmle.label | ccn |
|
||||
| test.py:74:15:74:22 | user_ccn | semmle.label | user_ccn |
|
||||
| test.py:101:5:101:10 | config | semmle.label | config |
|
||||
| test.py:103:21:103:37 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:105:11:105:31 | After Subscript | semmle.label | After Subscript |
|
||||
subpaths
|
||||
#select
|
||||
| test.py:20:48:20:55 | ControlFlowNode for password | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:20:48:20:55 | ControlFlowNode for password | This expression logs $@ as clear text. | test.py:19:16:19:29 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| test.py:22:58:22:65 | ControlFlowNode for password | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:22:58:22:65 | ControlFlowNode for password | This expression logs $@ as clear text. | test.py:19:16:19:29 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| test.py:23:58:23:65 | ControlFlowNode for password | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:23:58:23:65 | ControlFlowNode for password | This expression logs $@ as clear text. | test.py:19:16:19:29 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| test.py:27:40:27:47 | ControlFlowNode for password | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:27:40:27:47 | ControlFlowNode for password | This expression logs $@ as clear text. | test.py:19:16:19:29 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| test.py:30:58:30:65 | ControlFlowNode for password | test.py:19:16:19:29 | ControlFlowNode for get_password() | test.py:30:58:30:65 | ControlFlowNode for password | This expression logs $@ as clear text. | test.py:19:16:19:29 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| test.py:37:11:37:24 | ControlFlowNode for get_password() | test.py:37:11:37:24 | ControlFlowNode for get_password() | test.py:37:11:37:24 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:37:11:37:24 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| test.py:39:22:39:35 | ControlFlowNode for get_password() | test.py:39:22:39:35 | ControlFlowNode for get_password() | test.py:39:22:39:35 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:39:22:39:35 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| test.py:40:22:40:35 | ControlFlowNode for get_password() | test.py:40:22:40:35 | ControlFlowNode for get_password() | test.py:40:22:40:35 | ControlFlowNode for get_password() | This expression logs $@ as clear text. | test.py:40:22:40:35 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| test.py:45:11:45:11 | ControlFlowNode for x | test.py:44:9:44:25 | ControlFlowNode for Attribute() | test.py:45:11:45:11 | ControlFlowNode for x | This expression logs $@ as clear text. | test.py:44:9:44:25 | ControlFlowNode for Attribute() | sensitive data (password) |
|
||||
| test.py:49:15:49:36 | ControlFlowNode for social_security_number | test.py:48:14:48:35 | ControlFlowNode for social_security_number | test.py:49:15:49:36 | ControlFlowNode for social_security_number | This expression logs $@ as clear text. | test.py:48:14:48:35 | ControlFlowNode for social_security_number | sensitive data (private) |
|
||||
| test.py:50:15:50:17 | ControlFlowNode for ssn | test.py:48:38:48:40 | ControlFlowNode for ssn | test.py:50:15:50:17 | ControlFlowNode for ssn | This expression logs $@ as clear text. | test.py:48:38:48:40 | ControlFlowNode for ssn | sensitive data (private) |
|
||||
| test.py:52:15:52:24 | ControlFlowNode for passportNo | test.py:48:54:48:63 | ControlFlowNode for passportNo | test.py:52:15:52:24 | ControlFlowNode for passportNo | This expression logs $@ as clear text. | test.py:48:54:48:63 | ControlFlowNode for passportNo | sensitive data (private) |
|
||||
| test.py:55:15:55:23 | ControlFlowNode for post_code | test.py:54:14:54:22 | ControlFlowNode for post_code | test.py:55:15:55:23 | ControlFlowNode for post_code | This expression logs $@ as clear text. | test.py:54:14:54:22 | ControlFlowNode for post_code | sensitive data (private) |
|
||||
| test.py:56:15:56:21 | ControlFlowNode for zipCode | test.py:54:25:54:31 | ControlFlowNode for zipCode | test.py:56:15:56:21 | ControlFlowNode for zipCode | This expression logs $@ as clear text. | test.py:54:25:54:31 | ControlFlowNode for zipCode | sensitive data (private) |
|
||||
| test.py:57:15:57:26 | ControlFlowNode for home_address | test.py:54:34:54:45 | ControlFlowNode for home_address | test.py:57:15:57:26 | ControlFlowNode for home_address | This expression logs $@ as clear text. | test.py:54:34:54:45 | ControlFlowNode for home_address | sensitive data (private) |
|
||||
| test.py:60:15:60:27 | ControlFlowNode for user_latitude | test.py:59:14:59:26 | ControlFlowNode for user_latitude | test.py:60:15:60:27 | ControlFlowNode for user_latitude | This expression logs $@ as clear text. | test.py:59:14:59:26 | ControlFlowNode for user_latitude | sensitive data (private) |
|
||||
| test.py:61:15:61:28 | ControlFlowNode for user_longitude | test.py:59:29:59:42 | ControlFlowNode for user_longitude | test.py:61:15:61:28 | ControlFlowNode for user_longitude | This expression logs $@ as clear text. | test.py:59:29:59:42 | ControlFlowNode for user_longitude | sensitive data (private) |
|
||||
| test.py:64:15:64:27 | ControlFlowNode for mobile_number | test.py:63:14:63:26 | ControlFlowNode for mobile_number | test.py:64:15:64:27 | ControlFlowNode for mobile_number | This expression logs $@ as clear text. | test.py:63:14:63:26 | ControlFlowNode for mobile_number | sensitive data (private) |
|
||||
| test.py:65:15:65:21 | ControlFlowNode for phoneNo | test.py:63:29:63:35 | ControlFlowNode for phoneNo | test.py:65:15:65:21 | ControlFlowNode for phoneNo | This expression logs $@ as clear text. | test.py:63:29:63:35 | ControlFlowNode for phoneNo | sensitive data (private) |
|
||||
| test.py:68:15:68:24 | ControlFlowNode for creditcard | test.py:67:14:67:23 | ControlFlowNode for creditcard | test.py:68:15:68:24 | ControlFlowNode for creditcard | This expression logs $@ as clear text. | test.py:67:14:67:23 | ControlFlowNode for creditcard | sensitive data (private) |
|
||||
| test.py:69:15:69:24 | ControlFlowNode for debit_card | test.py:67:26:67:35 | ControlFlowNode for debit_card | test.py:69:15:69:24 | ControlFlowNode for debit_card | This expression logs $@ as clear text. | test.py:67:26:67:35 | ControlFlowNode for debit_card | sensitive data (private) |
|
||||
| test.py:70:15:70:25 | ControlFlowNode for bank_number | test.py:67:38:67:48 | ControlFlowNode for bank_number | test.py:70:15:70:25 | ControlFlowNode for bank_number | This expression logs $@ as clear text. | test.py:67:38:67:48 | ControlFlowNode for bank_number | sensitive data (private) |
|
||||
| test.py:73:15:73:17 | ControlFlowNode for ccn | test.py:67:76:67:78 | ControlFlowNode for ccn | test.py:73:15:73:17 | ControlFlowNode for ccn | This expression logs $@ as clear text. | test.py:67:76:67:78 | ControlFlowNode for ccn | sensitive data (private) |
|
||||
| test.py:74:15:74:22 | ControlFlowNode for user_ccn | test.py:67:81:67:88 | ControlFlowNode for user_ccn | test.py:74:15:74:22 | ControlFlowNode for user_ccn | This expression logs $@ as clear text. | test.py:67:81:67:88 | ControlFlowNode for user_ccn | sensitive data (private) |
|
||||
| test.py:105:11:105:31 | ControlFlowNode for Subscript | test.py:103:21:103:37 | ControlFlowNode for Attribute | test.py:105:11:105:31 | ControlFlowNode for Subscript | This expression logs $@ as clear text. | test.py:103:21:103:37 | ControlFlowNode for Attribute | sensitive data (password) |
|
||||
| test.py:20:48:20:55 | password | test.py:19:16:19:29 | After get_password() | test.py:20:48:20:55 | password | This expression logs $@ as clear text. | test.py:19:16:19:29 | After get_password() | sensitive data (password) |
|
||||
| test.py:22:58:22:65 | password | test.py:19:16:19:29 | After get_password() | test.py:22:58:22:65 | password | This expression logs $@ as clear text. | test.py:19:16:19:29 | After get_password() | sensitive data (password) |
|
||||
| test.py:23:58:23:65 | password | test.py:19:16:19:29 | After get_password() | test.py:23:58:23:65 | password | This expression logs $@ as clear text. | test.py:19:16:19:29 | After get_password() | sensitive data (password) |
|
||||
| test.py:27:40:27:47 | password | test.py:19:16:19:29 | After get_password() | test.py:27:40:27:47 | password | This expression logs $@ as clear text. | test.py:19:16:19:29 | After get_password() | sensitive data (password) |
|
||||
| test.py:30:58:30:65 | password | test.py:19:16:19:29 | After get_password() | test.py:30:58:30:65 | password | This expression logs $@ as clear text. | test.py:19:16:19:29 | After get_password() | sensitive data (password) |
|
||||
| test.py:37:11:37:24 | After get_password() | test.py:37:11:37:24 | After get_password() | test.py:37:11:37:24 | After get_password() | This expression logs $@ as clear text. | test.py:37:11:37:24 | After get_password() | sensitive data (password) |
|
||||
| test.py:39:22:39:35 | After get_password() | test.py:39:22:39:35 | After get_password() | test.py:39:22:39:35 | After get_password() | This expression logs $@ as clear text. | test.py:39:22:39:35 | After get_password() | sensitive data (password) |
|
||||
| test.py:40:22:40:35 | After get_password() | test.py:40:22:40:35 | After get_password() | test.py:40:22:40:35 | After get_password() | This expression logs $@ as clear text. | test.py:40:22:40:35 | After get_password() | sensitive data (password) |
|
||||
| test.py:45:11:45:11 | x | test.py:44:9:44:25 | After Attribute() | test.py:45:11:45:11 | x | This expression logs $@ as clear text. | test.py:44:9:44:25 | After Attribute() | sensitive data (password) |
|
||||
| test.py:49:15:49:36 | social_security_number | test.py:48:14:48:35 | social_security_number | test.py:49:15:49:36 | social_security_number | This expression logs $@ as clear text. | test.py:48:14:48:35 | social_security_number | sensitive data (private) |
|
||||
| test.py:50:15:50:17 | ssn | test.py:48:38:48:40 | ssn | test.py:50:15:50:17 | ssn | This expression logs $@ as clear text. | test.py:48:38:48:40 | ssn | sensitive data (private) |
|
||||
| test.py:52:15:52:24 | passportNo | test.py:48:54:48:63 | passportNo | test.py:52:15:52:24 | passportNo | This expression logs $@ as clear text. | test.py:48:54:48:63 | passportNo | sensitive data (private) |
|
||||
| test.py:55:15:55:23 | post_code | test.py:54:14:54:22 | post_code | test.py:55:15:55:23 | post_code | This expression logs $@ as clear text. | test.py:54:14:54:22 | post_code | sensitive data (private) |
|
||||
| test.py:56:15:56:21 | zipCode | test.py:54:25:54:31 | zipCode | test.py:56:15:56:21 | zipCode | This expression logs $@ as clear text. | test.py:54:25:54:31 | zipCode | sensitive data (private) |
|
||||
| test.py:57:15:57:26 | home_address | test.py:54:34:54:45 | home_address | test.py:57:15:57:26 | home_address | This expression logs $@ as clear text. | test.py:54:34:54:45 | home_address | sensitive data (private) |
|
||||
| test.py:60:15:60:27 | user_latitude | test.py:59:14:59:26 | user_latitude | test.py:60:15:60:27 | user_latitude | This expression logs $@ as clear text. | test.py:59:14:59:26 | user_latitude | sensitive data (private) |
|
||||
| test.py:61:15:61:28 | user_longitude | test.py:59:29:59:42 | user_longitude | test.py:61:15:61:28 | user_longitude | This expression logs $@ as clear text. | test.py:59:29:59:42 | user_longitude | sensitive data (private) |
|
||||
| test.py:64:15:64:27 | mobile_number | test.py:63:14:63:26 | mobile_number | test.py:64:15:64:27 | mobile_number | This expression logs $@ as clear text. | test.py:63:14:63:26 | mobile_number | sensitive data (private) |
|
||||
| test.py:65:15:65:21 | phoneNo | test.py:63:29:63:35 | phoneNo | test.py:65:15:65:21 | phoneNo | This expression logs $@ as clear text. | test.py:63:29:63:35 | phoneNo | sensitive data (private) |
|
||||
| test.py:68:15:68:24 | creditcard | test.py:67:14:67:23 | creditcard | test.py:68:15:68:24 | creditcard | This expression logs $@ as clear text. | test.py:67:14:67:23 | creditcard | sensitive data (private) |
|
||||
| test.py:69:15:69:24 | debit_card | test.py:67:26:67:35 | debit_card | test.py:69:15:69:24 | debit_card | This expression logs $@ as clear text. | test.py:67:26:67:35 | debit_card | sensitive data (private) |
|
||||
| test.py:70:15:70:25 | bank_number | test.py:67:38:67:48 | bank_number | test.py:70:15:70:25 | bank_number | This expression logs $@ as clear text. | test.py:67:38:67:48 | bank_number | sensitive data (private) |
|
||||
| test.py:73:15:73:17 | ccn | test.py:67:76:67:78 | ccn | test.py:73:15:73:17 | ccn | This expression logs $@ as clear text. | test.py:67:76:67:78 | ccn | sensitive data (private) |
|
||||
| test.py:74:15:74:22 | user_ccn | test.py:67:81:67:88 | user_ccn | test.py:74:15:74:22 | user_ccn | This expression logs $@ as clear text. | test.py:67:81:67:88 | user_ccn | sensitive data (private) |
|
||||
| test.py:105:11:105:31 | After Subscript | test.py:103:21:103:37 | After Attribute | test.py:105:11:105:31 | After Subscript | This expression logs $@ as clear text. | test.py:103:21:103:37 | After Attribute | sensitive data (password) |
|
||||
|
||||
@@ -1,16 +1,16 @@
|
||||
edges
|
||||
| test.py:9:5:9:12 | ControlFlowNode for password | test.py:12:21:12:28 | ControlFlowNode for password | provenance | |
|
||||
| test.py:9:5:9:12 | ControlFlowNode for password | test.py:13:22:13:45 | ControlFlowNode for Attribute() | provenance | |
|
||||
| test.py:9:5:9:12 | ControlFlowNode for password | test.py:15:26:15:33 | ControlFlowNode for password | provenance | |
|
||||
| test.py:9:16:9:29 | ControlFlowNode for get_password() | test.py:9:5:9:12 | ControlFlowNode for password | provenance | |
|
||||
| test.py:9:5:9:12 | password | test.py:12:21:12:28 | password | provenance | |
|
||||
| test.py:9:5:9:12 | password | test.py:13:22:13:45 | After Attribute() | provenance | |
|
||||
| test.py:9:5:9:12 | password | test.py:15:26:15:33 | password | provenance | |
|
||||
| test.py:9:16:9:29 | After get_password() | test.py:9:5:9:12 | password | provenance | |
|
||||
nodes
|
||||
| test.py:9:5:9:12 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:9:16:9:29 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
|
||||
| test.py:12:21:12:28 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:13:22:13:45 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:15:26:15:33 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:9:5:9:12 | password | semmle.label | password |
|
||||
| test.py:9:16:9:29 | After get_password() | semmle.label | After get_password() |
|
||||
| test.py:12:21:12:28 | password | semmle.label | password |
|
||||
| test.py:13:22:13:45 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:15:26:15:33 | password | semmle.label | password |
|
||||
subpaths
|
||||
#select
|
||||
| test.py:12:21:12:28 | ControlFlowNode for password | test.py:9:16:9:29 | ControlFlowNode for get_password() | test.py:12:21:12:28 | ControlFlowNode for password | This expression stores $@ as clear text. | test.py:9:16:9:29 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| test.py:13:22:13:45 | ControlFlowNode for Attribute() | test.py:9:16:9:29 | ControlFlowNode for get_password() | test.py:13:22:13:45 | ControlFlowNode for Attribute() | This expression stores $@ as clear text. | test.py:9:16:9:29 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| test.py:15:26:15:33 | ControlFlowNode for password | test.py:9:16:9:29 | ControlFlowNode for get_password() | test.py:15:26:15:33 | ControlFlowNode for password | This expression stores $@ as clear text. | test.py:9:16:9:29 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| test.py:12:21:12:28 | password | test.py:9:16:9:29 | After get_password() | test.py:12:21:12:28 | password | This expression stores $@ as clear text. | test.py:9:16:9:29 | After get_password() | sensitive data (password) |
|
||||
| test.py:13:22:13:45 | After Attribute() | test.py:9:16:9:29 | After get_password() | test.py:13:22:13:45 | After Attribute() | This expression stores $@ as clear text. | test.py:9:16:9:29 | After get_password() | sensitive data (password) |
|
||||
| test.py:15:26:15:33 | password | test.py:9:16:9:29 | After get_password() | test.py:15:26:15:33 | password | This expression stores $@ as clear text. | test.py:9:16:9:29 | After get_password() | sensitive data (password) |
|
||||
|
||||
@@ -1,27 +1,27 @@
|
||||
edges
|
||||
| password_in_cookie.py:7:5:7:12 | ControlFlowNode for password | password_in_cookie.py:9:33:9:40 | ControlFlowNode for password | provenance | |
|
||||
| password_in_cookie.py:7:16:7:43 | ControlFlowNode for Attribute() | password_in_cookie.py:7:5:7:12 | ControlFlowNode for password | provenance | |
|
||||
| password_in_cookie.py:14:5:14:12 | ControlFlowNode for password | password_in_cookie.py:16:33:16:40 | ControlFlowNode for password | provenance | |
|
||||
| password_in_cookie.py:14:16:14:43 | ControlFlowNode for Attribute() | password_in_cookie.py:14:5:14:12 | ControlFlowNode for password | provenance | |
|
||||
| test.py:15:5:15:12 | ControlFlowNode for password | test.py:17:20:17:27 | ControlFlowNode for password | provenance | |
|
||||
| test.py:15:5:15:12 | ControlFlowNode for password | test.py:18:9:18:13 | ControlFlowNode for lines | provenance | |
|
||||
| test.py:15:16:15:29 | ControlFlowNode for get_password() | test.py:15:5:15:12 | ControlFlowNode for password | provenance | |
|
||||
| test.py:18:9:18:13 | ControlFlowNode for lines | test.py:19:25:19:29 | ControlFlowNode for lines | provenance | |
|
||||
| password_in_cookie.py:7:5:7:12 | password | password_in_cookie.py:9:33:9:40 | password | provenance | |
|
||||
| password_in_cookie.py:7:16:7:43 | After Attribute() | password_in_cookie.py:7:5:7:12 | password | provenance | |
|
||||
| password_in_cookie.py:14:5:14:12 | password | password_in_cookie.py:16:33:16:40 | password | provenance | |
|
||||
| password_in_cookie.py:14:16:14:43 | After Attribute() | password_in_cookie.py:14:5:14:12 | password | provenance | |
|
||||
| test.py:15:5:15:12 | password | test.py:17:20:17:27 | password | provenance | |
|
||||
| test.py:15:5:15:12 | password | test.py:18:9:18:13 | lines | provenance | |
|
||||
| test.py:15:16:15:29 | After get_password() | test.py:15:5:15:12 | password | provenance | |
|
||||
| test.py:18:9:18:13 | lines | test.py:19:25:19:29 | lines | provenance | |
|
||||
nodes
|
||||
| password_in_cookie.py:7:5:7:12 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| password_in_cookie.py:7:16:7:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| password_in_cookie.py:9:33:9:40 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| password_in_cookie.py:14:5:14:12 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| password_in_cookie.py:14:16:14:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| password_in_cookie.py:16:33:16:40 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:15:5:15:12 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:15:16:15:29 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
|
||||
| test.py:17:20:17:27 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| test.py:18:9:18:13 | ControlFlowNode for lines | semmle.label | ControlFlowNode for lines |
|
||||
| test.py:19:25:19:29 | ControlFlowNode for lines | semmle.label | ControlFlowNode for lines |
|
||||
| password_in_cookie.py:7:5:7:12 | password | semmle.label | password |
|
||||
| password_in_cookie.py:7:16:7:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| password_in_cookie.py:9:33:9:40 | password | semmle.label | password |
|
||||
| password_in_cookie.py:14:5:14:12 | password | semmle.label | password |
|
||||
| password_in_cookie.py:14:16:14:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| password_in_cookie.py:16:33:16:40 | password | semmle.label | password |
|
||||
| test.py:15:5:15:12 | password | semmle.label | password |
|
||||
| test.py:15:16:15:29 | After get_password() | semmle.label | After get_password() |
|
||||
| test.py:17:20:17:27 | password | semmle.label | password |
|
||||
| test.py:18:9:18:13 | lines | semmle.label | lines |
|
||||
| test.py:19:25:19:29 | lines | semmle.label | lines |
|
||||
subpaths
|
||||
#select
|
||||
| password_in_cookie.py:9:33:9:40 | ControlFlowNode for password | password_in_cookie.py:7:16:7:43 | ControlFlowNode for Attribute() | password_in_cookie.py:9:33:9:40 | ControlFlowNode for password | This expression stores $@ as clear text. | password_in_cookie.py:7:16:7:43 | ControlFlowNode for Attribute() | sensitive data (password) |
|
||||
| password_in_cookie.py:16:33:16:40 | ControlFlowNode for password | password_in_cookie.py:14:16:14:43 | ControlFlowNode for Attribute() | password_in_cookie.py:16:33:16:40 | ControlFlowNode for password | This expression stores $@ as clear text. | password_in_cookie.py:14:16:14:43 | ControlFlowNode for Attribute() | sensitive data (password) |
|
||||
| test.py:17:20:17:27 | ControlFlowNode for password | test.py:15:16:15:29 | ControlFlowNode for get_password() | test.py:17:20:17:27 | ControlFlowNode for password | This expression stores $@ as clear text. | test.py:15:16:15:29 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| test.py:19:25:19:29 | ControlFlowNode for lines | test.py:15:16:15:29 | ControlFlowNode for get_password() | test.py:19:25:19:29 | ControlFlowNode for lines | This expression stores $@ as clear text. | test.py:15:16:15:29 | ControlFlowNode for get_password() | sensitive data (password) |
|
||||
| password_in_cookie.py:9:33:9:40 | password | password_in_cookie.py:7:16:7:43 | After Attribute() | password_in_cookie.py:9:33:9:40 | password | This expression stores $@ as clear text. | password_in_cookie.py:7:16:7:43 | After Attribute() | sensitive data (password) |
|
||||
| password_in_cookie.py:16:33:16:40 | password | password_in_cookie.py:14:16:14:43 | After Attribute() | password_in_cookie.py:16:33:16:40 | password | This expression stores $@ as clear text. | password_in_cookie.py:14:16:14:43 | After Attribute() | sensitive data (password) |
|
||||
| test.py:17:20:17:27 | password | test.py:15:16:15:29 | After get_password() | test.py:17:20:17:27 | password | This expression stores $@ as clear text. | test.py:15:16:15:29 | After get_password() | sensitive data (password) |
|
||||
| test.py:19:25:19:29 | lines | test.py:15:16:15:29 | After get_password() | test.py:19:25:19:29 | lines | This expression stores $@ as clear text. | test.py:15:16:15:29 | After get_password() | sensitive data (password) |
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
| weak_crypto.py:68:1:68:21 | ControlFlowNode for dsa_gen_key() | Creation of an DSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:16:12:16:15 | ControlFlowNode for IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:69:1:69:19 | ControlFlowNode for ec_gen_key() | Creation of an ECC key uses $@ bits, which is below 256 and considered breakable. | weak_crypto.py:22:11:22:22 | ControlFlowNode for Attribute | 224 |
|
||||
| weak_crypto.py:70:1:70:28 | ControlFlowNode for rsa_gen_key() | Creation of an RSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:12:12:12:15 | ControlFlowNode for IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:72:1:72:30 | ControlFlowNode for dsa_gen_key() | Creation of an DSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:16:12:16:15 | ControlFlowNode for IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:73:1:73:25 | ControlFlowNode for ec_gen_key() | Creation of an ECC key uses $@ bits, which is below 256 and considered breakable. | weak_crypto.py:22:11:22:22 | ControlFlowNode for Attribute | 224 |
|
||||
| weak_crypto.py:74:1:74:37 | ControlFlowNode for rsa_gen_key() | Creation of an RSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:12:12:12:15 | ControlFlowNode for IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:76:1:76:22 | ControlFlowNode for Attribute() | Creation of an DSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:16:12:16:15 | ControlFlowNode for IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:77:1:77:22 | ControlFlowNode for Attribute() | Creation of an RSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:12:12:12:15 | ControlFlowNode for IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:84:12:84:29 | ControlFlowNode for Attribute() | Creation of an RSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:12:12:12:15 | ControlFlowNode for IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:68:1:68:21 | After dsa_gen_key() | Creation of an DSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:16:12:16:15 | IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:69:1:69:19 | After ec_gen_key() | Creation of an ECC key uses $@ bits, which is below 256 and considered breakable. | weak_crypto.py:22:11:22:22 | After Attribute | 224 |
|
||||
| weak_crypto.py:70:1:70:28 | After rsa_gen_key() | Creation of an RSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:12:12:12:15 | IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:72:1:72:30 | After dsa_gen_key() | Creation of an DSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:16:12:16:15 | IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:73:1:73:25 | After ec_gen_key() | Creation of an ECC key uses $@ bits, which is below 256 and considered breakable. | weak_crypto.py:22:11:22:22 | After Attribute | 224 |
|
||||
| weak_crypto.py:74:1:74:37 | After rsa_gen_key() | Creation of an RSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:12:12:12:15 | IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:76:1:76:22 | After Attribute() | Creation of an DSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:16:12:16:15 | IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:77:1:77:22 | After Attribute() | Creation of an RSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:12:12:12:15 | IntegerLiteral | 1024 |
|
||||
| weak_crypto.py:84:12:84:29 | After Attribute() | Creation of an RSA key uses $@ bits, which is below 2048 and considered breakable. | weak_crypto.py:12:12:12:15 | IntegerLiteral | 1024 |
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
| test_cryptodome.py:11:13:11:42 | ControlFlowNode for Attribute() | $@ is broken or weak, and should not be used. | test_cryptodome.py:10:10:10:22 | ControlFlowNode for Attribute() | The cryptographic algorithm ARC4 |
|
||||
| test_cryptodome.py:16:13:16:42 | ControlFlowNode for Attribute() | $@ is broken or weak, and should not be used. | test_cryptodome.py:15:10:15:35 | ControlFlowNode for Attribute() | The block mode ECB |
|
||||
| test_cryptography.py:13:13:13:44 | ControlFlowNode for Attribute() | $@ is broken or weak, and should not be used. | test_cryptography.py:12:13:12:30 | ControlFlowNode for Attribute() | The cryptographic algorithm ARC4 |
|
||||
| test_cryptography.py:22:13:22:58 | ControlFlowNode for Attribute() | $@ is broken or weak, and should not be used. | test_cryptography.py:21:13:21:30 | ControlFlowNode for Attribute() | The block mode ECB |
|
||||
| test_cryptodome.py:11:13:11:42 | After Attribute() | $@ is broken or weak, and should not be used. | test_cryptodome.py:10:10:10:22 | After Attribute() | The cryptographic algorithm ARC4 |
|
||||
| test_cryptodome.py:16:13:16:42 | After Attribute() | $@ is broken or weak, and should not be used. | test_cryptodome.py:15:10:15:35 | After Attribute() | The block mode ECB |
|
||||
| test_cryptography.py:13:13:13:44 | After Attribute() | $@ is broken or weak, and should not be used. | test_cryptography.py:12:13:12:30 | After Attribute() | The cryptographic algorithm ARC4 |
|
||||
| test_cryptography.py:22:13:22:58 | After Attribute() | $@ is broken or weak, and should not be used. | test_cryptography.py:21:13:21:30 | After Attribute() | The block mode ECB |
|
||||
|
||||
@@ -1 +1 @@
|
||||
| InsecureProtocol.py:7:1:7:17 | ControlFlowNode for Attribute() | Call to deprecated method ssl.wrap_socket does not specify a protocol, which may result in an insecure default being used. |
|
||||
| InsecureProtocol.py:7:1:7:17 | After Attribute() | Call to deprecated method ssl.wrap_socket does not specify a protocol, which may result in an insecure default being used. |
|
||||
|
||||
@@ -1,45 +1,45 @@
|
||||
| InsecureProtocol.py:6:1:6:47 | ControlFlowNode for Attribute() | Insecure SSL/TLS protocol version SSLv2 specified by $@. | InsecureProtocol.py:6:1:6:47 | ControlFlowNode for Attribute() | call to ssl.wrap_socket |
|
||||
| InsecureProtocol.py:7:1:7:47 | ControlFlowNode for Attribute() | Insecure SSL/TLS protocol version SSLv3 specified by $@. | InsecureProtocol.py:7:1:7:47 | ControlFlowNode for Attribute() | call to ssl.wrap_socket |
|
||||
| InsecureProtocol.py:8:1:8:47 | ControlFlowNode for Attribute() | Insecure SSL/TLS protocol version TLSv1 specified by $@. | InsecureProtocol.py:8:1:8:47 | ControlFlowNode for Attribute() | call to ssl.wrap_socket |
|
||||
| InsecureProtocol.py:10:1:10:39 | ControlFlowNode for SSLContext() | Insecure SSL/TLS protocol version SSLv2 specified by $@. | InsecureProtocol.py:10:1:10:39 | ControlFlowNode for SSLContext() | call to SSLContext |
|
||||
| InsecureProtocol.py:11:1:11:39 | ControlFlowNode for SSLContext() | Insecure SSL/TLS protocol version SSLv3 specified by $@. | InsecureProtocol.py:11:1:11:39 | ControlFlowNode for SSLContext() | call to SSLContext |
|
||||
| InsecureProtocol.py:12:1:12:39 | ControlFlowNode for SSLContext() | Insecure SSL/TLS protocol version TLSv1 specified by $@. | InsecureProtocol.py:12:1:12:39 | ControlFlowNode for SSLContext() | call to SSLContext |
|
||||
| InsecureProtocol.py:14:1:14:29 | ControlFlowNode for Attribute() | Insecure SSL/TLS protocol version SSLv2 specified by $@. | InsecureProtocol.py:14:1:14:29 | ControlFlowNode for Attribute() | call to SSL.Context |
|
||||
| InsecureProtocol.py:15:1:15:29 | ControlFlowNode for Attribute() | Insecure SSL/TLS protocol version SSLv3 specified by $@. | InsecureProtocol.py:15:1:15:29 | ControlFlowNode for Attribute() | call to SSL.Context |
|
||||
| InsecureProtocol.py:16:1:16:29 | ControlFlowNode for Attribute() | Insecure SSL/TLS protocol version TLSv1 specified by $@. | InsecureProtocol.py:16:1:16:29 | ControlFlowNode for Attribute() | call to SSL.Context |
|
||||
| InsecureProtocol.py:19:1:19:19 | ControlFlowNode for Attribute() | Insecure SSL/TLS protocol version SSLv2 specified by $@. | InsecureProtocol.py:19:1:19:19 | ControlFlowNode for Attribute() | call to SSL.Context |
|
||||
| InsecureProtocol.py:23:1:23:43 | ControlFlowNode for Attribute() | Insecure SSL/TLS protocol version SSLv2 specified by $@. | InsecureProtocol.py:23:1:23:43 | ControlFlowNode for Attribute() | call to ssl.wrap_socket |
|
||||
| InsecureProtocol.py:24:1:24:35 | ControlFlowNode for SSLContext() | Insecure SSL/TLS protocol version SSLv2 specified by $@. | InsecureProtocol.py:24:1:24:35 | ControlFlowNode for SSLContext() | call to SSLContext |
|
||||
| import_all_one_file.py:25:14:25:45 | ControlFlowNode for copy_completely_insecure_context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | import_all_one_file.py:9:36:9:67 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| import_all_one_file.py:25:14:25:45 | ControlFlowNode for copy_completely_insecure_context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | import_all_one_file.py:9:36:9:67 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| import_all_one_file.py:29:14:29:39 | ControlFlowNode for copy_also_insecure_context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | import_all_one_file.py:12:30:12:61 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| import_use.py:13:14:13:40 | ControlFlowNode for completely_insecure_context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | import_def.py:7:31:7:62 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| import_use.py:13:14:13:40 | ControlFlowNode for completely_insecure_context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | import_def.py:7:31:7:62 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| import_use.py:17:14:17:34 | ControlFlowNode for also_insecure_context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | import_def.py:10:25:10:56 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| pyOpenSSL_fluent.py:8:27:8:33 | ControlFlowNode for context | Insecure SSL/TLS protocol version SSLv2 allowed by $@. | pyOpenSSL_fluent.py:6:15:6:44 | ControlFlowNode for Attribute() | call to SSL.Context |
|
||||
| pyOpenSSL_fluent.py:8:27:8:33 | ControlFlowNode for context | Insecure SSL/TLS protocol version SSLv3 allowed by $@. | pyOpenSSL_fluent.py:6:15:6:44 | ControlFlowNode for Attribute() | call to SSL.Context |
|
||||
| pyOpenSSL_fluent.py:8:27:8:33 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | pyOpenSSL_fluent.py:6:15:6:44 | ControlFlowNode for Attribute() | call to SSL.Context |
|
||||
| pyOpenSSL_fluent.py:8:27:8:33 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | pyOpenSSL_fluent.py:6:15:6:44 | ControlFlowNode for Attribute() | call to SSL.Context |
|
||||
| pyOpenSSL_fluent.py:18:27:18:33 | ControlFlowNode for context | Insecure SSL/TLS protocol version SSLv2 allowed by $@. | pyOpenSSL_fluent.py:15:15:15:44 | ControlFlowNode for Attribute() | call to SSL.Context |
|
||||
| pyOpenSSL_fluent.py:18:27:18:33 | ControlFlowNode for context | Insecure SSL/TLS protocol version SSLv3 allowed by $@. | pyOpenSSL_fluent.py:15:15:15:44 | ControlFlowNode for Attribute() | call to SSL.Context |
|
||||
| pyOpenSSL_fluent.py:18:27:18:33 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | pyOpenSSL_fluent.py:15:15:15:44 | ControlFlowNode for Attribute() | call to SSL.Context |
|
||||
| ssl_fluent.py:9:14:9:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | ssl_fluent.py:6:15:6:46 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:9:14:9:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:6:15:6:46 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:19:14:19:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:15:15:15:46 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:28:14:28:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:24:15:24:53 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:37:14:37:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:33:15:33:53 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:57:14:57:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | ssl_fluent.py:54:15:54:49 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:57:14:57:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:54:15:54:49 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:71:14:71:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | ssl_fluent.py:62:12:62:43 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:71:14:71:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | ssl_fluent.py:101:15:101:46 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:71:14:71:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:62:12:62:43 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:71:14:71:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:65:15:65:46 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:71:14:71:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:101:15:101:46 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:71:14:71:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:115:15:115:46 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:77:14:77:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | ssl_fluent.py:62:12:62:43 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:77:14:77:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:62:12:62:43 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:97:14:97:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:65:15:65:46 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:146:14:146:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:142:15:142:46 | ControlFlowNode for Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:165:14:165:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version SSLv3 allowed by $@. | ssl_fluent.py:161:15:161:65 | ControlFlowNode for Attribute() | call to ssl.create_default_context |
|
||||
| ssl_fluent.py:165:14:165:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | ssl_fluent.py:161:15:161:65 | ControlFlowNode for Attribute() | call to ssl.create_default_context |
|
||||
| ssl_fluent.py:165:14:165:20 | ControlFlowNode for context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:161:15:161:65 | ControlFlowNode for Attribute() | call to ssl.create_default_context |
|
||||
| InsecureProtocol.py:6:1:6:47 | After Attribute() | Insecure SSL/TLS protocol version SSLv2 specified by $@. | InsecureProtocol.py:6:1:6:47 | After Attribute() | call to ssl.wrap_socket |
|
||||
| InsecureProtocol.py:7:1:7:47 | After Attribute() | Insecure SSL/TLS protocol version SSLv3 specified by $@. | InsecureProtocol.py:7:1:7:47 | After Attribute() | call to ssl.wrap_socket |
|
||||
| InsecureProtocol.py:8:1:8:47 | After Attribute() | Insecure SSL/TLS protocol version TLSv1 specified by $@. | InsecureProtocol.py:8:1:8:47 | After Attribute() | call to ssl.wrap_socket |
|
||||
| InsecureProtocol.py:10:1:10:39 | After SSLContext() | Insecure SSL/TLS protocol version SSLv2 specified by $@. | InsecureProtocol.py:10:1:10:39 | After SSLContext() | call to SSLContext |
|
||||
| InsecureProtocol.py:11:1:11:39 | After SSLContext() | Insecure SSL/TLS protocol version SSLv3 specified by $@. | InsecureProtocol.py:11:1:11:39 | After SSLContext() | call to SSLContext |
|
||||
| InsecureProtocol.py:12:1:12:39 | After SSLContext() | Insecure SSL/TLS protocol version TLSv1 specified by $@. | InsecureProtocol.py:12:1:12:39 | After SSLContext() | call to SSLContext |
|
||||
| InsecureProtocol.py:14:1:14:29 | After Attribute() | Insecure SSL/TLS protocol version SSLv2 specified by $@. | InsecureProtocol.py:14:1:14:29 | After Attribute() | call to SSL.Context |
|
||||
| InsecureProtocol.py:15:1:15:29 | After Attribute() | Insecure SSL/TLS protocol version SSLv3 specified by $@. | InsecureProtocol.py:15:1:15:29 | After Attribute() | call to SSL.Context |
|
||||
| InsecureProtocol.py:16:1:16:29 | After Attribute() | Insecure SSL/TLS protocol version TLSv1 specified by $@. | InsecureProtocol.py:16:1:16:29 | After Attribute() | call to SSL.Context |
|
||||
| InsecureProtocol.py:19:1:19:19 | After Attribute() | Insecure SSL/TLS protocol version SSLv2 specified by $@. | InsecureProtocol.py:19:1:19:19 | After Attribute() | call to SSL.Context |
|
||||
| InsecureProtocol.py:23:1:23:43 | After Attribute() | Insecure SSL/TLS protocol version SSLv2 specified by $@. | InsecureProtocol.py:23:1:23:43 | After Attribute() | call to ssl.wrap_socket |
|
||||
| InsecureProtocol.py:24:1:24:35 | After SSLContext() | Insecure SSL/TLS protocol version SSLv2 specified by $@. | InsecureProtocol.py:24:1:24:35 | After SSLContext() | call to SSLContext |
|
||||
| import_all_one_file.py:25:14:25:45 | copy_completely_insecure_context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | import_all_one_file.py:9:36:9:67 | After Attribute() | call to ssl.SSLContext |
|
||||
| import_all_one_file.py:25:14:25:45 | copy_completely_insecure_context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | import_all_one_file.py:9:36:9:67 | After Attribute() | call to ssl.SSLContext |
|
||||
| import_all_one_file.py:29:14:29:39 | copy_also_insecure_context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | import_all_one_file.py:12:30:12:61 | After Attribute() | call to ssl.SSLContext |
|
||||
| import_use.py:13:14:13:40 | completely_insecure_context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | import_def.py:7:31:7:62 | After Attribute() | call to ssl.SSLContext |
|
||||
| import_use.py:13:14:13:40 | completely_insecure_context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | import_def.py:7:31:7:62 | After Attribute() | call to ssl.SSLContext |
|
||||
| import_use.py:17:14:17:34 | also_insecure_context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | import_def.py:10:25:10:56 | After Attribute() | call to ssl.SSLContext |
|
||||
| pyOpenSSL_fluent.py:8:27:8:33 | context | Insecure SSL/TLS protocol version SSLv2 allowed by $@. | pyOpenSSL_fluent.py:6:15:6:44 | After Attribute() | call to SSL.Context |
|
||||
| pyOpenSSL_fluent.py:8:27:8:33 | context | Insecure SSL/TLS protocol version SSLv3 allowed by $@. | pyOpenSSL_fluent.py:6:15:6:44 | After Attribute() | call to SSL.Context |
|
||||
| pyOpenSSL_fluent.py:8:27:8:33 | context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | pyOpenSSL_fluent.py:6:15:6:44 | After Attribute() | call to SSL.Context |
|
||||
| pyOpenSSL_fluent.py:8:27:8:33 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | pyOpenSSL_fluent.py:6:15:6:44 | After Attribute() | call to SSL.Context |
|
||||
| pyOpenSSL_fluent.py:18:27:18:33 | context | Insecure SSL/TLS protocol version SSLv2 allowed by $@. | pyOpenSSL_fluent.py:15:15:15:44 | After Attribute() | call to SSL.Context |
|
||||
| pyOpenSSL_fluent.py:18:27:18:33 | context | Insecure SSL/TLS protocol version SSLv3 allowed by $@. | pyOpenSSL_fluent.py:15:15:15:44 | After Attribute() | call to SSL.Context |
|
||||
| pyOpenSSL_fluent.py:18:27:18:33 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | pyOpenSSL_fluent.py:15:15:15:44 | After Attribute() | call to SSL.Context |
|
||||
| ssl_fluent.py:9:14:9:20 | context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | ssl_fluent.py:6:15:6:46 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:9:14:9:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:6:15:6:46 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:19:14:19:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:15:15:15:46 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:28:14:28:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:24:15:24:53 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:37:14:37:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:33:15:33:53 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:57:14:57:20 | context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | ssl_fluent.py:54:15:54:49 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:57:14:57:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:54:15:54:49 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:71:14:71:20 | context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | ssl_fluent.py:62:12:62:43 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:71:14:71:20 | context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | ssl_fluent.py:101:15:101:46 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:71:14:71:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:62:12:62:43 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:71:14:71:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:65:15:65:46 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:71:14:71:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:101:15:101:46 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:71:14:71:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:115:15:115:46 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:77:14:77:20 | context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | ssl_fluent.py:62:12:62:43 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:77:14:77:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:62:12:62:43 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:97:14:97:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:65:15:65:46 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:146:14:146:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:142:15:142:46 | After Attribute() | call to ssl.SSLContext |
|
||||
| ssl_fluent.py:165:14:165:20 | context | Insecure SSL/TLS protocol version SSLv3 allowed by $@. | ssl_fluent.py:161:15:161:65 | After Attribute() | call to ssl.create_default_context |
|
||||
| ssl_fluent.py:165:14:165:20 | context | Insecure SSL/TLS protocol version TLSv1 allowed by $@. | ssl_fluent.py:161:15:161:65 | After Attribute() | call to ssl.create_default_context |
|
||||
| ssl_fluent.py:165:14:165:20 | context | Insecure SSL/TLS protocol version TLSv1_1 allowed by $@. | ssl_fluent.py:161:15:161:65 | After Attribute() | call to ssl.create_default_context |
|
||||
|
||||
@@ -1,76 +1,76 @@
|
||||
edges
|
||||
| test_cryptodome.py:2:23:2:34 | ControlFlowNode for ImportMember | test_cryptodome.py:2:23:2:34 | ControlFlowNode for get_password | provenance | |
|
||||
| test_cryptodome.py:2:23:2:34 | ControlFlowNode for get_password | test_cryptodome.py:13:17:13:28 | ControlFlowNode for get_password | provenance | |
|
||||
| test_cryptodome.py:2:23:2:34 | ControlFlowNode for get_password | test_cryptodome.py:20:17:20:28 | ControlFlowNode for get_password | provenance | |
|
||||
| test_cryptodome.py:2:37:2:51 | ControlFlowNode for ImportMember | test_cryptodome.py:2:37:2:51 | ControlFlowNode for get_certificate | provenance | |
|
||||
| test_cryptodome.py:2:37:2:51 | ControlFlowNode for get_certificate | test_cryptodome.py:6:17:6:31 | ControlFlowNode for get_certificate | provenance | |
|
||||
| test_cryptodome.py:6:5:6:13 | ControlFlowNode for dangerous | test_cryptodome.py:8:19:8:27 | ControlFlowNode for dangerous | provenance | |
|
||||
| test_cryptodome.py:6:17:6:31 | ControlFlowNode for get_certificate | test_cryptodome.py:6:17:6:33 | ControlFlowNode for get_certificate() | provenance | Config |
|
||||
| test_cryptodome.py:6:17:6:33 | ControlFlowNode for get_certificate() | test_cryptodome.py:6:5:6:13 | ControlFlowNode for dangerous | provenance | |
|
||||
| test_cryptodome.py:13:5:13:13 | ControlFlowNode for dangerous | test_cryptodome.py:15:19:15:27 | ControlFlowNode for dangerous | provenance | |
|
||||
| test_cryptodome.py:13:17:13:28 | ControlFlowNode for get_password | test_cryptodome.py:13:17:13:30 | ControlFlowNode for get_password() | provenance | Config |
|
||||
| test_cryptodome.py:13:17:13:30 | ControlFlowNode for get_password() | test_cryptodome.py:13:5:13:13 | ControlFlowNode for dangerous | provenance | |
|
||||
| test_cryptodome.py:20:5:20:13 | ControlFlowNode for dangerous | test_cryptodome.py:24:19:24:27 | ControlFlowNode for dangerous | provenance | |
|
||||
| test_cryptodome.py:20:17:20:28 | ControlFlowNode for get_password | test_cryptodome.py:20:17:20:30 | ControlFlowNode for get_password() | provenance | Config |
|
||||
| test_cryptodome.py:20:17:20:30 | ControlFlowNode for get_password() | test_cryptodome.py:20:5:20:13 | ControlFlowNode for dangerous | provenance | |
|
||||
| test_cryptography.py:3:23:3:34 | ControlFlowNode for ImportMember | test_cryptography.py:3:23:3:34 | ControlFlowNode for get_password | provenance | |
|
||||
| test_cryptography.py:3:23:3:34 | ControlFlowNode for get_password | test_cryptography.py:15:17:15:28 | ControlFlowNode for get_password | provenance | |
|
||||
| test_cryptography.py:3:23:3:34 | ControlFlowNode for get_password | test_cryptography.py:23:17:23:28 | ControlFlowNode for get_password | provenance | |
|
||||
| test_cryptography.py:3:37:3:51 | ControlFlowNode for ImportMember | test_cryptography.py:3:37:3:51 | ControlFlowNode for get_certificate | provenance | |
|
||||
| test_cryptography.py:3:37:3:51 | ControlFlowNode for get_certificate | test_cryptography.py:7:17:7:31 | ControlFlowNode for get_certificate | provenance | |
|
||||
| test_cryptography.py:7:5:7:13 | ControlFlowNode for dangerous | test_cryptography.py:9:19:9:27 | ControlFlowNode for dangerous | provenance | |
|
||||
| test_cryptography.py:7:17:7:31 | ControlFlowNode for get_certificate | test_cryptography.py:7:17:7:33 | ControlFlowNode for get_certificate() | provenance | Config |
|
||||
| test_cryptography.py:7:17:7:33 | ControlFlowNode for get_certificate() | test_cryptography.py:7:5:7:13 | ControlFlowNode for dangerous | provenance | |
|
||||
| test_cryptography.py:15:5:15:13 | ControlFlowNode for dangerous | test_cryptography.py:17:19:17:27 | ControlFlowNode for dangerous | provenance | |
|
||||
| test_cryptography.py:15:17:15:28 | ControlFlowNode for get_password | test_cryptography.py:15:17:15:30 | ControlFlowNode for get_password() | provenance | Config |
|
||||
| test_cryptography.py:15:17:15:30 | ControlFlowNode for get_password() | test_cryptography.py:15:5:15:13 | ControlFlowNode for dangerous | provenance | |
|
||||
| test_cryptography.py:23:5:23:13 | ControlFlowNode for dangerous | test_cryptography.py:27:19:27:27 | ControlFlowNode for dangerous | provenance | |
|
||||
| test_cryptography.py:23:17:23:28 | ControlFlowNode for get_password | test_cryptography.py:23:17:23:30 | ControlFlowNode for get_password() | provenance | Config |
|
||||
| test_cryptography.py:23:17:23:30 | ControlFlowNode for get_password() | test_cryptography.py:23:5:23:13 | ControlFlowNode for dangerous | provenance | |
|
||||
| test_cryptodome.py:2:23:2:34 | After ImportMember | test_cryptodome.py:2:23:2:34 | get_password | provenance | |
|
||||
| test_cryptodome.py:2:23:2:34 | get_password | test_cryptodome.py:13:17:13:28 | get_password | provenance | |
|
||||
| test_cryptodome.py:2:23:2:34 | get_password | test_cryptodome.py:20:17:20:28 | get_password | provenance | |
|
||||
| test_cryptodome.py:2:37:2:51 | After ImportMember | test_cryptodome.py:2:37:2:51 | get_certificate | provenance | |
|
||||
| test_cryptodome.py:2:37:2:51 | get_certificate | test_cryptodome.py:6:17:6:31 | get_certificate | provenance | |
|
||||
| test_cryptodome.py:6:5:6:13 | dangerous | test_cryptodome.py:8:19:8:27 | dangerous | provenance | |
|
||||
| test_cryptodome.py:6:17:6:31 | get_certificate | test_cryptodome.py:6:17:6:33 | After get_certificate() | provenance | Config |
|
||||
| test_cryptodome.py:6:17:6:33 | After get_certificate() | test_cryptodome.py:6:5:6:13 | dangerous | provenance | |
|
||||
| test_cryptodome.py:13:5:13:13 | dangerous | test_cryptodome.py:15:19:15:27 | dangerous | provenance | |
|
||||
| test_cryptodome.py:13:17:13:28 | get_password | test_cryptodome.py:13:17:13:30 | After get_password() | provenance | Config |
|
||||
| test_cryptodome.py:13:17:13:30 | After get_password() | test_cryptodome.py:13:5:13:13 | dangerous | provenance | |
|
||||
| test_cryptodome.py:20:5:20:13 | dangerous | test_cryptodome.py:24:19:24:27 | dangerous | provenance | |
|
||||
| test_cryptodome.py:20:17:20:28 | get_password | test_cryptodome.py:20:17:20:30 | After get_password() | provenance | Config |
|
||||
| test_cryptodome.py:20:17:20:30 | After get_password() | test_cryptodome.py:20:5:20:13 | dangerous | provenance | |
|
||||
| test_cryptography.py:3:23:3:34 | After ImportMember | test_cryptography.py:3:23:3:34 | get_password | provenance | |
|
||||
| test_cryptography.py:3:23:3:34 | get_password | test_cryptography.py:15:17:15:28 | get_password | provenance | |
|
||||
| test_cryptography.py:3:23:3:34 | get_password | test_cryptography.py:23:17:23:28 | get_password | provenance | |
|
||||
| test_cryptography.py:3:37:3:51 | After ImportMember | test_cryptography.py:3:37:3:51 | get_certificate | provenance | |
|
||||
| test_cryptography.py:3:37:3:51 | get_certificate | test_cryptography.py:7:17:7:31 | get_certificate | provenance | |
|
||||
| test_cryptography.py:7:5:7:13 | dangerous | test_cryptography.py:9:19:9:27 | dangerous | provenance | |
|
||||
| test_cryptography.py:7:17:7:31 | get_certificate | test_cryptography.py:7:17:7:33 | After get_certificate() | provenance | Config |
|
||||
| test_cryptography.py:7:17:7:33 | After get_certificate() | test_cryptography.py:7:5:7:13 | dangerous | provenance | |
|
||||
| test_cryptography.py:15:5:15:13 | dangerous | test_cryptography.py:17:19:17:27 | dangerous | provenance | |
|
||||
| test_cryptography.py:15:17:15:28 | get_password | test_cryptography.py:15:17:15:30 | After get_password() | provenance | Config |
|
||||
| test_cryptography.py:15:17:15:30 | After get_password() | test_cryptography.py:15:5:15:13 | dangerous | provenance | |
|
||||
| test_cryptography.py:23:5:23:13 | dangerous | test_cryptography.py:27:19:27:27 | dangerous | provenance | |
|
||||
| test_cryptography.py:23:17:23:28 | get_password | test_cryptography.py:23:17:23:30 | After get_password() | provenance | Config |
|
||||
| test_cryptography.py:23:17:23:30 | After get_password() | test_cryptography.py:23:5:23:13 | dangerous | provenance | |
|
||||
nodes
|
||||
| test_cryptodome.py:2:23:2:34 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| test_cryptodome.py:2:23:2:34 | ControlFlowNode for get_password | semmle.label | ControlFlowNode for get_password |
|
||||
| test_cryptodome.py:2:37:2:51 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| test_cryptodome.py:2:37:2:51 | ControlFlowNode for get_certificate | semmle.label | ControlFlowNode for get_certificate |
|
||||
| test_cryptodome.py:6:5:6:13 | ControlFlowNode for dangerous | semmle.label | ControlFlowNode for dangerous |
|
||||
| test_cryptodome.py:6:17:6:31 | ControlFlowNode for get_certificate | semmle.label | ControlFlowNode for get_certificate |
|
||||
| test_cryptodome.py:6:17:6:33 | ControlFlowNode for get_certificate() | semmle.label | ControlFlowNode for get_certificate() |
|
||||
| test_cryptodome.py:8:19:8:27 | ControlFlowNode for dangerous | semmle.label | ControlFlowNode for dangerous |
|
||||
| test_cryptodome.py:13:5:13:13 | ControlFlowNode for dangerous | semmle.label | ControlFlowNode for dangerous |
|
||||
| test_cryptodome.py:13:17:13:28 | ControlFlowNode for get_password | semmle.label | ControlFlowNode for get_password |
|
||||
| test_cryptodome.py:13:17:13:30 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
|
||||
| test_cryptodome.py:15:19:15:27 | ControlFlowNode for dangerous | semmle.label | ControlFlowNode for dangerous |
|
||||
| test_cryptodome.py:20:5:20:13 | ControlFlowNode for dangerous | semmle.label | ControlFlowNode for dangerous |
|
||||
| test_cryptodome.py:20:17:20:28 | ControlFlowNode for get_password | semmle.label | ControlFlowNode for get_password |
|
||||
| test_cryptodome.py:20:17:20:30 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
|
||||
| test_cryptodome.py:24:19:24:27 | ControlFlowNode for dangerous | semmle.label | ControlFlowNode for dangerous |
|
||||
| test_cryptography.py:3:23:3:34 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| test_cryptography.py:3:23:3:34 | ControlFlowNode for get_password | semmle.label | ControlFlowNode for get_password |
|
||||
| test_cryptography.py:3:37:3:51 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| test_cryptography.py:3:37:3:51 | ControlFlowNode for get_certificate | semmle.label | ControlFlowNode for get_certificate |
|
||||
| test_cryptography.py:7:5:7:13 | ControlFlowNode for dangerous | semmle.label | ControlFlowNode for dangerous |
|
||||
| test_cryptography.py:7:17:7:31 | ControlFlowNode for get_certificate | semmle.label | ControlFlowNode for get_certificate |
|
||||
| test_cryptography.py:7:17:7:33 | ControlFlowNode for get_certificate() | semmle.label | ControlFlowNode for get_certificate() |
|
||||
| test_cryptography.py:9:19:9:27 | ControlFlowNode for dangerous | semmle.label | ControlFlowNode for dangerous |
|
||||
| test_cryptography.py:15:5:15:13 | ControlFlowNode for dangerous | semmle.label | ControlFlowNode for dangerous |
|
||||
| test_cryptography.py:15:17:15:28 | ControlFlowNode for get_password | semmle.label | ControlFlowNode for get_password |
|
||||
| test_cryptography.py:15:17:15:30 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
|
||||
| test_cryptography.py:17:19:17:27 | ControlFlowNode for dangerous | semmle.label | ControlFlowNode for dangerous |
|
||||
| test_cryptography.py:23:5:23:13 | ControlFlowNode for dangerous | semmle.label | ControlFlowNode for dangerous |
|
||||
| test_cryptography.py:23:17:23:28 | ControlFlowNode for get_password | semmle.label | ControlFlowNode for get_password |
|
||||
| test_cryptography.py:23:17:23:30 | ControlFlowNode for get_password() | semmle.label | ControlFlowNode for get_password() |
|
||||
| test_cryptography.py:27:19:27:27 | ControlFlowNode for dangerous | semmle.label | ControlFlowNode for dangerous |
|
||||
| test_cryptodome.py:2:23:2:34 | After ImportMember | semmle.label | After ImportMember |
|
||||
| test_cryptodome.py:2:23:2:34 | get_password | semmle.label | get_password |
|
||||
| test_cryptodome.py:2:37:2:51 | After ImportMember | semmle.label | After ImportMember |
|
||||
| test_cryptodome.py:2:37:2:51 | get_certificate | semmle.label | get_certificate |
|
||||
| test_cryptodome.py:6:5:6:13 | dangerous | semmle.label | dangerous |
|
||||
| test_cryptodome.py:6:17:6:31 | get_certificate | semmle.label | get_certificate |
|
||||
| test_cryptodome.py:6:17:6:33 | After get_certificate() | semmle.label | After get_certificate() |
|
||||
| test_cryptodome.py:8:19:8:27 | dangerous | semmle.label | dangerous |
|
||||
| test_cryptodome.py:13:5:13:13 | dangerous | semmle.label | dangerous |
|
||||
| test_cryptodome.py:13:17:13:28 | get_password | semmle.label | get_password |
|
||||
| test_cryptodome.py:13:17:13:30 | After get_password() | semmle.label | After get_password() |
|
||||
| test_cryptodome.py:15:19:15:27 | dangerous | semmle.label | dangerous |
|
||||
| test_cryptodome.py:20:5:20:13 | dangerous | semmle.label | dangerous |
|
||||
| test_cryptodome.py:20:17:20:28 | get_password | semmle.label | get_password |
|
||||
| test_cryptodome.py:20:17:20:30 | After get_password() | semmle.label | After get_password() |
|
||||
| test_cryptodome.py:24:19:24:27 | dangerous | semmle.label | dangerous |
|
||||
| test_cryptography.py:3:23:3:34 | After ImportMember | semmle.label | After ImportMember |
|
||||
| test_cryptography.py:3:23:3:34 | get_password | semmle.label | get_password |
|
||||
| test_cryptography.py:3:37:3:51 | After ImportMember | semmle.label | After ImportMember |
|
||||
| test_cryptography.py:3:37:3:51 | get_certificate | semmle.label | get_certificate |
|
||||
| test_cryptography.py:7:5:7:13 | dangerous | semmle.label | dangerous |
|
||||
| test_cryptography.py:7:17:7:31 | get_certificate | semmle.label | get_certificate |
|
||||
| test_cryptography.py:7:17:7:33 | After get_certificate() | semmle.label | After get_certificate() |
|
||||
| test_cryptography.py:9:19:9:27 | dangerous | semmle.label | dangerous |
|
||||
| test_cryptography.py:15:5:15:13 | dangerous | semmle.label | dangerous |
|
||||
| test_cryptography.py:15:17:15:28 | get_password | semmle.label | get_password |
|
||||
| test_cryptography.py:15:17:15:30 | After get_password() | semmle.label | After get_password() |
|
||||
| test_cryptography.py:17:19:17:27 | dangerous | semmle.label | dangerous |
|
||||
| test_cryptography.py:23:5:23:13 | dangerous | semmle.label | dangerous |
|
||||
| test_cryptography.py:23:17:23:28 | get_password | semmle.label | get_password |
|
||||
| test_cryptography.py:23:17:23:30 | After get_password() | semmle.label | After get_password() |
|
||||
| test_cryptography.py:27:19:27:27 | dangerous | semmle.label | dangerous |
|
||||
subpaths
|
||||
#select
|
||||
| test_cryptodome.py:8:19:8:27 | ControlFlowNode for dangerous | test_cryptodome.py:2:37:2:51 | ControlFlowNode for ImportMember | test_cryptodome.py:8:19:8:27 | ControlFlowNode for dangerous | $@ is used in a hashing algorithm (MD5) that is insecure. | test_cryptodome.py:2:37:2:51 | ControlFlowNode for ImportMember | Sensitive data (certificate) |
|
||||
| test_cryptodome.py:8:19:8:27 | ControlFlowNode for dangerous | test_cryptodome.py:6:17:6:33 | ControlFlowNode for get_certificate() | test_cryptodome.py:8:19:8:27 | ControlFlowNode for dangerous | $@ is used in a hashing algorithm (MD5) that is insecure. | test_cryptodome.py:6:17:6:33 | ControlFlowNode for get_certificate() | Sensitive data (certificate) |
|
||||
| test_cryptodome.py:15:19:15:27 | ControlFlowNode for dangerous | test_cryptodome.py:2:23:2:34 | ControlFlowNode for ImportMember | test_cryptodome.py:15:19:15:27 | ControlFlowNode for dangerous | $@ is used in a hashing algorithm (MD5) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptodome.py:2:23:2:34 | ControlFlowNode for ImportMember | Sensitive data (password) |
|
||||
| test_cryptodome.py:15:19:15:27 | ControlFlowNode for dangerous | test_cryptodome.py:13:17:13:30 | ControlFlowNode for get_password() | test_cryptodome.py:15:19:15:27 | ControlFlowNode for dangerous | $@ is used in a hashing algorithm (MD5) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptodome.py:13:17:13:30 | ControlFlowNode for get_password() | Sensitive data (password) |
|
||||
| test_cryptodome.py:24:19:24:27 | ControlFlowNode for dangerous | test_cryptodome.py:2:23:2:34 | ControlFlowNode for ImportMember | test_cryptodome.py:24:19:24:27 | ControlFlowNode for dangerous | $@ is used in a hashing algorithm (SHA256) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptodome.py:2:23:2:34 | ControlFlowNode for ImportMember | Sensitive data (password) |
|
||||
| test_cryptodome.py:24:19:24:27 | ControlFlowNode for dangerous | test_cryptodome.py:20:17:20:30 | ControlFlowNode for get_password() | test_cryptodome.py:24:19:24:27 | ControlFlowNode for dangerous | $@ is used in a hashing algorithm (SHA256) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptodome.py:20:17:20:30 | ControlFlowNode for get_password() | Sensitive data (password) |
|
||||
| test_cryptography.py:9:19:9:27 | ControlFlowNode for dangerous | test_cryptography.py:3:37:3:51 | ControlFlowNode for ImportMember | test_cryptography.py:9:19:9:27 | ControlFlowNode for dangerous | $@ is used in a hashing algorithm (MD5) that is insecure. | test_cryptography.py:3:37:3:51 | ControlFlowNode for ImportMember | Sensitive data (certificate) |
|
||||
| test_cryptography.py:9:19:9:27 | ControlFlowNode for dangerous | test_cryptography.py:7:17:7:33 | ControlFlowNode for get_certificate() | test_cryptography.py:9:19:9:27 | ControlFlowNode for dangerous | $@ is used in a hashing algorithm (MD5) that is insecure. | test_cryptography.py:7:17:7:33 | ControlFlowNode for get_certificate() | Sensitive data (certificate) |
|
||||
| test_cryptography.py:17:19:17:27 | ControlFlowNode for dangerous | test_cryptography.py:3:23:3:34 | ControlFlowNode for ImportMember | test_cryptography.py:17:19:17:27 | ControlFlowNode for dangerous | $@ is used in a hashing algorithm (MD5) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptography.py:3:23:3:34 | ControlFlowNode for ImportMember | Sensitive data (password) |
|
||||
| test_cryptography.py:17:19:17:27 | ControlFlowNode for dangerous | test_cryptography.py:15:17:15:30 | ControlFlowNode for get_password() | test_cryptography.py:17:19:17:27 | ControlFlowNode for dangerous | $@ is used in a hashing algorithm (MD5) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptography.py:15:17:15:30 | ControlFlowNode for get_password() | Sensitive data (password) |
|
||||
| test_cryptography.py:27:19:27:27 | ControlFlowNode for dangerous | test_cryptography.py:3:23:3:34 | ControlFlowNode for ImportMember | test_cryptography.py:27:19:27:27 | ControlFlowNode for dangerous | $@ is used in a hashing algorithm (SHA256) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptography.py:3:23:3:34 | ControlFlowNode for ImportMember | Sensitive data (password) |
|
||||
| test_cryptography.py:27:19:27:27 | ControlFlowNode for dangerous | test_cryptography.py:23:17:23:30 | ControlFlowNode for get_password() | test_cryptography.py:27:19:27:27 | ControlFlowNode for dangerous | $@ is used in a hashing algorithm (SHA256) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptography.py:23:17:23:30 | ControlFlowNode for get_password() | Sensitive data (password) |
|
||||
| test_cryptodome.py:8:19:8:27 | dangerous | test_cryptodome.py:2:37:2:51 | After ImportMember | test_cryptodome.py:8:19:8:27 | dangerous | $@ is used in a hashing algorithm (MD5) that is insecure. | test_cryptodome.py:2:37:2:51 | After ImportMember | Sensitive data (certificate) |
|
||||
| test_cryptodome.py:8:19:8:27 | dangerous | test_cryptodome.py:6:17:6:33 | After get_certificate() | test_cryptodome.py:8:19:8:27 | dangerous | $@ is used in a hashing algorithm (MD5) that is insecure. | test_cryptodome.py:6:17:6:33 | After get_certificate() | Sensitive data (certificate) |
|
||||
| test_cryptodome.py:15:19:15:27 | dangerous | test_cryptodome.py:2:23:2:34 | After ImportMember | test_cryptodome.py:15:19:15:27 | dangerous | $@ is used in a hashing algorithm (MD5) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptodome.py:2:23:2:34 | After ImportMember | Sensitive data (password) |
|
||||
| test_cryptodome.py:15:19:15:27 | dangerous | test_cryptodome.py:13:17:13:30 | After get_password() | test_cryptodome.py:15:19:15:27 | dangerous | $@ is used in a hashing algorithm (MD5) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptodome.py:13:17:13:30 | After get_password() | Sensitive data (password) |
|
||||
| test_cryptodome.py:24:19:24:27 | dangerous | test_cryptodome.py:2:23:2:34 | After ImportMember | test_cryptodome.py:24:19:24:27 | dangerous | $@ is used in a hashing algorithm (SHA256) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptodome.py:2:23:2:34 | After ImportMember | Sensitive data (password) |
|
||||
| test_cryptodome.py:24:19:24:27 | dangerous | test_cryptodome.py:20:17:20:30 | After get_password() | test_cryptodome.py:24:19:24:27 | dangerous | $@ is used in a hashing algorithm (SHA256) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptodome.py:20:17:20:30 | After get_password() | Sensitive data (password) |
|
||||
| test_cryptography.py:9:19:9:27 | dangerous | test_cryptography.py:3:37:3:51 | After ImportMember | test_cryptography.py:9:19:9:27 | dangerous | $@ is used in a hashing algorithm (MD5) that is insecure. | test_cryptography.py:3:37:3:51 | After ImportMember | Sensitive data (certificate) |
|
||||
| test_cryptography.py:9:19:9:27 | dangerous | test_cryptography.py:7:17:7:33 | After get_certificate() | test_cryptography.py:9:19:9:27 | dangerous | $@ is used in a hashing algorithm (MD5) that is insecure. | test_cryptography.py:7:17:7:33 | After get_certificate() | Sensitive data (certificate) |
|
||||
| test_cryptography.py:17:19:17:27 | dangerous | test_cryptography.py:3:23:3:34 | After ImportMember | test_cryptography.py:17:19:17:27 | dangerous | $@ is used in a hashing algorithm (MD5) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptography.py:3:23:3:34 | After ImportMember | Sensitive data (password) |
|
||||
| test_cryptography.py:17:19:17:27 | dangerous | test_cryptography.py:15:17:15:30 | After get_password() | test_cryptography.py:17:19:17:27 | dangerous | $@ is used in a hashing algorithm (MD5) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptography.py:15:17:15:30 | After get_password() | Sensitive data (password) |
|
||||
| test_cryptography.py:27:19:27:27 | dangerous | test_cryptography.py:3:23:3:34 | After ImportMember | test_cryptography.py:27:19:27:27 | dangerous | $@ is used in a hashing algorithm (SHA256) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptography.py:3:23:3:34 | After ImportMember | Sensitive data (password) |
|
||||
| test_cryptography.py:27:19:27:27 | dangerous | test_cryptography.py:23:17:23:30 | After get_password() | test_cryptography.py:27:19:27:27 | dangerous | $@ is used in a hashing algorithm (SHA256) that is insecure for password hashing, since it is not a computationally expensive hash function. | test_cryptography.py:23:17:23:30 | After get_password() | Sensitive data (password) |
|
||||
|
||||
@@ -1,30 +1,30 @@
|
||||
edges
|
||||
| unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for ImportMember | unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for request | provenance | |
|
||||
| unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for request | unsafe_deserialization.py:14:15:14:21 | ControlFlowNode for request | provenance | |
|
||||
| unsafe_deserialization.py:14:5:14:11 | ControlFlowNode for payload | unsafe_deserialization.py:15:18:15:24 | ControlFlowNode for payload | provenance | |
|
||||
| unsafe_deserialization.py:14:5:14:11 | ControlFlowNode for payload | unsafe_deserialization.py:16:15:16:21 | ControlFlowNode for payload | provenance | |
|
||||
| unsafe_deserialization.py:14:5:14:11 | ControlFlowNode for payload | unsafe_deserialization.py:18:19:18:25 | ControlFlowNode for payload | provenance | |
|
||||
| unsafe_deserialization.py:14:5:14:11 | ControlFlowNode for payload | unsafe_deserialization.py:21:16:21:22 | ControlFlowNode for payload | provenance | |
|
||||
| unsafe_deserialization.py:14:5:14:11 | ControlFlowNode for payload | unsafe_deserialization.py:24:24:24:30 | ControlFlowNode for payload | provenance | |
|
||||
| unsafe_deserialization.py:14:15:14:21 | ControlFlowNode for request | unsafe_deserialization.py:14:15:14:26 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| unsafe_deserialization.py:14:15:14:26 | ControlFlowNode for Attribute | unsafe_deserialization.py:14:15:14:41 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| unsafe_deserialization.py:14:15:14:41 | ControlFlowNode for Attribute() | unsafe_deserialization.py:14:5:14:11 | ControlFlowNode for payload | provenance | |
|
||||
| unsafe_deserialization.py:8:26:8:32 | After ImportMember | unsafe_deserialization.py:8:26:8:32 | request | provenance | |
|
||||
| unsafe_deserialization.py:8:26:8:32 | request | unsafe_deserialization.py:14:15:14:21 | request | provenance | |
|
||||
| unsafe_deserialization.py:14:5:14:11 | payload | unsafe_deserialization.py:15:18:15:24 | payload | provenance | |
|
||||
| unsafe_deserialization.py:14:5:14:11 | payload | unsafe_deserialization.py:16:15:16:21 | payload | provenance | |
|
||||
| unsafe_deserialization.py:14:5:14:11 | payload | unsafe_deserialization.py:18:19:18:25 | payload | provenance | |
|
||||
| unsafe_deserialization.py:14:5:14:11 | payload | unsafe_deserialization.py:21:16:21:22 | payload | provenance | |
|
||||
| unsafe_deserialization.py:14:5:14:11 | payload | unsafe_deserialization.py:24:24:24:30 | payload | provenance | |
|
||||
| unsafe_deserialization.py:14:15:14:21 | request | unsafe_deserialization.py:14:15:14:26 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| unsafe_deserialization.py:14:15:14:26 | After Attribute | unsafe_deserialization.py:14:15:14:41 | After Attribute() | provenance | dict.get |
|
||||
| unsafe_deserialization.py:14:15:14:41 | After Attribute() | unsafe_deserialization.py:14:5:14:11 | payload | provenance | |
|
||||
nodes
|
||||
| unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| unsafe_deserialization.py:14:5:14:11 | ControlFlowNode for payload | semmle.label | ControlFlowNode for payload |
|
||||
| unsafe_deserialization.py:14:15:14:21 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| unsafe_deserialization.py:14:15:14:26 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| unsafe_deserialization.py:14:15:14:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| unsafe_deserialization.py:15:18:15:24 | ControlFlowNode for payload | semmle.label | ControlFlowNode for payload |
|
||||
| unsafe_deserialization.py:16:15:16:21 | ControlFlowNode for payload | semmle.label | ControlFlowNode for payload |
|
||||
| unsafe_deserialization.py:18:19:18:25 | ControlFlowNode for payload | semmle.label | ControlFlowNode for payload |
|
||||
| unsafe_deserialization.py:21:16:21:22 | ControlFlowNode for payload | semmle.label | ControlFlowNode for payload |
|
||||
| unsafe_deserialization.py:24:24:24:30 | ControlFlowNode for payload | semmle.label | ControlFlowNode for payload |
|
||||
| unsafe_deserialization.py:8:26:8:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| unsafe_deserialization.py:8:26:8:32 | request | semmle.label | request |
|
||||
| unsafe_deserialization.py:14:5:14:11 | payload | semmle.label | payload |
|
||||
| unsafe_deserialization.py:14:15:14:21 | request | semmle.label | request |
|
||||
| unsafe_deserialization.py:14:15:14:26 | After Attribute | semmle.label | After Attribute |
|
||||
| unsafe_deserialization.py:14:15:14:41 | After Attribute() | semmle.label | After Attribute() |
|
||||
| unsafe_deserialization.py:15:18:15:24 | payload | semmle.label | payload |
|
||||
| unsafe_deserialization.py:16:15:16:21 | payload | semmle.label | payload |
|
||||
| unsafe_deserialization.py:18:19:18:25 | payload | semmle.label | payload |
|
||||
| unsafe_deserialization.py:21:16:21:22 | payload | semmle.label | payload |
|
||||
| unsafe_deserialization.py:24:24:24:30 | payload | semmle.label | payload |
|
||||
subpaths
|
||||
#select
|
||||
| unsafe_deserialization.py:15:18:15:24 | ControlFlowNode for payload | unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for ImportMember | unsafe_deserialization.py:15:18:15:24 | ControlFlowNode for payload | Unsafe deserialization depends on a $@. | unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| unsafe_deserialization.py:16:15:16:21 | ControlFlowNode for payload | unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for ImportMember | unsafe_deserialization.py:16:15:16:21 | ControlFlowNode for payload | Unsafe deserialization depends on a $@. | unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| unsafe_deserialization.py:18:19:18:25 | ControlFlowNode for payload | unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for ImportMember | unsafe_deserialization.py:18:19:18:25 | ControlFlowNode for payload | Unsafe deserialization depends on a $@. | unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| unsafe_deserialization.py:21:16:21:22 | ControlFlowNode for payload | unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for ImportMember | unsafe_deserialization.py:21:16:21:22 | ControlFlowNode for payload | Unsafe deserialization depends on a $@. | unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| unsafe_deserialization.py:24:24:24:30 | ControlFlowNode for payload | unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for ImportMember | unsafe_deserialization.py:24:24:24:30 | ControlFlowNode for payload | Unsafe deserialization depends on a $@. | unsafe_deserialization.py:8:26:8:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| unsafe_deserialization.py:15:18:15:24 | payload | unsafe_deserialization.py:8:26:8:32 | After ImportMember | unsafe_deserialization.py:15:18:15:24 | payload | Unsafe deserialization depends on a $@. | unsafe_deserialization.py:8:26:8:32 | After ImportMember | user-provided value |
|
||||
| unsafe_deserialization.py:16:15:16:21 | payload | unsafe_deserialization.py:8:26:8:32 | After ImportMember | unsafe_deserialization.py:16:15:16:21 | payload | Unsafe deserialization depends on a $@. | unsafe_deserialization.py:8:26:8:32 | After ImportMember | user-provided value |
|
||||
| unsafe_deserialization.py:18:19:18:25 | payload | unsafe_deserialization.py:8:26:8:32 | After ImportMember | unsafe_deserialization.py:18:19:18:25 | payload | Unsafe deserialization depends on a $@. | unsafe_deserialization.py:8:26:8:32 | After ImportMember | user-provided value |
|
||||
| unsafe_deserialization.py:21:16:21:22 | payload | unsafe_deserialization.py:8:26:8:32 | After ImportMember | unsafe_deserialization.py:21:16:21:22 | payload | Unsafe deserialization depends on a $@. | unsafe_deserialization.py:8:26:8:32 | After ImportMember | user-provided value |
|
||||
| unsafe_deserialization.py:24:24:24:30 | payload | unsafe_deserialization.py:8:26:8:32 | After ImportMember | unsafe_deserialization.py:24:24:24:30 | payload | Unsafe deserialization depends on a $@. | unsafe_deserialization.py:8:26:8:32 | After ImportMember | user-provided value |
|
||||
|
||||
@@ -1,153 +1,153 @@
|
||||
edges
|
||||
| test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:1:26:1:32 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:7:14:7:20 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:30:17:30:23 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:37:17:37:23 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:44:17:44:23 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:60:17:60:23 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:67:17:67:23 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:74:17:74:23 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:81:17:81:23 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:90:17:90:23 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:111:17:111:23 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:137:17:137:23 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:145:17:145:23 | ControlFlowNode for request | provenance | |
|
||||
| test.py:7:5:7:10 | ControlFlowNode for target | test.py:8:21:8:26 | ControlFlowNode for target | provenance | |
|
||||
| test.py:7:14:7:20 | ControlFlowNode for request | test.py:7:14:7:25 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:7:14:7:25 | ControlFlowNode for Attribute | test.py:7:14:7:43 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:7:14:7:43 | ControlFlowNode for Attribute() | test.py:7:5:7:10 | ControlFlowNode for target | provenance | |
|
||||
| test.py:30:5:30:13 | ControlFlowNode for untrusted | test.py:31:5:31:8 | ControlFlowNode for safe | provenance | |
|
||||
| test.py:30:17:30:23 | ControlFlowNode for request | test.py:30:17:30:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:30:17:30:28 | ControlFlowNode for Attribute | test.py:30:17:30:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:30:17:30:46 | ControlFlowNode for Attribute() | test.py:30:5:30:13 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:31:5:31:8 | ControlFlowNode for safe | test.py:32:21:32:24 | ControlFlowNode for safe | provenance | |
|
||||
| test.py:37:5:37:13 | ControlFlowNode for untrusted | test.py:38:5:38:8 | ControlFlowNode for safe | provenance | |
|
||||
| test.py:37:17:37:23 | ControlFlowNode for request | test.py:37:17:37:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:37:17:37:28 | ControlFlowNode for Attribute | test.py:37:17:37:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:37:17:37:46 | ControlFlowNode for Attribute() | test.py:37:5:37:13 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:38:5:38:8 | ControlFlowNode for safe | test.py:39:21:39:24 | ControlFlowNode for safe | provenance | |
|
||||
| test.py:44:5:44:13 | ControlFlowNode for untrusted | test.py:45:5:45:8 | ControlFlowNode for safe | provenance | |
|
||||
| test.py:44:17:44:23 | ControlFlowNode for request | test.py:44:17:44:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:44:17:44:28 | ControlFlowNode for Attribute | test.py:44:17:44:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:44:17:44:46 | ControlFlowNode for Attribute() | test.py:44:5:44:13 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:45:5:45:8 | ControlFlowNode for safe | test.py:46:21:46:24 | ControlFlowNode for safe | provenance | |
|
||||
| test.py:60:5:60:13 | ControlFlowNode for untrusted | test.py:61:5:61:10 | ControlFlowNode for unsafe | provenance | |
|
||||
| test.py:60:17:60:23 | ControlFlowNode for request | test.py:60:17:60:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:60:17:60:28 | ControlFlowNode for Attribute | test.py:60:17:60:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:60:17:60:46 | ControlFlowNode for Attribute() | test.py:60:5:60:13 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:61:5:61:10 | ControlFlowNode for unsafe | test.py:62:21:62:26 | ControlFlowNode for unsafe | provenance | |
|
||||
| test.py:67:5:67:13 | ControlFlowNode for untrusted | test.py:68:5:68:10 | ControlFlowNode for unsafe | provenance | |
|
||||
| test.py:67:17:67:23 | ControlFlowNode for request | test.py:67:17:67:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:67:17:67:28 | ControlFlowNode for Attribute | test.py:67:17:67:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:67:17:67:46 | ControlFlowNode for Attribute() | test.py:67:5:67:13 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:68:5:68:10 | ControlFlowNode for unsafe | test.py:69:21:69:26 | ControlFlowNode for unsafe | provenance | |
|
||||
| test.py:74:5:74:13 | ControlFlowNode for untrusted | test.py:75:5:75:10 | ControlFlowNode for unsafe | provenance | |
|
||||
| test.py:74:17:74:23 | ControlFlowNode for request | test.py:74:17:74:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:74:17:74:28 | ControlFlowNode for Attribute | test.py:74:17:74:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:74:17:74:46 | ControlFlowNode for Attribute() | test.py:74:5:74:13 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:75:5:75:10 | ControlFlowNode for unsafe | test.py:76:21:76:26 | ControlFlowNode for unsafe | provenance | |
|
||||
| test.py:81:5:81:13 | ControlFlowNode for untrusted | test.py:82:5:82:10 | ControlFlowNode for unsafe | provenance | |
|
||||
| test.py:81:17:81:23 | ControlFlowNode for request | test.py:81:17:81:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:81:17:81:28 | ControlFlowNode for Attribute | test.py:81:17:81:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:81:17:81:46 | ControlFlowNode for Attribute() | test.py:81:5:81:13 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:82:5:82:10 | ControlFlowNode for unsafe | test.py:83:21:83:26 | ControlFlowNode for unsafe | provenance | |
|
||||
| test.py:90:5:90:13 | ControlFlowNode for untrusted | test.py:93:18:93:26 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:90:17:90:23 | ControlFlowNode for request | test.py:90:17:90:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:90:17:90:28 | ControlFlowNode for Attribute | test.py:90:17:90:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:90:17:90:46 | ControlFlowNode for Attribute() | test.py:90:5:90:13 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:111:5:111:13 | ControlFlowNode for untrusted | test.py:114:25:114:33 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:111:17:111:23 | ControlFlowNode for request | test.py:111:17:111:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:111:17:111:28 | ControlFlowNode for Attribute | test.py:111:17:111:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:111:17:111:46 | ControlFlowNode for Attribute() | test.py:111:5:111:13 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:137:5:137:13 | ControlFlowNode for untrusted | test.py:140:25:140:33 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:137:17:137:23 | ControlFlowNode for request | test.py:137:17:137:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:137:17:137:28 | ControlFlowNode for Attribute | test.py:137:17:137:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:137:17:137:46 | ControlFlowNode for Attribute() | test.py:137:5:137:13 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:145:5:145:13 | ControlFlowNode for untrusted | test.py:148:25:148:33 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:145:17:145:23 | ControlFlowNode for request | test.py:145:17:145:28 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:145:17:145:28 | ControlFlowNode for Attribute | test.py:145:17:145:46 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:145:17:145:46 | ControlFlowNode for Attribute() | test.py:145:5:145:13 | ControlFlowNode for untrusted | provenance | |
|
||||
| test.py:1:26:1:32 | After ImportMember | test.py:1:26:1:32 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:7:14:7:20 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:30:17:30:23 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:37:17:37:23 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:44:17:44:23 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:60:17:60:23 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:67:17:67:23 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:74:17:74:23 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:81:17:81:23 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:90:17:90:23 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:111:17:111:23 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:137:17:137:23 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:145:17:145:23 | request | provenance | |
|
||||
| test.py:7:5:7:10 | target | test.py:8:21:8:26 | target | provenance | |
|
||||
| test.py:7:14:7:20 | request | test.py:7:14:7:25 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:7:14:7:25 | After Attribute | test.py:7:14:7:43 | After Attribute() | provenance | dict.get |
|
||||
| test.py:7:14:7:43 | After Attribute() | test.py:7:5:7:10 | target | provenance | |
|
||||
| test.py:30:5:30:13 | untrusted | test.py:31:5:31:8 | safe | provenance | |
|
||||
| test.py:30:17:30:23 | request | test.py:30:17:30:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:30:17:30:28 | After Attribute | test.py:30:17:30:46 | After Attribute() | provenance | dict.get |
|
||||
| test.py:30:17:30:46 | After Attribute() | test.py:30:5:30:13 | untrusted | provenance | |
|
||||
| test.py:31:5:31:8 | safe | test.py:32:21:32:24 | safe | provenance | |
|
||||
| test.py:37:5:37:13 | untrusted | test.py:38:5:38:8 | safe | provenance | |
|
||||
| test.py:37:17:37:23 | request | test.py:37:17:37:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:37:17:37:28 | After Attribute | test.py:37:17:37:46 | After Attribute() | provenance | dict.get |
|
||||
| test.py:37:17:37:46 | After Attribute() | test.py:37:5:37:13 | untrusted | provenance | |
|
||||
| test.py:38:5:38:8 | safe | test.py:39:21:39:24 | safe | provenance | |
|
||||
| test.py:44:5:44:13 | untrusted | test.py:45:5:45:8 | safe | provenance | |
|
||||
| test.py:44:17:44:23 | request | test.py:44:17:44:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:44:17:44:28 | After Attribute | test.py:44:17:44:46 | After Attribute() | provenance | dict.get |
|
||||
| test.py:44:17:44:46 | After Attribute() | test.py:44:5:44:13 | untrusted | provenance | |
|
||||
| test.py:45:5:45:8 | safe | test.py:46:21:46:24 | safe | provenance | |
|
||||
| test.py:60:5:60:13 | untrusted | test.py:61:5:61:10 | unsafe | provenance | |
|
||||
| test.py:60:17:60:23 | request | test.py:60:17:60:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:60:17:60:28 | After Attribute | test.py:60:17:60:46 | After Attribute() | provenance | dict.get |
|
||||
| test.py:60:17:60:46 | After Attribute() | test.py:60:5:60:13 | untrusted | provenance | |
|
||||
| test.py:61:5:61:10 | unsafe | test.py:62:21:62:26 | unsafe | provenance | |
|
||||
| test.py:67:5:67:13 | untrusted | test.py:68:5:68:10 | unsafe | provenance | |
|
||||
| test.py:67:17:67:23 | request | test.py:67:17:67:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:67:17:67:28 | After Attribute | test.py:67:17:67:46 | After Attribute() | provenance | dict.get |
|
||||
| test.py:67:17:67:46 | After Attribute() | test.py:67:5:67:13 | untrusted | provenance | |
|
||||
| test.py:68:5:68:10 | unsafe | test.py:69:21:69:26 | unsafe | provenance | |
|
||||
| test.py:74:5:74:13 | untrusted | test.py:75:5:75:10 | unsafe | provenance | |
|
||||
| test.py:74:17:74:23 | request | test.py:74:17:74:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:74:17:74:28 | After Attribute | test.py:74:17:74:46 | After Attribute() | provenance | dict.get |
|
||||
| test.py:74:17:74:46 | After Attribute() | test.py:74:5:74:13 | untrusted | provenance | |
|
||||
| test.py:75:5:75:10 | unsafe | test.py:76:21:76:26 | unsafe | provenance | |
|
||||
| test.py:81:5:81:13 | untrusted | test.py:82:5:82:10 | unsafe | provenance | |
|
||||
| test.py:81:17:81:23 | request | test.py:81:17:81:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:81:17:81:28 | After Attribute | test.py:81:17:81:46 | After Attribute() | provenance | dict.get |
|
||||
| test.py:81:17:81:46 | After Attribute() | test.py:81:5:81:13 | untrusted | provenance | |
|
||||
| test.py:82:5:82:10 | unsafe | test.py:83:21:83:26 | unsafe | provenance | |
|
||||
| test.py:90:5:90:13 | untrusted | test.py:93:18:93:26 | untrusted | provenance | |
|
||||
| test.py:90:17:90:23 | request | test.py:90:17:90:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:90:17:90:28 | After Attribute | test.py:90:17:90:46 | After Attribute() | provenance | dict.get |
|
||||
| test.py:90:17:90:46 | After Attribute() | test.py:90:5:90:13 | untrusted | provenance | |
|
||||
| test.py:111:5:111:13 | untrusted | test.py:114:25:114:33 | untrusted | provenance | |
|
||||
| test.py:111:17:111:23 | request | test.py:111:17:111:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:111:17:111:28 | After Attribute | test.py:111:17:111:46 | After Attribute() | provenance | dict.get |
|
||||
| test.py:111:17:111:46 | After Attribute() | test.py:111:5:111:13 | untrusted | provenance | |
|
||||
| test.py:137:5:137:13 | untrusted | test.py:140:25:140:33 | untrusted | provenance | |
|
||||
| test.py:137:17:137:23 | request | test.py:137:17:137:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:137:17:137:28 | After Attribute | test.py:137:17:137:46 | After Attribute() | provenance | dict.get |
|
||||
| test.py:137:17:137:46 | After Attribute() | test.py:137:5:137:13 | untrusted | provenance | |
|
||||
| test.py:145:5:145:13 | untrusted | test.py:148:25:148:33 | untrusted | provenance | |
|
||||
| test.py:145:17:145:23 | request | test.py:145:17:145:28 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:145:17:145:28 | After Attribute | test.py:145:17:145:46 | After Attribute() | provenance | dict.get |
|
||||
| test.py:145:17:145:46 | After Attribute() | test.py:145:5:145:13 | untrusted | provenance | |
|
||||
nodes
|
||||
| test.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:7:5:7:10 | ControlFlowNode for target | semmle.label | ControlFlowNode for target |
|
||||
| test.py:7:14:7:20 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:7:14:7:25 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:7:14:7:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:8:21:8:26 | ControlFlowNode for target | semmle.label | ControlFlowNode for target |
|
||||
| test.py:30:5:30:13 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:30:17:30:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:30:17:30:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:30:17:30:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:31:5:31:8 | ControlFlowNode for safe | semmle.label | ControlFlowNode for safe |
|
||||
| test.py:32:21:32:24 | ControlFlowNode for safe | semmle.label | ControlFlowNode for safe |
|
||||
| test.py:37:5:37:13 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:37:17:37:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:37:17:37:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:37:17:37:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:38:5:38:8 | ControlFlowNode for safe | semmle.label | ControlFlowNode for safe |
|
||||
| test.py:39:21:39:24 | ControlFlowNode for safe | semmle.label | ControlFlowNode for safe |
|
||||
| test.py:44:5:44:13 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:44:17:44:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:44:17:44:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:44:17:44:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:45:5:45:8 | ControlFlowNode for safe | semmle.label | ControlFlowNode for safe |
|
||||
| test.py:46:21:46:24 | ControlFlowNode for safe | semmle.label | ControlFlowNode for safe |
|
||||
| test.py:60:5:60:13 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:60:17:60:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:60:17:60:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:60:17:60:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:61:5:61:10 | ControlFlowNode for unsafe | semmle.label | ControlFlowNode for unsafe |
|
||||
| test.py:62:21:62:26 | ControlFlowNode for unsafe | semmle.label | ControlFlowNode for unsafe |
|
||||
| test.py:67:5:67:13 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:67:17:67:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:67:17:67:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:67:17:67:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:68:5:68:10 | ControlFlowNode for unsafe | semmle.label | ControlFlowNode for unsafe |
|
||||
| test.py:69:21:69:26 | ControlFlowNode for unsafe | semmle.label | ControlFlowNode for unsafe |
|
||||
| test.py:74:5:74:13 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:74:17:74:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:74:17:74:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:74:17:74:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:75:5:75:10 | ControlFlowNode for unsafe | semmle.label | ControlFlowNode for unsafe |
|
||||
| test.py:76:21:76:26 | ControlFlowNode for unsafe | semmle.label | ControlFlowNode for unsafe |
|
||||
| test.py:81:5:81:13 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:81:17:81:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:81:17:81:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:81:17:81:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:82:5:82:10 | ControlFlowNode for unsafe | semmle.label | ControlFlowNode for unsafe |
|
||||
| test.py:83:21:83:26 | ControlFlowNode for unsafe | semmle.label | ControlFlowNode for unsafe |
|
||||
| test.py:90:5:90:13 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:90:17:90:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:90:17:90:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:90:17:90:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:93:18:93:26 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:111:5:111:13 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:111:17:111:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:111:17:111:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:111:17:111:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:114:25:114:33 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:137:5:137:13 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:137:17:137:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:137:17:137:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:137:17:137:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:140:25:140:33 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:145:5:145:13 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:145:17:145:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:145:17:145:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:145:17:145:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:148:25:148:33 | ControlFlowNode for untrusted | semmle.label | ControlFlowNode for untrusted |
|
||||
| test.py:1:26:1:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| test.py:1:26:1:32 | request | semmle.label | request |
|
||||
| test.py:7:5:7:10 | target | semmle.label | target |
|
||||
| test.py:7:14:7:20 | request | semmle.label | request |
|
||||
| test.py:7:14:7:25 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:7:14:7:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:8:21:8:26 | target | semmle.label | target |
|
||||
| test.py:30:5:30:13 | untrusted | semmle.label | untrusted |
|
||||
| test.py:30:17:30:23 | request | semmle.label | request |
|
||||
| test.py:30:17:30:28 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:30:17:30:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:31:5:31:8 | safe | semmle.label | safe |
|
||||
| test.py:32:21:32:24 | safe | semmle.label | safe |
|
||||
| test.py:37:5:37:13 | untrusted | semmle.label | untrusted |
|
||||
| test.py:37:17:37:23 | request | semmle.label | request |
|
||||
| test.py:37:17:37:28 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:37:17:37:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:38:5:38:8 | safe | semmle.label | safe |
|
||||
| test.py:39:21:39:24 | safe | semmle.label | safe |
|
||||
| test.py:44:5:44:13 | untrusted | semmle.label | untrusted |
|
||||
| test.py:44:17:44:23 | request | semmle.label | request |
|
||||
| test.py:44:17:44:28 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:44:17:44:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:45:5:45:8 | safe | semmle.label | safe |
|
||||
| test.py:46:21:46:24 | safe | semmle.label | safe |
|
||||
| test.py:60:5:60:13 | untrusted | semmle.label | untrusted |
|
||||
| test.py:60:17:60:23 | request | semmle.label | request |
|
||||
| test.py:60:17:60:28 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:60:17:60:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:61:5:61:10 | unsafe | semmle.label | unsafe |
|
||||
| test.py:62:21:62:26 | unsafe | semmle.label | unsafe |
|
||||
| test.py:67:5:67:13 | untrusted | semmle.label | untrusted |
|
||||
| test.py:67:17:67:23 | request | semmle.label | request |
|
||||
| test.py:67:17:67:28 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:67:17:67:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:68:5:68:10 | unsafe | semmle.label | unsafe |
|
||||
| test.py:69:21:69:26 | unsafe | semmle.label | unsafe |
|
||||
| test.py:74:5:74:13 | untrusted | semmle.label | untrusted |
|
||||
| test.py:74:17:74:23 | request | semmle.label | request |
|
||||
| test.py:74:17:74:28 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:74:17:74:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:75:5:75:10 | unsafe | semmle.label | unsafe |
|
||||
| test.py:76:21:76:26 | unsafe | semmle.label | unsafe |
|
||||
| test.py:81:5:81:13 | untrusted | semmle.label | untrusted |
|
||||
| test.py:81:17:81:23 | request | semmle.label | request |
|
||||
| test.py:81:17:81:28 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:81:17:81:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:82:5:82:10 | unsafe | semmle.label | unsafe |
|
||||
| test.py:83:21:83:26 | unsafe | semmle.label | unsafe |
|
||||
| test.py:90:5:90:13 | untrusted | semmle.label | untrusted |
|
||||
| test.py:90:17:90:23 | request | semmle.label | request |
|
||||
| test.py:90:17:90:28 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:90:17:90:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:93:18:93:26 | untrusted | semmle.label | untrusted |
|
||||
| test.py:111:5:111:13 | untrusted | semmle.label | untrusted |
|
||||
| test.py:111:17:111:23 | request | semmle.label | request |
|
||||
| test.py:111:17:111:28 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:111:17:111:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:114:25:114:33 | untrusted | semmle.label | untrusted |
|
||||
| test.py:137:5:137:13 | untrusted | semmle.label | untrusted |
|
||||
| test.py:137:17:137:23 | request | semmle.label | request |
|
||||
| test.py:137:17:137:28 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:137:17:137:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:140:25:140:33 | untrusted | semmle.label | untrusted |
|
||||
| test.py:145:5:145:13 | untrusted | semmle.label | untrusted |
|
||||
| test.py:145:17:145:23 | request | semmle.label | request |
|
||||
| test.py:145:17:145:28 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:145:17:145:46 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:148:25:148:33 | untrusted | semmle.label | untrusted |
|
||||
subpaths
|
||||
#select
|
||||
| test.py:8:21:8:26 | ControlFlowNode for target | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:8:21:8:26 | ControlFlowNode for target | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:32:21:32:24 | ControlFlowNode for safe | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:32:21:32:24 | ControlFlowNode for safe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:39:21:39:24 | ControlFlowNode for safe | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:39:21:39:24 | ControlFlowNode for safe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:46:21:46:24 | ControlFlowNode for safe | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:46:21:46:24 | ControlFlowNode for safe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:62:21:62:26 | ControlFlowNode for unsafe | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:62:21:62:26 | ControlFlowNode for unsafe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:69:21:69:26 | ControlFlowNode for unsafe | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:69:21:69:26 | ControlFlowNode for unsafe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:76:21:76:26 | ControlFlowNode for unsafe | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:76:21:76:26 | ControlFlowNode for unsafe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:83:21:83:26 | ControlFlowNode for unsafe | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:83:21:83:26 | ControlFlowNode for unsafe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:93:18:93:26 | ControlFlowNode for untrusted | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:93:18:93:26 | ControlFlowNode for untrusted | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:114:25:114:33 | ControlFlowNode for untrusted | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:114:25:114:33 | ControlFlowNode for untrusted | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:140:25:140:33 | ControlFlowNode for untrusted | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:140:25:140:33 | ControlFlowNode for untrusted | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:148:25:148:33 | ControlFlowNode for untrusted | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:148:25:148:33 | ControlFlowNode for untrusted | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:8:21:8:26 | target | test.py:1:26:1:32 | After ImportMember | test.py:8:21:8:26 | target | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| test.py:32:21:32:24 | safe | test.py:1:26:1:32 | After ImportMember | test.py:32:21:32:24 | safe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| test.py:39:21:39:24 | safe | test.py:1:26:1:32 | After ImportMember | test.py:39:21:39:24 | safe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| test.py:46:21:46:24 | safe | test.py:1:26:1:32 | After ImportMember | test.py:46:21:46:24 | safe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| test.py:62:21:62:26 | unsafe | test.py:1:26:1:32 | After ImportMember | test.py:62:21:62:26 | unsafe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| test.py:69:21:69:26 | unsafe | test.py:1:26:1:32 | After ImportMember | test.py:69:21:69:26 | unsafe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| test.py:76:21:76:26 | unsafe | test.py:1:26:1:32 | After ImportMember | test.py:76:21:76:26 | unsafe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| test.py:83:21:83:26 | unsafe | test.py:1:26:1:32 | After ImportMember | test.py:83:21:83:26 | unsafe | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| test.py:93:18:93:26 | untrusted | test.py:1:26:1:32 | After ImportMember | test.py:93:18:93:26 | untrusted | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| test.py:114:25:114:33 | untrusted | test.py:1:26:1:32 | After ImportMember | test.py:114:25:114:33 | untrusted | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| test.py:140:25:140:33 | untrusted | test.py:1:26:1:32 | After ImportMember | test.py:140:25:140:33 | untrusted | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| test.py:148:25:148:33 | untrusted | test.py:1:26:1:32 | After ImportMember | test.py:148:25:148:33 | untrusted | Untrusted URL redirection depends on a $@. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
|
||||
@@ -1,21 +1,21 @@
|
||||
edges
|
||||
| test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:1:26:1:32 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:9:19:9:25 | ControlFlowNode for request | provenance | |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | test.py:20:19:20:25 | ControlFlowNode for request | provenance | |
|
||||
| test.py:9:5:9:15 | ControlFlowNode for xml_content | test.py:10:34:10:44 | ControlFlowNode for xml_content | provenance | |
|
||||
| test.py:9:19:9:25 | ControlFlowNode for request | test.py:9:5:9:15 | ControlFlowNode for xml_content | provenance | AdditionalTaintStep |
|
||||
| test.py:20:5:20:15 | ControlFlowNode for xml_content | test.py:31:34:31:44 | ControlFlowNode for xml_content | provenance | |
|
||||
| test.py:20:19:20:25 | ControlFlowNode for request | test.py:20:5:20:15 | ControlFlowNode for xml_content | provenance | AdditionalTaintStep |
|
||||
| test.py:1:26:1:32 | After ImportMember | test.py:1:26:1:32 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:9:19:9:25 | request | provenance | |
|
||||
| test.py:1:26:1:32 | request | test.py:20:19:20:25 | request | provenance | |
|
||||
| test.py:9:5:9:15 | xml_content | test.py:10:34:10:44 | xml_content | provenance | |
|
||||
| test.py:9:19:9:25 | request | test.py:9:5:9:15 | xml_content | provenance | AdditionalTaintStep |
|
||||
| test.py:20:5:20:15 | xml_content | test.py:31:34:31:44 | xml_content | provenance | |
|
||||
| test.py:20:19:20:25 | request | test.py:20:5:20:15 | xml_content | provenance | AdditionalTaintStep |
|
||||
nodes
|
||||
| test.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| test.py:1:26:1:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:9:5:9:15 | ControlFlowNode for xml_content | semmle.label | ControlFlowNode for xml_content |
|
||||
| test.py:9:19:9:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:10:34:10:44 | ControlFlowNode for xml_content | semmle.label | ControlFlowNode for xml_content |
|
||||
| test.py:20:5:20:15 | ControlFlowNode for xml_content | semmle.label | ControlFlowNode for xml_content |
|
||||
| test.py:20:19:20:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:31:34:31:44 | ControlFlowNode for xml_content | semmle.label | ControlFlowNode for xml_content |
|
||||
| test.py:1:26:1:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| test.py:1:26:1:32 | request | semmle.label | request |
|
||||
| test.py:9:5:9:15 | xml_content | semmle.label | xml_content |
|
||||
| test.py:9:19:9:25 | request | semmle.label | request |
|
||||
| test.py:10:34:10:44 | xml_content | semmle.label | xml_content |
|
||||
| test.py:20:5:20:15 | xml_content | semmle.label | xml_content |
|
||||
| test.py:20:19:20:25 | request | semmle.label | request |
|
||||
| test.py:31:34:31:44 | xml_content | semmle.label | xml_content |
|
||||
subpaths
|
||||
#select
|
||||
| test.py:10:34:10:44 | ControlFlowNode for xml_content | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:10:34:10:44 | ControlFlowNode for xml_content | XML parsing depends on a $@ without guarding against external entity expansion. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:31:34:31:44 | ControlFlowNode for xml_content | test.py:1:26:1:32 | ControlFlowNode for ImportMember | test.py:31:34:31:44 | ControlFlowNode for xml_content | XML parsing depends on a $@ without guarding against external entity expansion. | test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:10:34:10:44 | xml_content | test.py:1:26:1:32 | After ImportMember | test.py:10:34:10:44 | xml_content | XML parsing depends on a $@ without guarding against external entity expansion. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| test.py:31:34:31:44 | xml_content | test.py:1:26:1:32 | After ImportMember | test.py:31:34:31:44 | xml_content | XML parsing depends on a $@ without guarding against external entity expansion. | test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
| test.py:8:5:8:40 | ControlFlowNode for Attribute() | Cookie is added to response without the 'secure' flag being set. |
|
||||
| test.py:10:5:10:57 | ControlFlowNode for Attribute() | Cookie is added to response without the 'secure' flag being set. |
|
||||
| test.py:11:5:11:60 | ControlFlowNode for Attribute() | Cookie is added to response without the 'secure' flag being set. |
|
||||
| test.py:8:5:8:40 | After Attribute() | Cookie is added to response without the 'secure' flag being set. |
|
||||
| test.py:10:5:10:57 | After Attribute() | Cookie is added to response without the 'secure' flag being set. |
|
||||
| test.py:11:5:11:60 | After Attribute() | Cookie is added to response without the 'secure' flag being set. |
|
||||
|
||||
@@ -1,68 +1,68 @@
|
||||
edges
|
||||
| xpathBad.py:9:7:9:13 | ControlFlowNode for request | xpathBad.py:10:5:10:9 | ControlFlowNode for value | provenance | AdditionalTaintStep |
|
||||
| xpathBad.py:10:5:10:9 | ControlFlowNode for value | xpathBad.py:13:20:13:43 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| xpathFlow.py:2:26:2:32 | ControlFlowNode for ImportMember | xpathFlow.py:2:26:2:32 | ControlFlowNode for request | provenance | |
|
||||
| xpathFlow.py:2:26:2:32 | ControlFlowNode for request | xpathFlow.py:11:18:11:24 | ControlFlowNode for request | provenance | |
|
||||
| xpathFlow.py:2:26:2:32 | ControlFlowNode for request | xpathFlow.py:20:18:20:24 | ControlFlowNode for request | provenance | |
|
||||
| xpathFlow.py:2:26:2:32 | ControlFlowNode for request | xpathFlow.py:30:18:30:24 | ControlFlowNode for request | provenance | |
|
||||
| xpathFlow.py:2:26:2:32 | ControlFlowNode for request | xpathFlow.py:39:18:39:24 | ControlFlowNode for request | provenance | |
|
||||
| xpathFlow.py:2:26:2:32 | ControlFlowNode for request | xpathFlow.py:47:18:47:24 | ControlFlowNode for request | provenance | |
|
||||
| xpathFlow.py:11:5:11:14 | ControlFlowNode for xpathQuery | xpathFlow.py:14:20:14:29 | ControlFlowNode for xpathQuery | provenance | |
|
||||
| xpathFlow.py:11:18:11:24 | ControlFlowNode for request | xpathFlow.py:11:18:11:29 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| xpathFlow.py:11:18:11:29 | ControlFlowNode for Attribute | xpathFlow.py:11:18:11:44 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| xpathFlow.py:11:18:11:44 | ControlFlowNode for Attribute() | xpathFlow.py:11:5:11:14 | ControlFlowNode for xpathQuery | provenance | |
|
||||
| xpathFlow.py:20:5:20:14 | ControlFlowNode for xpathQuery | xpathFlow.py:23:29:23:38 | ControlFlowNode for xpathQuery | provenance | |
|
||||
| xpathFlow.py:20:18:20:24 | ControlFlowNode for request | xpathFlow.py:20:18:20:29 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| xpathFlow.py:20:18:20:29 | ControlFlowNode for Attribute | xpathFlow.py:20:18:20:44 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| xpathFlow.py:20:18:20:44 | ControlFlowNode for Attribute() | xpathFlow.py:20:5:20:14 | ControlFlowNode for xpathQuery | provenance | |
|
||||
| xpathFlow.py:30:5:30:14 | ControlFlowNode for xpathQuery | xpathFlow.py:32:29:32:38 | ControlFlowNode for xpathQuery | provenance | |
|
||||
| xpathFlow.py:30:18:30:24 | ControlFlowNode for request | xpathFlow.py:30:18:30:29 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| xpathFlow.py:30:18:30:29 | ControlFlowNode for Attribute | xpathFlow.py:30:18:30:44 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| xpathFlow.py:30:18:30:44 | ControlFlowNode for Attribute() | xpathFlow.py:30:5:30:14 | ControlFlowNode for xpathQuery | provenance | |
|
||||
| xpathFlow.py:39:5:39:14 | ControlFlowNode for xpathQuery | xpathFlow.py:41:31:41:40 | ControlFlowNode for xpathQuery | provenance | |
|
||||
| xpathFlow.py:39:18:39:24 | ControlFlowNode for request | xpathFlow.py:39:18:39:29 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| xpathFlow.py:39:18:39:29 | ControlFlowNode for Attribute | xpathFlow.py:39:18:39:44 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| xpathFlow.py:39:18:39:44 | ControlFlowNode for Attribute() | xpathFlow.py:39:5:39:14 | ControlFlowNode for xpathQuery | provenance | |
|
||||
| xpathFlow.py:47:5:47:14 | ControlFlowNode for xpathQuery | xpathFlow.py:49:29:49:38 | ControlFlowNode for xpathQuery | provenance | |
|
||||
| xpathFlow.py:47:18:47:24 | ControlFlowNode for request | xpathFlow.py:47:18:47:29 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| xpathFlow.py:47:18:47:29 | ControlFlowNode for Attribute | xpathFlow.py:47:18:47:44 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| xpathFlow.py:47:18:47:44 | ControlFlowNode for Attribute() | xpathFlow.py:47:5:47:14 | ControlFlowNode for xpathQuery | provenance | |
|
||||
| xpathBad.py:9:7:9:13 | request | xpathBad.py:10:5:10:9 | value | provenance | AdditionalTaintStep |
|
||||
| xpathBad.py:10:5:10:9 | value | xpathBad.py:13:20:13:43 | After BinaryExpr | provenance | |
|
||||
| xpathFlow.py:2:26:2:32 | After ImportMember | xpathFlow.py:2:26:2:32 | request | provenance | |
|
||||
| xpathFlow.py:2:26:2:32 | request | xpathFlow.py:11:18:11:24 | request | provenance | |
|
||||
| xpathFlow.py:2:26:2:32 | request | xpathFlow.py:20:18:20:24 | request | provenance | |
|
||||
| xpathFlow.py:2:26:2:32 | request | xpathFlow.py:30:18:30:24 | request | provenance | |
|
||||
| xpathFlow.py:2:26:2:32 | request | xpathFlow.py:39:18:39:24 | request | provenance | |
|
||||
| xpathFlow.py:2:26:2:32 | request | xpathFlow.py:47:18:47:24 | request | provenance | |
|
||||
| xpathFlow.py:11:5:11:14 | xpathQuery | xpathFlow.py:14:20:14:29 | xpathQuery | provenance | |
|
||||
| xpathFlow.py:11:18:11:24 | request | xpathFlow.py:11:18:11:29 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| xpathFlow.py:11:18:11:29 | After Attribute | xpathFlow.py:11:18:11:44 | After Attribute() | provenance | dict.get |
|
||||
| xpathFlow.py:11:18:11:44 | After Attribute() | xpathFlow.py:11:5:11:14 | xpathQuery | provenance | |
|
||||
| xpathFlow.py:20:5:20:14 | xpathQuery | xpathFlow.py:23:29:23:38 | xpathQuery | provenance | |
|
||||
| xpathFlow.py:20:18:20:24 | request | xpathFlow.py:20:18:20:29 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| xpathFlow.py:20:18:20:29 | After Attribute | xpathFlow.py:20:18:20:44 | After Attribute() | provenance | dict.get |
|
||||
| xpathFlow.py:20:18:20:44 | After Attribute() | xpathFlow.py:20:5:20:14 | xpathQuery | provenance | |
|
||||
| xpathFlow.py:30:5:30:14 | xpathQuery | xpathFlow.py:32:29:32:38 | xpathQuery | provenance | |
|
||||
| xpathFlow.py:30:18:30:24 | request | xpathFlow.py:30:18:30:29 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| xpathFlow.py:30:18:30:29 | After Attribute | xpathFlow.py:30:18:30:44 | After Attribute() | provenance | dict.get |
|
||||
| xpathFlow.py:30:18:30:44 | After Attribute() | xpathFlow.py:30:5:30:14 | xpathQuery | provenance | |
|
||||
| xpathFlow.py:39:5:39:14 | xpathQuery | xpathFlow.py:41:31:41:40 | xpathQuery | provenance | |
|
||||
| xpathFlow.py:39:18:39:24 | request | xpathFlow.py:39:18:39:29 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| xpathFlow.py:39:18:39:29 | After Attribute | xpathFlow.py:39:18:39:44 | After Attribute() | provenance | dict.get |
|
||||
| xpathFlow.py:39:18:39:44 | After Attribute() | xpathFlow.py:39:5:39:14 | xpathQuery | provenance | |
|
||||
| xpathFlow.py:47:5:47:14 | xpathQuery | xpathFlow.py:49:29:49:38 | xpathQuery | provenance | |
|
||||
| xpathFlow.py:47:18:47:24 | request | xpathFlow.py:47:18:47:29 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| xpathFlow.py:47:18:47:29 | After Attribute | xpathFlow.py:47:18:47:44 | After Attribute() | provenance | dict.get |
|
||||
| xpathFlow.py:47:18:47:44 | After Attribute() | xpathFlow.py:47:5:47:14 | xpathQuery | provenance | |
|
||||
nodes
|
||||
| xpathBad.py:9:7:9:13 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xpathBad.py:10:5:10:9 | ControlFlowNode for value | semmle.label | ControlFlowNode for value |
|
||||
| xpathBad.py:13:20:13:43 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| xpathFlow.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| xpathFlow.py:2:26:2:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xpathFlow.py:11:5:11:14 | ControlFlowNode for xpathQuery | semmle.label | ControlFlowNode for xpathQuery |
|
||||
| xpathFlow.py:11:18:11:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xpathFlow.py:11:18:11:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| xpathFlow.py:11:18:11:44 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xpathFlow.py:14:20:14:29 | ControlFlowNode for xpathQuery | semmle.label | ControlFlowNode for xpathQuery |
|
||||
| xpathFlow.py:20:5:20:14 | ControlFlowNode for xpathQuery | semmle.label | ControlFlowNode for xpathQuery |
|
||||
| xpathFlow.py:20:18:20:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xpathFlow.py:20:18:20:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| xpathFlow.py:20:18:20:44 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xpathFlow.py:23:29:23:38 | ControlFlowNode for xpathQuery | semmle.label | ControlFlowNode for xpathQuery |
|
||||
| xpathFlow.py:30:5:30:14 | ControlFlowNode for xpathQuery | semmle.label | ControlFlowNode for xpathQuery |
|
||||
| xpathFlow.py:30:18:30:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xpathFlow.py:30:18:30:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| xpathFlow.py:30:18:30:44 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xpathFlow.py:32:29:32:38 | ControlFlowNode for xpathQuery | semmle.label | ControlFlowNode for xpathQuery |
|
||||
| xpathFlow.py:39:5:39:14 | ControlFlowNode for xpathQuery | semmle.label | ControlFlowNode for xpathQuery |
|
||||
| xpathFlow.py:39:18:39:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xpathFlow.py:39:18:39:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| xpathFlow.py:39:18:39:44 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xpathFlow.py:41:31:41:40 | ControlFlowNode for xpathQuery | semmle.label | ControlFlowNode for xpathQuery |
|
||||
| xpathFlow.py:47:5:47:14 | ControlFlowNode for xpathQuery | semmle.label | ControlFlowNode for xpathQuery |
|
||||
| xpathFlow.py:47:18:47:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| xpathFlow.py:47:18:47:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| xpathFlow.py:47:18:47:44 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| xpathFlow.py:49:29:49:38 | ControlFlowNode for xpathQuery | semmle.label | ControlFlowNode for xpathQuery |
|
||||
| xpathBad.py:9:7:9:13 | request | semmle.label | request |
|
||||
| xpathBad.py:10:5:10:9 | value | semmle.label | value |
|
||||
| xpathBad.py:13:20:13:43 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| xpathFlow.py:2:26:2:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| xpathFlow.py:2:26:2:32 | request | semmle.label | request |
|
||||
| xpathFlow.py:11:5:11:14 | xpathQuery | semmle.label | xpathQuery |
|
||||
| xpathFlow.py:11:18:11:24 | request | semmle.label | request |
|
||||
| xpathFlow.py:11:18:11:29 | After Attribute | semmle.label | After Attribute |
|
||||
| xpathFlow.py:11:18:11:44 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xpathFlow.py:14:20:14:29 | xpathQuery | semmle.label | xpathQuery |
|
||||
| xpathFlow.py:20:5:20:14 | xpathQuery | semmle.label | xpathQuery |
|
||||
| xpathFlow.py:20:18:20:24 | request | semmle.label | request |
|
||||
| xpathFlow.py:20:18:20:29 | After Attribute | semmle.label | After Attribute |
|
||||
| xpathFlow.py:20:18:20:44 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xpathFlow.py:23:29:23:38 | xpathQuery | semmle.label | xpathQuery |
|
||||
| xpathFlow.py:30:5:30:14 | xpathQuery | semmle.label | xpathQuery |
|
||||
| xpathFlow.py:30:18:30:24 | request | semmle.label | request |
|
||||
| xpathFlow.py:30:18:30:29 | After Attribute | semmle.label | After Attribute |
|
||||
| xpathFlow.py:30:18:30:44 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xpathFlow.py:32:29:32:38 | xpathQuery | semmle.label | xpathQuery |
|
||||
| xpathFlow.py:39:5:39:14 | xpathQuery | semmle.label | xpathQuery |
|
||||
| xpathFlow.py:39:18:39:24 | request | semmle.label | request |
|
||||
| xpathFlow.py:39:18:39:29 | After Attribute | semmle.label | After Attribute |
|
||||
| xpathFlow.py:39:18:39:44 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xpathFlow.py:41:31:41:40 | xpathQuery | semmle.label | xpathQuery |
|
||||
| xpathFlow.py:47:5:47:14 | xpathQuery | semmle.label | xpathQuery |
|
||||
| xpathFlow.py:47:18:47:24 | request | semmle.label | request |
|
||||
| xpathFlow.py:47:18:47:29 | After Attribute | semmle.label | After Attribute |
|
||||
| xpathFlow.py:47:18:47:44 | After Attribute() | semmle.label | After Attribute() |
|
||||
| xpathFlow.py:49:29:49:38 | xpathQuery | semmle.label | xpathQuery |
|
||||
subpaths
|
||||
#select
|
||||
| xpathBad.py:13:20:13:43 | ControlFlowNode for BinaryExpr | xpathBad.py:9:7:9:13 | ControlFlowNode for request | xpathBad.py:13:20:13:43 | ControlFlowNode for BinaryExpr | XPath expression depends on a $@. | xpathBad.py:9:7:9:13 | ControlFlowNode for request | user-provided value |
|
||||
| xpathFlow.py:14:20:14:29 | ControlFlowNode for xpathQuery | xpathFlow.py:2:26:2:32 | ControlFlowNode for ImportMember | xpathFlow.py:14:20:14:29 | ControlFlowNode for xpathQuery | XPath expression depends on a $@. | xpathFlow.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| xpathFlow.py:23:29:23:38 | ControlFlowNode for xpathQuery | xpathFlow.py:2:26:2:32 | ControlFlowNode for ImportMember | xpathFlow.py:23:29:23:38 | ControlFlowNode for xpathQuery | XPath expression depends on a $@. | xpathFlow.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| xpathFlow.py:32:29:32:38 | ControlFlowNode for xpathQuery | xpathFlow.py:2:26:2:32 | ControlFlowNode for ImportMember | xpathFlow.py:32:29:32:38 | ControlFlowNode for xpathQuery | XPath expression depends on a $@. | xpathFlow.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| xpathFlow.py:41:31:41:40 | ControlFlowNode for xpathQuery | xpathFlow.py:2:26:2:32 | ControlFlowNode for ImportMember | xpathFlow.py:41:31:41:40 | ControlFlowNode for xpathQuery | XPath expression depends on a $@. | xpathFlow.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| xpathFlow.py:49:29:49:38 | ControlFlowNode for xpathQuery | xpathFlow.py:2:26:2:32 | ControlFlowNode for ImportMember | xpathFlow.py:49:29:49:38 | ControlFlowNode for xpathQuery | XPath expression depends on a $@. | xpathFlow.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| xpathBad.py:13:20:13:43 | After BinaryExpr | xpathBad.py:9:7:9:13 | request | xpathBad.py:13:20:13:43 | After BinaryExpr | XPath expression depends on a $@. | xpathBad.py:9:7:9:13 | request | user-provided value |
|
||||
| xpathFlow.py:14:20:14:29 | xpathQuery | xpathFlow.py:2:26:2:32 | After ImportMember | xpathFlow.py:14:20:14:29 | xpathQuery | XPath expression depends on a $@. | xpathFlow.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| xpathFlow.py:23:29:23:38 | xpathQuery | xpathFlow.py:2:26:2:32 | After ImportMember | xpathFlow.py:23:29:23:38 | xpathQuery | XPath expression depends on a $@. | xpathFlow.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| xpathFlow.py:32:29:32:38 | xpathQuery | xpathFlow.py:2:26:2:32 | After ImportMember | xpathFlow.py:32:29:32:38 | xpathQuery | XPath expression depends on a $@. | xpathFlow.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| xpathFlow.py:41:31:41:40 | xpathQuery | xpathFlow.py:2:26:2:32 | After ImportMember | xpathFlow.py:41:31:41:40 | xpathQuery | XPath expression depends on a $@. | xpathFlow.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| xpathFlow.py:49:29:49:38 | xpathQuery | xpathFlow.py:2:26:2:32 | After ImportMember | xpathFlow.py:49:29:49:38 | xpathQuery | XPath expression depends on a $@. | xpathFlow.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
|
||||
@@ -1,34 +1,34 @@
|
||||
edges
|
||||
| test.py:2:26:2:32 | ControlFlowNode for ImportMember | test.py:2:26:2:32 | ControlFlowNode for request | provenance | |
|
||||
| test.py:2:26:2:32 | ControlFlowNode for request | test.py:7:12:7:18 | ControlFlowNode for request | provenance | |
|
||||
| test.py:7:5:7:8 | ControlFlowNode for text | test.py:8:30:8:33 | ControlFlowNode for text | provenance | |
|
||||
| test.py:7:5:7:8 | ControlFlowNode for text | test.py:9:32:9:35 | ControlFlowNode for text | provenance | |
|
||||
| test.py:7:5:7:8 | ControlFlowNode for text | test.py:12:17:12:20 | ControlFlowNode for text | provenance | |
|
||||
| test.py:7:5:7:8 | ControlFlowNode for text | test.py:18:28:18:31 | ControlFlowNode for text | provenance | |
|
||||
| test.py:7:5:7:8 | ControlFlowNode for text | test.py:21:18:21:21 | ControlFlowNode for text | provenance | |
|
||||
| test.py:7:12:7:18 | ControlFlowNode for request | test.py:7:12:7:23 | ControlFlowNode for Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:7:12:7:23 | ControlFlowNode for Attribute | test.py:7:12:7:35 | ControlFlowNode for Attribute() | provenance | dict.get |
|
||||
| test.py:7:12:7:35 | ControlFlowNode for Attribute() | test.py:7:5:7:8 | ControlFlowNode for text | provenance | |
|
||||
| test.py:14:33:14:39 | ControlFlowNode for my_text | test.py:16:24:16:30 | ControlFlowNode for my_text | provenance | |
|
||||
| test.py:18:28:18:31 | ControlFlowNode for text | test.py:14:33:14:39 | ControlFlowNode for my_text | provenance | |
|
||||
| test.py:2:26:2:32 | After ImportMember | test.py:2:26:2:32 | request | provenance | |
|
||||
| test.py:2:26:2:32 | request | test.py:7:12:7:18 | request | provenance | |
|
||||
| test.py:7:5:7:8 | text | test.py:8:30:8:33 | text | provenance | |
|
||||
| test.py:7:5:7:8 | text | test.py:9:32:9:35 | text | provenance | |
|
||||
| test.py:7:5:7:8 | text | test.py:12:17:12:20 | text | provenance | |
|
||||
| test.py:7:5:7:8 | text | test.py:18:28:18:31 | text | provenance | |
|
||||
| test.py:7:5:7:8 | text | test.py:21:18:21:21 | text | provenance | |
|
||||
| test.py:7:12:7:18 | request | test.py:7:12:7:23 | After Attribute | provenance | AdditionalTaintStep |
|
||||
| test.py:7:12:7:23 | After Attribute | test.py:7:12:7:35 | After Attribute() | provenance | dict.get |
|
||||
| test.py:7:12:7:35 | After Attribute() | test.py:7:5:7:8 | text | provenance | |
|
||||
| test.py:14:33:14:39 | my_text | test.py:16:24:16:30 | my_text | provenance | |
|
||||
| test.py:18:28:18:31 | text | test.py:14:33:14:39 | my_text | provenance | |
|
||||
nodes
|
||||
| test.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| test.py:2:26:2:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:7:5:7:8 | ControlFlowNode for text | semmle.label | ControlFlowNode for text |
|
||||
| test.py:7:12:7:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| test.py:7:12:7:23 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| test.py:7:12:7:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:8:30:8:33 | ControlFlowNode for text | semmle.label | ControlFlowNode for text |
|
||||
| test.py:9:32:9:35 | ControlFlowNode for text | semmle.label | ControlFlowNode for text |
|
||||
| test.py:12:17:12:20 | ControlFlowNode for text | semmle.label | ControlFlowNode for text |
|
||||
| test.py:14:33:14:39 | ControlFlowNode for my_text | semmle.label | ControlFlowNode for my_text |
|
||||
| test.py:16:24:16:30 | ControlFlowNode for my_text | semmle.label | ControlFlowNode for my_text |
|
||||
| test.py:18:28:18:31 | ControlFlowNode for text | semmle.label | ControlFlowNode for text |
|
||||
| test.py:21:18:21:21 | ControlFlowNode for text | semmle.label | ControlFlowNode for text |
|
||||
| test.py:2:26:2:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| test.py:2:26:2:32 | request | semmle.label | request |
|
||||
| test.py:7:5:7:8 | text | semmle.label | text |
|
||||
| test.py:7:12:7:18 | request | semmle.label | request |
|
||||
| test.py:7:12:7:23 | After Attribute | semmle.label | After Attribute |
|
||||
| test.py:7:12:7:35 | After Attribute() | semmle.label | After Attribute() |
|
||||
| test.py:8:30:8:33 | text | semmle.label | text |
|
||||
| test.py:9:32:9:35 | text | semmle.label | text |
|
||||
| test.py:12:17:12:20 | text | semmle.label | text |
|
||||
| test.py:14:33:14:39 | my_text | semmle.label | my_text |
|
||||
| test.py:16:24:16:30 | my_text | semmle.label | my_text |
|
||||
| test.py:18:28:18:31 | text | semmle.label | text |
|
||||
| test.py:21:18:21:21 | text | semmle.label | text |
|
||||
subpaths
|
||||
#select
|
||||
| test.py:8:30:8:33 | ControlFlowNode for text | test.py:2:26:2:32 | ControlFlowNode for ImportMember | test.py:8:30:8:33 | ControlFlowNode for text | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | test.py:8:19:8:21 | \\s+ | regular expression | test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:9:32:9:35 | ControlFlowNode for text | test.py:2:26:2:32 | ControlFlowNode for ImportMember | test.py:9:32:9:35 | ControlFlowNode for text | This $@ that depends on a $@ may run slow on strings starting with '0.9' and with many repetitions of '99'. | test.py:9:25:9:27 | \\d+ | regular expression | test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:12:17:12:20 | ControlFlowNode for text | test.py:2:26:2:32 | ControlFlowNode for ImportMember | test.py:12:17:12:20 | ControlFlowNode for text | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | test.py:11:29:11:31 | \\s+ | regular expression | test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:16:24:16:30 | ControlFlowNode for my_text | test.py:2:26:2:32 | ControlFlowNode for ImportMember | test.py:16:24:16:30 | ControlFlowNode for my_text | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | test.py:18:21:18:23 | \\s+ | regular expression | test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:21:18:21:21 | ControlFlowNode for text | test.py:2:26:2:32 | ControlFlowNode for ImportMember | test.py:21:18:21:21 | ControlFlowNode for text | This $@ that depends on a $@ may run slow on strings starting with 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC' and with many repetitions of 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC'. | test.py:20:271:20:272 | .* | regular expression | test.py:2:26:2:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| test.py:8:30:8:33 | text | test.py:2:26:2:32 | After ImportMember | test.py:8:30:8:33 | text | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | test.py:8:19:8:21 | \\s+ | regular expression | test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| test.py:9:32:9:35 | text | test.py:2:26:2:32 | After ImportMember | test.py:9:32:9:35 | text | This $@ that depends on a $@ may run slow on strings starting with '0.9' and with many repetitions of '99'. | test.py:9:25:9:27 | \\d+ | regular expression | test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| test.py:12:17:12:20 | text | test.py:2:26:2:32 | After ImportMember | test.py:12:17:12:20 | text | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | test.py:11:29:11:31 | \\s+ | regular expression | test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| test.py:16:24:16:30 | my_text | test.py:2:26:2:32 | After ImportMember | test.py:16:24:16:30 | my_text | This $@ that depends on a $@ may run slow on strings with many repetitions of ' '. | test.py:18:21:18:23 | \\s+ | regular expression | test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
| test.py:21:18:21:21 | text | test.py:2:26:2:32 | After ImportMember | test.py:21:18:21:21 | text | This $@ that depends on a $@ may run slow on strings starting with 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC' and with many repetitions of 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC'. | test.py:20:271:20:272 | .* | regular expression | test.py:2:26:2:32 | After ImportMember | user-provided value |
|
||||
|
||||
@@ -1,28 +1,28 @@
|
||||
edges
|
||||
| re_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | re_bad.py:1:19:1:25 | ControlFlowNode for request | provenance | |
|
||||
| re_bad.py:1:19:1:25 | ControlFlowNode for request | re_bad.py:13:22:13:28 | ControlFlowNode for request | provenance | |
|
||||
| re_bad.py:1:19:1:25 | ControlFlowNode for request | re_bad.py:24:22:24:28 | ControlFlowNode for request | provenance | |
|
||||
| re_bad.py:1:19:1:25 | ControlFlowNode for request | re_bad.py:36:22:36:28 | ControlFlowNode for request | provenance | |
|
||||
| re_bad.py:13:5:13:18 | ControlFlowNode for unsafe_pattern | re_bad.py:14:15:14:28 | ControlFlowNode for unsafe_pattern | provenance | |
|
||||
| re_bad.py:13:22:13:28 | ControlFlowNode for request | re_bad.py:13:5:13:18 | ControlFlowNode for unsafe_pattern | provenance | AdditionalTaintStep |
|
||||
| re_bad.py:24:5:24:18 | ControlFlowNode for unsafe_pattern | re_bad.py:25:35:25:48 | ControlFlowNode for unsafe_pattern | provenance | |
|
||||
| re_bad.py:24:22:24:28 | ControlFlowNode for request | re_bad.py:24:5:24:18 | ControlFlowNode for unsafe_pattern | provenance | AdditionalTaintStep |
|
||||
| re_bad.py:36:5:36:18 | ControlFlowNode for unsafe_pattern | re_bad.py:37:16:37:29 | ControlFlowNode for unsafe_pattern | provenance | |
|
||||
| re_bad.py:36:22:36:28 | ControlFlowNode for request | re_bad.py:36:5:36:18 | ControlFlowNode for unsafe_pattern | provenance | AdditionalTaintStep |
|
||||
| re_bad.py:1:19:1:25 | After ImportMember | re_bad.py:1:19:1:25 | request | provenance | |
|
||||
| re_bad.py:1:19:1:25 | request | re_bad.py:13:22:13:28 | request | provenance | |
|
||||
| re_bad.py:1:19:1:25 | request | re_bad.py:24:22:24:28 | request | provenance | |
|
||||
| re_bad.py:1:19:1:25 | request | re_bad.py:36:22:36:28 | request | provenance | |
|
||||
| re_bad.py:13:5:13:18 | unsafe_pattern | re_bad.py:14:15:14:28 | unsafe_pattern | provenance | |
|
||||
| re_bad.py:13:22:13:28 | request | re_bad.py:13:5:13:18 | unsafe_pattern | provenance | AdditionalTaintStep |
|
||||
| re_bad.py:24:5:24:18 | unsafe_pattern | re_bad.py:25:35:25:48 | unsafe_pattern | provenance | |
|
||||
| re_bad.py:24:22:24:28 | request | re_bad.py:24:5:24:18 | unsafe_pattern | provenance | AdditionalTaintStep |
|
||||
| re_bad.py:36:5:36:18 | unsafe_pattern | re_bad.py:37:16:37:29 | unsafe_pattern | provenance | |
|
||||
| re_bad.py:36:22:36:28 | request | re_bad.py:36:5:36:18 | unsafe_pattern | provenance | AdditionalTaintStep |
|
||||
nodes
|
||||
| re_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| re_bad.py:1:19:1:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| re_bad.py:13:5:13:18 | ControlFlowNode for unsafe_pattern | semmle.label | ControlFlowNode for unsafe_pattern |
|
||||
| re_bad.py:13:22:13:28 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| re_bad.py:14:15:14:28 | ControlFlowNode for unsafe_pattern | semmle.label | ControlFlowNode for unsafe_pattern |
|
||||
| re_bad.py:24:5:24:18 | ControlFlowNode for unsafe_pattern | semmle.label | ControlFlowNode for unsafe_pattern |
|
||||
| re_bad.py:24:22:24:28 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| re_bad.py:25:35:25:48 | ControlFlowNode for unsafe_pattern | semmle.label | ControlFlowNode for unsafe_pattern |
|
||||
| re_bad.py:36:5:36:18 | ControlFlowNode for unsafe_pattern | semmle.label | ControlFlowNode for unsafe_pattern |
|
||||
| re_bad.py:36:22:36:28 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| re_bad.py:37:16:37:29 | ControlFlowNode for unsafe_pattern | semmle.label | ControlFlowNode for unsafe_pattern |
|
||||
| re_bad.py:1:19:1:25 | After ImportMember | semmle.label | After ImportMember |
|
||||
| re_bad.py:1:19:1:25 | request | semmle.label | request |
|
||||
| re_bad.py:13:5:13:18 | unsafe_pattern | semmle.label | unsafe_pattern |
|
||||
| re_bad.py:13:22:13:28 | request | semmle.label | request |
|
||||
| re_bad.py:14:15:14:28 | unsafe_pattern | semmle.label | unsafe_pattern |
|
||||
| re_bad.py:24:5:24:18 | unsafe_pattern | semmle.label | unsafe_pattern |
|
||||
| re_bad.py:24:22:24:28 | request | semmle.label | request |
|
||||
| re_bad.py:25:35:25:48 | unsafe_pattern | semmle.label | unsafe_pattern |
|
||||
| re_bad.py:36:5:36:18 | unsafe_pattern | semmle.label | unsafe_pattern |
|
||||
| re_bad.py:36:22:36:28 | request | semmle.label | request |
|
||||
| re_bad.py:37:16:37:29 | unsafe_pattern | semmle.label | unsafe_pattern |
|
||||
subpaths
|
||||
#select
|
||||
| re_bad.py:14:15:14:28 | ControlFlowNode for unsafe_pattern | re_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | re_bad.py:14:15:14:28 | ControlFlowNode for unsafe_pattern | This regular expression depends on a $@ and is executed by $@. | re_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value | re_bad.py:14:5:14:33 | ControlFlowNode for Attribute() | re.search |
|
||||
| re_bad.py:25:35:25:48 | ControlFlowNode for unsafe_pattern | re_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | re_bad.py:25:35:25:48 | ControlFlowNode for unsafe_pattern | This regular expression depends on a $@ and is executed by $@. | re_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value | re_bad.py:26:5:26:31 | ControlFlowNode for Attribute() | re.search |
|
||||
| re_bad.py:37:16:37:29 | ControlFlowNode for unsafe_pattern | re_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | re_bad.py:37:16:37:29 | ControlFlowNode for unsafe_pattern | This regular expression depends on a $@ and is executed by $@. | re_bad.py:1:19:1:25 | ControlFlowNode for ImportMember | user-provided value | re_bad.py:37:5:37:41 | ControlFlowNode for Attribute() | re.search |
|
||||
| re_bad.py:14:15:14:28 | unsafe_pattern | re_bad.py:1:19:1:25 | After ImportMember | re_bad.py:14:15:14:28 | unsafe_pattern | This regular expression depends on a $@ and is executed by $@. | re_bad.py:1:19:1:25 | After ImportMember | user-provided value | re_bad.py:14:5:14:33 | After Attribute() | re.search |
|
||||
| re_bad.py:25:35:25:48 | unsafe_pattern | re_bad.py:1:19:1:25 | After ImportMember | re_bad.py:25:35:25:48 | unsafe_pattern | This regular expression depends on a $@ and is executed by $@. | re_bad.py:1:19:1:25 | After ImportMember | user-provided value | re_bad.py:26:5:26:31 | After Attribute() | re.search |
|
||||
| re_bad.py:37:16:37:29 | unsafe_pattern | re_bad.py:1:19:1:25 | After ImportMember | re_bad.py:37:16:37:29 | unsafe_pattern | This regular expression depends on a $@ and is executed by $@. | re_bad.py:1:19:1:25 | After ImportMember | user-provided value | re_bad.py:37:5:37:41 | After Attribute() | re.search |
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
| test.py:7:1:7:19 | ControlFlowNode for Attribute() | Overly permissive mask in chmod sets file to world writable. |
|
||||
| test.py:8:1:8:20 | ControlFlowNode for Attribute() | Overly permissive mask in chmod sets file to world writable. |
|
||||
| test.py:9:1:9:21 | ControlFlowNode for Attribute() | Overly permissive mask in chmod sets file to world writable. |
|
||||
| test.py:11:1:11:21 | ControlFlowNode for Attribute() | Overly permissive mask in chmod sets file to group readable. |
|
||||
| test.py:14:1:14:19 | ControlFlowNode for Attribute() | Overly permissive mask in chmod sets file to group writable. |
|
||||
| test.py:16:1:16:25 | ControlFlowNode for Attribute() | Overly permissive mask in open sets file to world readable. |
|
||||
| test.py:7:1:7:19 | After Attribute() | Overly permissive mask in chmod sets file to world writable. |
|
||||
| test.py:8:1:8:20 | After Attribute() | Overly permissive mask in chmod sets file to world writable. |
|
||||
| test.py:9:1:9:21 | After Attribute() | Overly permissive mask in chmod sets file to world writable. |
|
||||
| test.py:11:1:11:21 | After Attribute() | Overly permissive mask in chmod sets file to group readable. |
|
||||
| test.py:14:1:14:19 | After Attribute() | Overly permissive mask in chmod sets file to group writable. |
|
||||
| test.py:16:1:16:25 | After Attribute() | Overly permissive mask in open sets file to world readable. |
|
||||
|
||||
@@ -1,16 +1,16 @@
|
||||
edges
|
||||
| test.py:5:1:5:8 | ControlFlowNode for USERNAME | test.py:14:18:14:25 | ControlFlowNode for USERNAME | provenance | |
|
||||
| test.py:5:12:5:24 | ControlFlowNode for StringLiteral | test.py:5:1:5:8 | ControlFlowNode for USERNAME | provenance | |
|
||||
| test.py:6:1:6:8 | ControlFlowNode for PASSWORD | test.py:15:18:15:25 | ControlFlowNode for PASSWORD | provenance | |
|
||||
| test.py:6:12:6:25 | ControlFlowNode for StringLiteral | test.py:6:1:6:8 | ControlFlowNode for PASSWORD | provenance | |
|
||||
| test.py:5:1:5:8 | USERNAME | test.py:14:18:14:25 | USERNAME | provenance | |
|
||||
| test.py:5:12:5:24 | StringLiteral | test.py:5:1:5:8 | USERNAME | provenance | |
|
||||
| test.py:6:1:6:8 | PASSWORD | test.py:15:18:15:25 | PASSWORD | provenance | |
|
||||
| test.py:6:12:6:25 | StringLiteral | test.py:6:1:6:8 | PASSWORD | provenance | |
|
||||
nodes
|
||||
| test.py:5:1:5:8 | ControlFlowNode for USERNAME | semmle.label | ControlFlowNode for USERNAME |
|
||||
| test.py:5:12:5:24 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| test.py:6:1:6:8 | ControlFlowNode for PASSWORD | semmle.label | ControlFlowNode for PASSWORD |
|
||||
| test.py:6:12:6:25 | ControlFlowNode for StringLiteral | semmle.label | ControlFlowNode for StringLiteral |
|
||||
| test.py:14:18:14:25 | ControlFlowNode for USERNAME | semmle.label | ControlFlowNode for USERNAME |
|
||||
| test.py:15:18:15:25 | ControlFlowNode for PASSWORD | semmle.label | ControlFlowNode for PASSWORD |
|
||||
| test.py:5:1:5:8 | USERNAME | semmle.label | USERNAME |
|
||||
| test.py:5:12:5:24 | StringLiteral | semmle.label | StringLiteral |
|
||||
| test.py:6:1:6:8 | PASSWORD | semmle.label | PASSWORD |
|
||||
| test.py:6:12:6:25 | StringLiteral | semmle.label | StringLiteral |
|
||||
| test.py:14:18:14:25 | USERNAME | semmle.label | USERNAME |
|
||||
| test.py:15:18:15:25 | PASSWORD | semmle.label | PASSWORD |
|
||||
subpaths
|
||||
#select
|
||||
| test.py:5:12:5:24 | ControlFlowNode for StringLiteral | test.py:5:12:5:24 | ControlFlowNode for StringLiteral | test.py:14:18:14:25 | ControlFlowNode for USERNAME | This hardcoded value is $@. | test.py:14:18:14:25 | ControlFlowNode for USERNAME | used as credentials |
|
||||
| test.py:6:12:6:25 | ControlFlowNode for StringLiteral | test.py:6:12:6:25 | ControlFlowNode for StringLiteral | test.py:15:18:15:25 | ControlFlowNode for PASSWORD | This hardcoded value is $@. | test.py:15:18:15:25 | ControlFlowNode for PASSWORD | used as credentials |
|
||||
| test.py:5:12:5:24 | StringLiteral | test.py:5:12:5:24 | StringLiteral | test.py:14:18:14:25 | USERNAME | This hardcoded value is $@. | test.py:14:18:14:25 | USERNAME | used as credentials |
|
||||
| test.py:6:12:6:25 | StringLiteral | test.py:6:12:6:25 | StringLiteral | test.py:15:18:15:25 | PASSWORD | This hardcoded value is $@. | test.py:15:18:15:25 | PASSWORD | used as credentials |
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
| fastapi.py:10:1:16:1 | ControlFlowNode for Attribute() | This CORS middleware uses a vulnerable configuration that allows arbitrary websites to make authenticated cross-site requests |
|
||||
| starlette.py:8:5:8:75 | ControlFlowNode for Middleware() | This CORS middleware uses a vulnerable configuration that allows arbitrary websites to make authenticated cross-site requests |
|
||||
| fastapi.py:10:1:16:1 | After Attribute() | This CORS middleware uses a vulnerable configuration that allows arbitrary websites to make authenticated cross-site requests |
|
||||
| starlette.py:8:5:8:75 | After Middleware() | This CORS middleware uses a vulnerable configuration that allows arbitrary websites to make authenticated cross-site requests |
|
||||
|
||||
@@ -1,269 +1,269 @@
|
||||
edges
|
||||
| PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | PoC/server.py:1:26:1:32 | ControlFlowNode for request | provenance | |
|
||||
| PoC/server.py:1:26:1:32 | ControlFlowNode for request | PoC/server.py:26:21:26:27 | ControlFlowNode for request | provenance | |
|
||||
| PoC/server.py:1:26:1:32 | ControlFlowNode for request | PoC/server.py:43:14:43:20 | ControlFlowNode for request | provenance | |
|
||||
| PoC/server.py:1:26:1:32 | ControlFlowNode for request | PoC/server.py:52:14:52:20 | ControlFlowNode for request | provenance | |
|
||||
| PoC/server.py:1:26:1:32 | ControlFlowNode for request | PoC/server.py:77:14:77:20 | ControlFlowNode for request | provenance | |
|
||||
| PoC/server.py:1:26:1:32 | ControlFlowNode for request | PoC/server.py:98:14:98:20 | ControlFlowNode for request | provenance | |
|
||||
| PoC/server.py:26:5:26:17 | ControlFlowNode for author_string | PoC/server.py:27:25:27:37 | ControlFlowNode for author_string | provenance | |
|
||||
| PoC/server.py:26:21:26:27 | ControlFlowNode for request | PoC/server.py:26:5:26:17 | ControlFlowNode for author_string | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:27:5:27:10 | ControlFlowNode for author | PoC/server.py:30:27:30:44 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:27:5:27:10 | ControlFlowNode for author | PoC/server.py:31:34:31:51 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:27:14:27:38 | ControlFlowNode for Attribute() | PoC/server.py:27:5:27:10 | ControlFlowNode for author | provenance | |
|
||||
| PoC/server.py:27:25:27:37 | ControlFlowNode for author_string | PoC/server.py:27:14:27:38 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| PoC/server.py:43:5:43:10 | ControlFlowNode for author | PoC/server.py:47:38:47:67 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| PoC/server.py:43:14:43:20 | ControlFlowNode for request | PoC/server.py:43:5:43:10 | ControlFlowNode for author | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:47:38:47:67 | ControlFlowNode for BinaryExpr | PoC/server.py:47:27:47:68 | ControlFlowNode for Dict | provenance | Config |
|
||||
| PoC/server.py:52:5:52:10 | ControlFlowNode for author | PoC/server.py:54:17:54:70 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| PoC/server.py:52:14:52:20 | ControlFlowNode for request | PoC/server.py:52:5:52:10 | ControlFlowNode for author | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:53:5:53:10 | ControlFlowNode for search | PoC/server.py:61:27:61:58 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:53:14:57:5 | ControlFlowNode for Dict | PoC/server.py:53:5:53:10 | ControlFlowNode for search | provenance | |
|
||||
| PoC/server.py:54:17:54:70 | ControlFlowNode for BinaryExpr | PoC/server.py:53:14:57:5 | ControlFlowNode for Dict | provenance | Config |
|
||||
| PoC/server.py:77:5:77:10 | ControlFlowNode for author | PoC/server.py:80:23:80:101 | ControlFlowNode for BinaryExpr | provenance | |
|
||||
| PoC/server.py:77:14:77:20 | ControlFlowNode for request | PoC/server.py:77:5:77:10 | ControlFlowNode for author | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:78:5:78:15 | ControlFlowNode for accumulator | PoC/server.py:84:5:84:9 | ControlFlowNode for group | provenance | |
|
||||
| PoC/server.py:78:19:83:5 | ControlFlowNode for Dict | PoC/server.py:78:5:78:15 | ControlFlowNode for accumulator | provenance | |
|
||||
| PoC/server.py:80:23:80:101 | ControlFlowNode for BinaryExpr | PoC/server.py:78:19:83:5 | ControlFlowNode for Dict | provenance | Config |
|
||||
| PoC/server.py:84:5:84:9 | ControlFlowNode for group | PoC/server.py:91:29:91:47 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:84:5:84:9 | ControlFlowNode for group | PoC/server.py:92:38:92:56 | ControlFlowNode for Dict | provenance | |
|
||||
| PoC/server.py:98:5:98:10 | ControlFlowNode for author | PoC/server.py:99:5:99:10 | ControlFlowNode for mapper | provenance | |
|
||||
| PoC/server.py:98:14:98:20 | ControlFlowNode for request | PoC/server.py:98:5:98:10 | ControlFlowNode for author | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:99:5:99:10 | ControlFlowNode for mapper | PoC/server.py:102:9:102:14 | ControlFlowNode for mapper | provenance | |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | flask_mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | provenance | |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | flask_mongoengine_bad.py:19:21:19:27 | ControlFlowNode for request | provenance | |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | flask_mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | provenance | |
|
||||
| flask_mongoengine_bad.py:19:5:19:17 | ControlFlowNode for unsafe_search | flask_mongoengine_bad.py:20:30:20:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| flask_mongoengine_bad.py:19:21:19:27 | ControlFlowNode for request | flask_mongoengine_bad.py:19:5:19:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| flask_mongoengine_bad.py:20:5:20:15 | ControlFlowNode for json_search | flask_mongoengine_bad.py:22:34:22:44 | ControlFlowNode for json_search | provenance | |
|
||||
| flask_mongoengine_bad.py:20:19:20:43 | ControlFlowNode for Attribute() | flask_mongoengine_bad.py:20:5:20:15 | ControlFlowNode for json_search | provenance | |
|
||||
| flask_mongoengine_bad.py:20:30:20:42 | ControlFlowNode for unsafe_search | flask_mongoengine_bad.py:20:19:20:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| flask_mongoengine_bad.py:26:5:26:17 | ControlFlowNode for unsafe_search | flask_mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| flask_mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | flask_mongoengine_bad.py:26:5:26:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| flask_mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | flask_mongoengine_bad.py:30:39:30:59 | ControlFlowNode for Dict | provenance | |
|
||||
| flask_mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | flask_mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | provenance | |
|
||||
| flask_mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | flask_mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for request | provenance | |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for request | flask_pymongo_bad.py:11:21:11:27 | ControlFlowNode for request | provenance | |
|
||||
| flask_pymongo_bad.py:11:5:11:17 | ControlFlowNode for unsafe_search | flask_pymongo_bad.py:12:30:12:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| flask_pymongo_bad.py:11:21:11:27 | ControlFlowNode for request | flask_pymongo_bad.py:11:5:11:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| flask_pymongo_bad.py:12:5:12:15 | ControlFlowNode for json_search | flask_pymongo_bad.py:14:31:14:51 | ControlFlowNode for Dict | provenance | |
|
||||
| flask_pymongo_bad.py:12:19:12:43 | ControlFlowNode for Attribute() | flask_pymongo_bad.py:12:5:12:15 | ControlFlowNode for json_search | provenance | |
|
||||
| flask_pymongo_bad.py:12:30:12:42 | ControlFlowNode for unsafe_search | flask_pymongo_bad.py:12:19:12:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | mongoengine_bad.py:18:21:18:27 | ControlFlowNode for request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | mongoengine_bad.py:34:21:34:27 | ControlFlowNode for request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | mongoengine_bad.py:42:21:42:27 | ControlFlowNode for request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | mongoengine_bad.py:50:21:50:27 | ControlFlowNode for request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | mongoengine_bad.py:57:21:57:27 | ControlFlowNode for request | provenance | |
|
||||
| mongoengine_bad.py:18:5:18:17 | ControlFlowNode for unsafe_search | mongoengine_bad.py:19:30:19:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:18:21:18:27 | ControlFlowNode for request | mongoengine_bad.py:18:5:18:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:19:5:19:15 | ControlFlowNode for json_search | mongoengine_bad.py:22:26:22:46 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:19:19:19:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:19:5:19:15 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:19:30:19:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:19:19:19:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:26:5:26:17 | ControlFlowNode for unsafe_search | mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | mongoengine_bad.py:26:5:26:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | mongoengine_bad.py:30:26:30:46 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:34:5:34:17 | ControlFlowNode for unsafe_search | mongoengine_bad.py:35:30:35:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:34:21:34:27 | ControlFlowNode for request | mongoengine_bad.py:34:5:34:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:35:5:35:15 | ControlFlowNode for json_search | mongoengine_bad.py:38:26:38:46 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:35:19:35:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:35:5:35:15 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:35:30:35:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:35:19:35:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:42:5:42:17 | ControlFlowNode for unsafe_search | mongoengine_bad.py:43:30:43:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:42:21:42:27 | ControlFlowNode for request | mongoengine_bad.py:42:5:42:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:43:5:43:15 | ControlFlowNode for json_search | mongoengine_bad.py:46:26:46:46 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:43:19:43:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:43:5:43:15 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:43:30:43:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:43:19:43:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:50:5:50:17 | ControlFlowNode for unsafe_search | mongoengine_bad.py:51:30:51:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:50:21:50:27 | ControlFlowNode for request | mongoengine_bad.py:50:5:50:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:51:5:51:15 | ControlFlowNode for json_search | mongoengine_bad.py:53:34:53:44 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:51:19:51:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:51:5:51:15 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:51:30:51:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:51:19:51:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:57:5:57:17 | ControlFlowNode for unsafe_search | mongoengine_bad.py:58:30:58:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:57:21:57:27 | ControlFlowNode for request | mongoengine_bad.py:57:5:57:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:58:5:58:15 | ControlFlowNode for json_search | mongoengine_bad.py:61:29:61:49 | ControlFlowNode for Dict | provenance | |
|
||||
| mongoengine_bad.py:58:19:58:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:58:5:58:15 | ControlFlowNode for json_search | provenance | |
|
||||
| mongoengine_bad.py:58:30:58:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:58:19:58:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | pymongo_test.py:1:26:1:32 | ControlFlowNode for request | provenance | |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for request | pymongo_test.py:12:21:12:27 | ControlFlowNode for request | provenance | |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for request | pymongo_test.py:29:27:29:33 | ControlFlowNode for request | provenance | |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for request | pymongo_test.py:39:27:39:33 | ControlFlowNode for request | provenance | |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for request | pymongo_test.py:52:26:52:32 | ControlFlowNode for request | provenance | |
|
||||
| pymongo_test.py:12:5:12:17 | ControlFlowNode for unsafe_search | pymongo_test.py:13:30:13:42 | ControlFlowNode for unsafe_search | provenance | |
|
||||
| pymongo_test.py:12:21:12:27 | ControlFlowNode for request | pymongo_test.py:12:5:12:17 | ControlFlowNode for unsafe_search | provenance | AdditionalTaintStep |
|
||||
| pymongo_test.py:13:5:13:15 | ControlFlowNode for json_search | pymongo_test.py:15:42:15:62 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:13:19:13:43 | ControlFlowNode for Attribute() | pymongo_test.py:13:5:13:15 | ControlFlowNode for json_search | provenance | |
|
||||
| pymongo_test.py:13:30:13:42 | ControlFlowNode for unsafe_search | pymongo_test.py:13:19:13:43 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| pymongo_test.py:29:5:29:12 | ControlFlowNode for event_id | pymongo_test.py:33:45:33:72 | ControlFlowNode for Fstring | provenance | |
|
||||
| pymongo_test.py:29:16:29:51 | ControlFlowNode for Attribute() | pymongo_test.py:29:5:29:12 | ControlFlowNode for event_id | provenance | |
|
||||
| pymongo_test.py:29:27:29:33 | ControlFlowNode for request | pymongo_test.py:29:27:29:50 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| pymongo_test.py:29:27:29:50 | ControlFlowNode for Subscript | pymongo_test.py:29:16:29:51 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| pymongo_test.py:33:45:33:72 | ControlFlowNode for Fstring | pymongo_test.py:33:34:33:73 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:33:45:33:72 | ControlFlowNode for Fstring | pymongo_test.py:33:34:33:73 | ControlFlowNode for Dict | provenance | Decoding-NoSQL |
|
||||
| pymongo_test.py:39:5:39:12 | ControlFlowNode for event_id | pymongo_test.py:43:45:43:72 | ControlFlowNode for Fstring | provenance | |
|
||||
| pymongo_test.py:39:16:39:51 | ControlFlowNode for Attribute() | pymongo_test.py:39:5:39:12 | ControlFlowNode for event_id | provenance | |
|
||||
| pymongo_test.py:39:27:39:33 | ControlFlowNode for request | pymongo_test.py:39:27:39:50 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| pymongo_test.py:39:27:39:50 | ControlFlowNode for Subscript | pymongo_test.py:39:16:39:51 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| pymongo_test.py:43:45:43:72 | ControlFlowNode for Fstring | pymongo_test.py:43:34:43:73 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:43:45:43:72 | ControlFlowNode for Fstring | pymongo_test.py:43:34:43:73 | ControlFlowNode for Dict | provenance | Decoding-NoSQL |
|
||||
| pymongo_test.py:52:5:52:11 | ControlFlowNode for decoded | pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | provenance | |
|
||||
| pymongo_test.py:52:15:52:50 | ControlFlowNode for Attribute() | pymongo_test.py:52:5:52:11 | ControlFlowNode for decoded | provenance | |
|
||||
| pymongo_test.py:52:26:52:32 | ControlFlowNode for request | pymongo_test.py:52:26:52:49 | ControlFlowNode for Subscript | provenance | AdditionalTaintStep |
|
||||
| pymongo_test.py:52:26:52:49 | ControlFlowNode for Subscript | pymongo_test.py:52:15:52:50 | ControlFlowNode for Attribute() | provenance | Config |
|
||||
| pymongo_test.py:54:5:54:10 | ControlFlowNode for search | pymongo_test.py:59:25:59:56 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:54:14:58:5 | ControlFlowNode for Dict | pymongo_test.py:54:5:54:10 | ControlFlowNode for search | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:54:14:58:5 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:54:14:58:5 | ControlFlowNode for Dict | provenance | Decoding-NoSQL |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:61:25:61:57 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:62:25:62:42 | ControlFlowNode for Dict | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | pymongo_test.py:63:25:63:31 | ControlFlowNode for decoded | provenance | |
|
||||
| PoC/server.py:1:26:1:32 | After ImportMember | PoC/server.py:1:26:1:32 | request | provenance | |
|
||||
| PoC/server.py:1:26:1:32 | request | PoC/server.py:26:21:26:27 | request | provenance | |
|
||||
| PoC/server.py:1:26:1:32 | request | PoC/server.py:43:14:43:20 | request | provenance | |
|
||||
| PoC/server.py:1:26:1:32 | request | PoC/server.py:52:14:52:20 | request | provenance | |
|
||||
| PoC/server.py:1:26:1:32 | request | PoC/server.py:77:14:77:20 | request | provenance | |
|
||||
| PoC/server.py:1:26:1:32 | request | PoC/server.py:98:14:98:20 | request | provenance | |
|
||||
| PoC/server.py:26:5:26:17 | author_string | PoC/server.py:27:25:27:37 | author_string | provenance | |
|
||||
| PoC/server.py:26:21:26:27 | request | PoC/server.py:26:5:26:17 | author_string | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:27:5:27:10 | author | PoC/server.py:30:27:30:44 | After Dict | provenance | |
|
||||
| PoC/server.py:27:5:27:10 | author | PoC/server.py:31:34:31:51 | After Dict | provenance | |
|
||||
| PoC/server.py:27:14:27:38 | After Attribute() | PoC/server.py:27:5:27:10 | author | provenance | |
|
||||
| PoC/server.py:27:25:27:37 | author_string | PoC/server.py:27:14:27:38 | After Attribute() | provenance | Config |
|
||||
| PoC/server.py:43:5:43:10 | author | PoC/server.py:47:38:47:67 | After BinaryExpr | provenance | |
|
||||
| PoC/server.py:43:14:43:20 | request | PoC/server.py:43:5:43:10 | author | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:47:38:47:67 | After BinaryExpr | PoC/server.py:47:27:47:68 | After Dict | provenance | Config |
|
||||
| PoC/server.py:52:5:52:10 | author | PoC/server.py:54:17:54:70 | After BinaryExpr | provenance | |
|
||||
| PoC/server.py:52:14:52:20 | request | PoC/server.py:52:5:52:10 | author | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:53:5:53:10 | search | PoC/server.py:61:27:61:58 | After Dict | provenance | |
|
||||
| PoC/server.py:53:14:57:5 | After Dict | PoC/server.py:53:5:53:10 | search | provenance | |
|
||||
| PoC/server.py:54:17:54:70 | After BinaryExpr | PoC/server.py:53:14:57:5 | After Dict | provenance | Config |
|
||||
| PoC/server.py:77:5:77:10 | author | PoC/server.py:80:23:80:101 | After BinaryExpr | provenance | |
|
||||
| PoC/server.py:77:14:77:20 | request | PoC/server.py:77:5:77:10 | author | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:78:5:78:15 | accumulator | PoC/server.py:84:5:84:9 | group | provenance | |
|
||||
| PoC/server.py:78:19:83:5 | After Dict | PoC/server.py:78:5:78:15 | accumulator | provenance | |
|
||||
| PoC/server.py:80:23:80:101 | After BinaryExpr | PoC/server.py:78:19:83:5 | After Dict | provenance | Config |
|
||||
| PoC/server.py:84:5:84:9 | group | PoC/server.py:91:29:91:47 | After Dict | provenance | |
|
||||
| PoC/server.py:84:5:84:9 | group | PoC/server.py:92:38:92:56 | After Dict | provenance | |
|
||||
| PoC/server.py:98:5:98:10 | author | PoC/server.py:99:5:99:10 | mapper | provenance | |
|
||||
| PoC/server.py:98:14:98:20 | request | PoC/server.py:98:5:98:10 | author | provenance | AdditionalTaintStep |
|
||||
| PoC/server.py:99:5:99:10 | mapper | PoC/server.py:102:9:102:14 | mapper | provenance | |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | After ImportMember | flask_mongoengine_bad.py:1:26:1:32 | request | provenance | |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | request | flask_mongoengine_bad.py:19:21:19:27 | request | provenance | |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | request | flask_mongoengine_bad.py:26:21:26:27 | request | provenance | |
|
||||
| flask_mongoengine_bad.py:19:5:19:17 | unsafe_search | flask_mongoengine_bad.py:20:30:20:42 | unsafe_search | provenance | |
|
||||
| flask_mongoengine_bad.py:19:21:19:27 | request | flask_mongoengine_bad.py:19:5:19:17 | unsafe_search | provenance | AdditionalTaintStep |
|
||||
| flask_mongoengine_bad.py:20:5:20:15 | json_search | flask_mongoengine_bad.py:22:34:22:44 | json_search | provenance | |
|
||||
| flask_mongoengine_bad.py:20:19:20:43 | After Attribute() | flask_mongoengine_bad.py:20:5:20:15 | json_search | provenance | |
|
||||
| flask_mongoengine_bad.py:20:30:20:42 | unsafe_search | flask_mongoengine_bad.py:20:19:20:43 | After Attribute() | provenance | Config |
|
||||
| flask_mongoengine_bad.py:26:5:26:17 | unsafe_search | flask_mongoengine_bad.py:27:30:27:42 | unsafe_search | provenance | |
|
||||
| flask_mongoengine_bad.py:26:21:26:27 | request | flask_mongoengine_bad.py:26:5:26:17 | unsafe_search | provenance | AdditionalTaintStep |
|
||||
| flask_mongoengine_bad.py:27:5:27:15 | json_search | flask_mongoengine_bad.py:30:39:30:59 | After Dict | provenance | |
|
||||
| flask_mongoengine_bad.py:27:19:27:43 | After Attribute() | flask_mongoengine_bad.py:27:5:27:15 | json_search | provenance | |
|
||||
| flask_mongoengine_bad.py:27:30:27:42 | unsafe_search | flask_mongoengine_bad.py:27:19:27:43 | After Attribute() | provenance | Config |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | After ImportMember | flask_pymongo_bad.py:1:26:1:32 | request | provenance | |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | request | flask_pymongo_bad.py:11:21:11:27 | request | provenance | |
|
||||
| flask_pymongo_bad.py:11:5:11:17 | unsafe_search | flask_pymongo_bad.py:12:30:12:42 | unsafe_search | provenance | |
|
||||
| flask_pymongo_bad.py:11:21:11:27 | request | flask_pymongo_bad.py:11:5:11:17 | unsafe_search | provenance | AdditionalTaintStep |
|
||||
| flask_pymongo_bad.py:12:5:12:15 | json_search | flask_pymongo_bad.py:14:31:14:51 | After Dict | provenance | |
|
||||
| flask_pymongo_bad.py:12:19:12:43 | After Attribute() | flask_pymongo_bad.py:12:5:12:15 | json_search | provenance | |
|
||||
| flask_pymongo_bad.py:12:30:12:42 | unsafe_search | flask_pymongo_bad.py:12:19:12:43 | After Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:1:26:1:32 | After ImportMember | mongoengine_bad.py:1:26:1:32 | request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | request | mongoengine_bad.py:18:21:18:27 | request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | request | mongoengine_bad.py:26:21:26:27 | request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | request | mongoengine_bad.py:34:21:34:27 | request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | request | mongoengine_bad.py:42:21:42:27 | request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | request | mongoengine_bad.py:50:21:50:27 | request | provenance | |
|
||||
| mongoengine_bad.py:1:26:1:32 | request | mongoengine_bad.py:57:21:57:27 | request | provenance | |
|
||||
| mongoengine_bad.py:18:5:18:17 | unsafe_search | mongoengine_bad.py:19:30:19:42 | unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:18:21:18:27 | request | mongoengine_bad.py:18:5:18:17 | unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:19:5:19:15 | json_search | mongoengine_bad.py:22:26:22:46 | After Dict | provenance | |
|
||||
| mongoengine_bad.py:19:19:19:43 | After Attribute() | mongoengine_bad.py:19:5:19:15 | json_search | provenance | |
|
||||
| mongoengine_bad.py:19:30:19:42 | unsafe_search | mongoengine_bad.py:19:19:19:43 | After Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:26:5:26:17 | unsafe_search | mongoengine_bad.py:27:30:27:42 | unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:26:21:26:27 | request | mongoengine_bad.py:26:5:26:17 | unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:27:5:27:15 | json_search | mongoengine_bad.py:30:26:30:46 | After Dict | provenance | |
|
||||
| mongoengine_bad.py:27:19:27:43 | After Attribute() | mongoengine_bad.py:27:5:27:15 | json_search | provenance | |
|
||||
| mongoengine_bad.py:27:30:27:42 | unsafe_search | mongoengine_bad.py:27:19:27:43 | After Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:34:5:34:17 | unsafe_search | mongoengine_bad.py:35:30:35:42 | unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:34:21:34:27 | request | mongoengine_bad.py:34:5:34:17 | unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:35:5:35:15 | json_search | mongoengine_bad.py:38:26:38:46 | After Dict | provenance | |
|
||||
| mongoengine_bad.py:35:19:35:43 | After Attribute() | mongoengine_bad.py:35:5:35:15 | json_search | provenance | |
|
||||
| mongoengine_bad.py:35:30:35:42 | unsafe_search | mongoengine_bad.py:35:19:35:43 | After Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:42:5:42:17 | unsafe_search | mongoengine_bad.py:43:30:43:42 | unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:42:21:42:27 | request | mongoengine_bad.py:42:5:42:17 | unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:43:5:43:15 | json_search | mongoengine_bad.py:46:26:46:46 | After Dict | provenance | |
|
||||
| mongoengine_bad.py:43:19:43:43 | After Attribute() | mongoengine_bad.py:43:5:43:15 | json_search | provenance | |
|
||||
| mongoengine_bad.py:43:30:43:42 | unsafe_search | mongoengine_bad.py:43:19:43:43 | After Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:50:5:50:17 | unsafe_search | mongoengine_bad.py:51:30:51:42 | unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:50:21:50:27 | request | mongoengine_bad.py:50:5:50:17 | unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:51:5:51:15 | json_search | mongoengine_bad.py:53:34:53:44 | json_search | provenance | |
|
||||
| mongoengine_bad.py:51:19:51:43 | After Attribute() | mongoengine_bad.py:51:5:51:15 | json_search | provenance | |
|
||||
| mongoengine_bad.py:51:30:51:42 | unsafe_search | mongoengine_bad.py:51:19:51:43 | After Attribute() | provenance | Config |
|
||||
| mongoengine_bad.py:57:5:57:17 | unsafe_search | mongoengine_bad.py:58:30:58:42 | unsafe_search | provenance | |
|
||||
| mongoengine_bad.py:57:21:57:27 | request | mongoengine_bad.py:57:5:57:17 | unsafe_search | provenance | AdditionalTaintStep |
|
||||
| mongoengine_bad.py:58:5:58:15 | json_search | mongoengine_bad.py:61:29:61:49 | After Dict | provenance | |
|
||||
| mongoengine_bad.py:58:19:58:43 | After Attribute() | mongoengine_bad.py:58:5:58:15 | json_search | provenance | |
|
||||
| mongoengine_bad.py:58:30:58:42 | unsafe_search | mongoengine_bad.py:58:19:58:43 | After Attribute() | provenance | Config |
|
||||
| pymongo_test.py:1:26:1:32 | After ImportMember | pymongo_test.py:1:26:1:32 | request | provenance | |
|
||||
| pymongo_test.py:1:26:1:32 | request | pymongo_test.py:12:21:12:27 | request | provenance | |
|
||||
| pymongo_test.py:1:26:1:32 | request | pymongo_test.py:29:27:29:33 | request | provenance | |
|
||||
| pymongo_test.py:1:26:1:32 | request | pymongo_test.py:39:27:39:33 | request | provenance | |
|
||||
| pymongo_test.py:1:26:1:32 | request | pymongo_test.py:52:26:52:32 | request | provenance | |
|
||||
| pymongo_test.py:12:5:12:17 | unsafe_search | pymongo_test.py:13:30:13:42 | unsafe_search | provenance | |
|
||||
| pymongo_test.py:12:21:12:27 | request | pymongo_test.py:12:5:12:17 | unsafe_search | provenance | AdditionalTaintStep |
|
||||
| pymongo_test.py:13:5:13:15 | json_search | pymongo_test.py:15:42:15:62 | After Dict | provenance | |
|
||||
| pymongo_test.py:13:19:13:43 | After Attribute() | pymongo_test.py:13:5:13:15 | json_search | provenance | |
|
||||
| pymongo_test.py:13:30:13:42 | unsafe_search | pymongo_test.py:13:19:13:43 | After Attribute() | provenance | Config |
|
||||
| pymongo_test.py:29:5:29:12 | event_id | pymongo_test.py:33:45:33:72 | After Fstring | provenance | |
|
||||
| pymongo_test.py:29:16:29:51 | After Attribute() | pymongo_test.py:29:5:29:12 | event_id | provenance | |
|
||||
| pymongo_test.py:29:27:29:33 | request | pymongo_test.py:29:27:29:50 | After Subscript | provenance | AdditionalTaintStep |
|
||||
| pymongo_test.py:29:27:29:50 | After Subscript | pymongo_test.py:29:16:29:51 | After Attribute() | provenance | Config |
|
||||
| pymongo_test.py:33:45:33:72 | After Fstring | pymongo_test.py:33:34:33:73 | After Dict | provenance | |
|
||||
| pymongo_test.py:33:45:33:72 | After Fstring | pymongo_test.py:33:34:33:73 | After Dict | provenance | Decoding-NoSQL |
|
||||
| pymongo_test.py:39:5:39:12 | event_id | pymongo_test.py:43:45:43:72 | After Fstring | provenance | |
|
||||
| pymongo_test.py:39:16:39:51 | After Attribute() | pymongo_test.py:39:5:39:12 | event_id | provenance | |
|
||||
| pymongo_test.py:39:27:39:33 | request | pymongo_test.py:39:27:39:50 | After Subscript | provenance | AdditionalTaintStep |
|
||||
| pymongo_test.py:39:27:39:50 | After Subscript | pymongo_test.py:39:16:39:51 | After Attribute() | provenance | Config |
|
||||
| pymongo_test.py:43:45:43:72 | After Fstring | pymongo_test.py:43:34:43:73 | After Dict | provenance | |
|
||||
| pymongo_test.py:43:45:43:72 | After Fstring | pymongo_test.py:43:34:43:73 | After Dict | provenance | Decoding-NoSQL |
|
||||
| pymongo_test.py:52:5:52:11 | decoded | pymongo_test.py:55:17:55:23 | decoded | provenance | |
|
||||
| pymongo_test.py:52:15:52:50 | After Attribute() | pymongo_test.py:52:5:52:11 | decoded | provenance | |
|
||||
| pymongo_test.py:52:26:52:32 | request | pymongo_test.py:52:26:52:49 | After Subscript | provenance | AdditionalTaintStep |
|
||||
| pymongo_test.py:52:26:52:49 | After Subscript | pymongo_test.py:52:15:52:50 | After Attribute() | provenance | Config |
|
||||
| pymongo_test.py:54:5:54:10 | search | pymongo_test.py:59:25:59:56 | After Dict | provenance | |
|
||||
| pymongo_test.py:54:14:58:5 | After Dict | pymongo_test.py:54:5:54:10 | search | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | decoded | pymongo_test.py:54:14:58:5 | After Dict | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | decoded | pymongo_test.py:54:14:58:5 | After Dict | provenance | Decoding-NoSQL |
|
||||
| pymongo_test.py:55:17:55:23 | decoded | pymongo_test.py:61:25:61:57 | After Dict | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | decoded | pymongo_test.py:62:25:62:42 | After Dict | provenance | |
|
||||
| pymongo_test.py:55:17:55:23 | decoded | pymongo_test.py:63:25:63:31 | decoded | provenance | |
|
||||
nodes
|
||||
| PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| PoC/server.py:1:26:1:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| PoC/server.py:26:5:26:17 | ControlFlowNode for author_string | semmle.label | ControlFlowNode for author_string |
|
||||
| PoC/server.py:26:21:26:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| PoC/server.py:27:5:27:10 | ControlFlowNode for author | semmle.label | ControlFlowNode for author |
|
||||
| PoC/server.py:27:14:27:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| PoC/server.py:27:25:27:37 | ControlFlowNode for author_string | semmle.label | ControlFlowNode for author_string |
|
||||
| PoC/server.py:30:27:30:44 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:31:34:31:51 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:43:5:43:10 | ControlFlowNode for author | semmle.label | ControlFlowNode for author |
|
||||
| PoC/server.py:43:14:43:20 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| PoC/server.py:47:27:47:68 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:47:38:47:67 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| PoC/server.py:52:5:52:10 | ControlFlowNode for author | semmle.label | ControlFlowNode for author |
|
||||
| PoC/server.py:52:14:52:20 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| PoC/server.py:53:5:53:10 | ControlFlowNode for search | semmle.label | ControlFlowNode for search |
|
||||
| PoC/server.py:53:14:57:5 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:54:17:54:70 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| PoC/server.py:61:27:61:58 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:77:5:77:10 | ControlFlowNode for author | semmle.label | ControlFlowNode for author |
|
||||
| PoC/server.py:77:14:77:20 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| PoC/server.py:78:5:78:15 | ControlFlowNode for accumulator | semmle.label | ControlFlowNode for accumulator |
|
||||
| PoC/server.py:78:19:83:5 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:80:23:80:101 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| PoC/server.py:84:5:84:9 | ControlFlowNode for group | semmle.label | ControlFlowNode for group |
|
||||
| PoC/server.py:91:29:91:47 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:92:38:92:56 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| PoC/server.py:98:5:98:10 | ControlFlowNode for author | semmle.label | ControlFlowNode for author |
|
||||
| PoC/server.py:98:14:98:20 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| PoC/server.py:99:5:99:10 | ControlFlowNode for mapper | semmle.label | ControlFlowNode for mapper |
|
||||
| PoC/server.py:102:9:102:14 | ControlFlowNode for mapper | semmle.label | ControlFlowNode for mapper |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_mongoengine_bad.py:19:5:19:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| flask_mongoengine_bad.py:19:21:19:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_mongoengine_bad.py:20:5:20:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| flask_mongoengine_bad.py:20:19:20:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_mongoengine_bad.py:20:30:20:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| flask_mongoengine_bad.py:22:34:22:44 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| flask_mongoengine_bad.py:26:5:26:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| flask_mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| flask_mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| flask_mongoengine_bad.py:30:39:30:59 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_pymongo_bad.py:11:5:11:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| flask_pymongo_bad.py:11:21:11:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_pymongo_bad.py:12:5:12:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| flask_pymongo_bad.py:12:19:12:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_pymongo_bad.py:12:30:12:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| flask_pymongo_bad.py:14:31:14:51 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:18:5:18:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:18:21:18:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:19:5:19:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:19:19:19:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:19:30:19:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:22:26:22:46 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:26:5:26:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:27:5:27:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:30:26:30:46 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:34:5:34:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:34:21:34:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:35:5:35:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:35:19:35:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:35:30:35:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:38:26:38:46 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:42:5:42:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:42:21:42:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:43:5:43:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:43:19:43:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:43:30:43:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:46:26:46:46 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:50:5:50:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:50:21:50:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:51:5:51:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:51:19:51:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:51:30:51:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:53:34:53:44 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:57:5:57:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:57:21:57:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:58:5:58:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:58:19:58:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:58:30:58:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:61:29:61:49 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| pymongo_test.py:12:5:12:17 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| pymongo_test.py:12:21:12:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| pymongo_test.py:13:5:13:15 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| pymongo_test.py:13:19:13:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| pymongo_test.py:13:30:13:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| pymongo_test.py:15:42:15:62 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:29:5:29:12 | ControlFlowNode for event_id | semmle.label | ControlFlowNode for event_id |
|
||||
| pymongo_test.py:29:16:29:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| pymongo_test.py:29:27:29:33 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| pymongo_test.py:29:27:29:50 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| pymongo_test.py:33:34:33:73 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:33:45:33:72 | ControlFlowNode for Fstring | semmle.label | ControlFlowNode for Fstring |
|
||||
| pymongo_test.py:39:5:39:12 | ControlFlowNode for event_id | semmle.label | ControlFlowNode for event_id |
|
||||
| pymongo_test.py:39:16:39:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| pymongo_test.py:39:27:39:33 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| pymongo_test.py:39:27:39:50 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| pymongo_test.py:43:34:43:73 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:43:45:43:72 | ControlFlowNode for Fstring | semmle.label | ControlFlowNode for Fstring |
|
||||
| pymongo_test.py:52:5:52:11 | ControlFlowNode for decoded | semmle.label | ControlFlowNode for decoded |
|
||||
| pymongo_test.py:52:15:52:50 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| pymongo_test.py:52:26:52:32 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| pymongo_test.py:52:26:52:49 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| pymongo_test.py:54:5:54:10 | ControlFlowNode for search | semmle.label | ControlFlowNode for search |
|
||||
| pymongo_test.py:54:14:58:5 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:55:17:55:23 | ControlFlowNode for decoded | semmle.label | ControlFlowNode for decoded |
|
||||
| pymongo_test.py:59:25:59:56 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:61:25:61:57 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:62:25:62:42 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:63:25:63:31 | ControlFlowNode for decoded | semmle.label | ControlFlowNode for decoded |
|
||||
| PoC/server.py:1:26:1:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| PoC/server.py:1:26:1:32 | request | semmle.label | request |
|
||||
| PoC/server.py:26:5:26:17 | author_string | semmle.label | author_string |
|
||||
| PoC/server.py:26:21:26:27 | request | semmle.label | request |
|
||||
| PoC/server.py:27:5:27:10 | author | semmle.label | author |
|
||||
| PoC/server.py:27:14:27:38 | After Attribute() | semmle.label | After Attribute() |
|
||||
| PoC/server.py:27:25:27:37 | author_string | semmle.label | author_string |
|
||||
| PoC/server.py:30:27:30:44 | After Dict | semmle.label | After Dict |
|
||||
| PoC/server.py:31:34:31:51 | After Dict | semmle.label | After Dict |
|
||||
| PoC/server.py:43:5:43:10 | author | semmle.label | author |
|
||||
| PoC/server.py:43:14:43:20 | request | semmle.label | request |
|
||||
| PoC/server.py:47:27:47:68 | After Dict | semmle.label | After Dict |
|
||||
| PoC/server.py:47:38:47:67 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| PoC/server.py:52:5:52:10 | author | semmle.label | author |
|
||||
| PoC/server.py:52:14:52:20 | request | semmle.label | request |
|
||||
| PoC/server.py:53:5:53:10 | search | semmle.label | search |
|
||||
| PoC/server.py:53:14:57:5 | After Dict | semmle.label | After Dict |
|
||||
| PoC/server.py:54:17:54:70 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| PoC/server.py:61:27:61:58 | After Dict | semmle.label | After Dict |
|
||||
| PoC/server.py:77:5:77:10 | author | semmle.label | author |
|
||||
| PoC/server.py:77:14:77:20 | request | semmle.label | request |
|
||||
| PoC/server.py:78:5:78:15 | accumulator | semmle.label | accumulator |
|
||||
| PoC/server.py:78:19:83:5 | After Dict | semmle.label | After Dict |
|
||||
| PoC/server.py:80:23:80:101 | After BinaryExpr | semmle.label | After BinaryExpr |
|
||||
| PoC/server.py:84:5:84:9 | group | semmle.label | group |
|
||||
| PoC/server.py:91:29:91:47 | After Dict | semmle.label | After Dict |
|
||||
| PoC/server.py:92:38:92:56 | After Dict | semmle.label | After Dict |
|
||||
| PoC/server.py:98:5:98:10 | author | semmle.label | author |
|
||||
| PoC/server.py:98:14:98:20 | request | semmle.label | request |
|
||||
| PoC/server.py:99:5:99:10 | mapper | semmle.label | mapper |
|
||||
| PoC/server.py:102:9:102:14 | mapper | semmle.label | mapper |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | request | semmle.label | request |
|
||||
| flask_mongoengine_bad.py:19:5:19:17 | unsafe_search | semmle.label | unsafe_search |
|
||||
| flask_mongoengine_bad.py:19:21:19:27 | request | semmle.label | request |
|
||||
| flask_mongoengine_bad.py:20:5:20:15 | json_search | semmle.label | json_search |
|
||||
| flask_mongoengine_bad.py:20:19:20:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| flask_mongoengine_bad.py:20:30:20:42 | unsafe_search | semmle.label | unsafe_search |
|
||||
| flask_mongoengine_bad.py:22:34:22:44 | json_search | semmle.label | json_search |
|
||||
| flask_mongoengine_bad.py:26:5:26:17 | unsafe_search | semmle.label | unsafe_search |
|
||||
| flask_mongoengine_bad.py:26:21:26:27 | request | semmle.label | request |
|
||||
| flask_mongoengine_bad.py:27:5:27:15 | json_search | semmle.label | json_search |
|
||||
| flask_mongoengine_bad.py:27:19:27:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| flask_mongoengine_bad.py:27:30:27:42 | unsafe_search | semmle.label | unsafe_search |
|
||||
| flask_mongoengine_bad.py:30:39:30:59 | After Dict | semmle.label | After Dict |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | request | semmle.label | request |
|
||||
| flask_pymongo_bad.py:11:5:11:17 | unsafe_search | semmle.label | unsafe_search |
|
||||
| flask_pymongo_bad.py:11:21:11:27 | request | semmle.label | request |
|
||||
| flask_pymongo_bad.py:12:5:12:15 | json_search | semmle.label | json_search |
|
||||
| flask_pymongo_bad.py:12:19:12:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| flask_pymongo_bad.py:12:30:12:42 | unsafe_search | semmle.label | unsafe_search |
|
||||
| flask_pymongo_bad.py:14:31:14:51 | After Dict | semmle.label | After Dict |
|
||||
| mongoengine_bad.py:1:26:1:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| mongoengine_bad.py:1:26:1:32 | request | semmle.label | request |
|
||||
| mongoengine_bad.py:18:5:18:17 | unsafe_search | semmle.label | unsafe_search |
|
||||
| mongoengine_bad.py:18:21:18:27 | request | semmle.label | request |
|
||||
| mongoengine_bad.py:19:5:19:15 | json_search | semmle.label | json_search |
|
||||
| mongoengine_bad.py:19:19:19:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| mongoengine_bad.py:19:30:19:42 | unsafe_search | semmle.label | unsafe_search |
|
||||
| mongoengine_bad.py:22:26:22:46 | After Dict | semmle.label | After Dict |
|
||||
| mongoengine_bad.py:26:5:26:17 | unsafe_search | semmle.label | unsafe_search |
|
||||
| mongoengine_bad.py:26:21:26:27 | request | semmle.label | request |
|
||||
| mongoengine_bad.py:27:5:27:15 | json_search | semmle.label | json_search |
|
||||
| mongoengine_bad.py:27:19:27:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| mongoengine_bad.py:27:30:27:42 | unsafe_search | semmle.label | unsafe_search |
|
||||
| mongoengine_bad.py:30:26:30:46 | After Dict | semmle.label | After Dict |
|
||||
| mongoengine_bad.py:34:5:34:17 | unsafe_search | semmle.label | unsafe_search |
|
||||
| mongoengine_bad.py:34:21:34:27 | request | semmle.label | request |
|
||||
| mongoengine_bad.py:35:5:35:15 | json_search | semmle.label | json_search |
|
||||
| mongoengine_bad.py:35:19:35:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| mongoengine_bad.py:35:30:35:42 | unsafe_search | semmle.label | unsafe_search |
|
||||
| mongoengine_bad.py:38:26:38:46 | After Dict | semmle.label | After Dict |
|
||||
| mongoengine_bad.py:42:5:42:17 | unsafe_search | semmle.label | unsafe_search |
|
||||
| mongoengine_bad.py:42:21:42:27 | request | semmle.label | request |
|
||||
| mongoengine_bad.py:43:5:43:15 | json_search | semmle.label | json_search |
|
||||
| mongoengine_bad.py:43:19:43:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| mongoengine_bad.py:43:30:43:42 | unsafe_search | semmle.label | unsafe_search |
|
||||
| mongoengine_bad.py:46:26:46:46 | After Dict | semmle.label | After Dict |
|
||||
| mongoengine_bad.py:50:5:50:17 | unsafe_search | semmle.label | unsafe_search |
|
||||
| mongoengine_bad.py:50:21:50:27 | request | semmle.label | request |
|
||||
| mongoengine_bad.py:51:5:51:15 | json_search | semmle.label | json_search |
|
||||
| mongoengine_bad.py:51:19:51:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| mongoengine_bad.py:51:30:51:42 | unsafe_search | semmle.label | unsafe_search |
|
||||
| mongoengine_bad.py:53:34:53:44 | json_search | semmle.label | json_search |
|
||||
| mongoengine_bad.py:57:5:57:17 | unsafe_search | semmle.label | unsafe_search |
|
||||
| mongoengine_bad.py:57:21:57:27 | request | semmle.label | request |
|
||||
| mongoengine_bad.py:58:5:58:15 | json_search | semmle.label | json_search |
|
||||
| mongoengine_bad.py:58:19:58:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| mongoengine_bad.py:58:30:58:42 | unsafe_search | semmle.label | unsafe_search |
|
||||
| mongoengine_bad.py:61:29:61:49 | After Dict | semmle.label | After Dict |
|
||||
| pymongo_test.py:1:26:1:32 | After ImportMember | semmle.label | After ImportMember |
|
||||
| pymongo_test.py:1:26:1:32 | request | semmle.label | request |
|
||||
| pymongo_test.py:12:5:12:17 | unsafe_search | semmle.label | unsafe_search |
|
||||
| pymongo_test.py:12:21:12:27 | request | semmle.label | request |
|
||||
| pymongo_test.py:13:5:13:15 | json_search | semmle.label | json_search |
|
||||
| pymongo_test.py:13:19:13:43 | After Attribute() | semmle.label | After Attribute() |
|
||||
| pymongo_test.py:13:30:13:42 | unsafe_search | semmle.label | unsafe_search |
|
||||
| pymongo_test.py:15:42:15:62 | After Dict | semmle.label | After Dict |
|
||||
| pymongo_test.py:29:5:29:12 | event_id | semmle.label | event_id |
|
||||
| pymongo_test.py:29:16:29:51 | After Attribute() | semmle.label | After Attribute() |
|
||||
| pymongo_test.py:29:27:29:33 | request | semmle.label | request |
|
||||
| pymongo_test.py:29:27:29:50 | After Subscript | semmle.label | After Subscript |
|
||||
| pymongo_test.py:33:34:33:73 | After Dict | semmle.label | After Dict |
|
||||
| pymongo_test.py:33:45:33:72 | After Fstring | semmle.label | After Fstring |
|
||||
| pymongo_test.py:39:5:39:12 | event_id | semmle.label | event_id |
|
||||
| pymongo_test.py:39:16:39:51 | After Attribute() | semmle.label | After Attribute() |
|
||||
| pymongo_test.py:39:27:39:33 | request | semmle.label | request |
|
||||
| pymongo_test.py:39:27:39:50 | After Subscript | semmle.label | After Subscript |
|
||||
| pymongo_test.py:43:34:43:73 | After Dict | semmle.label | After Dict |
|
||||
| pymongo_test.py:43:45:43:72 | After Fstring | semmle.label | After Fstring |
|
||||
| pymongo_test.py:52:5:52:11 | decoded | semmle.label | decoded |
|
||||
| pymongo_test.py:52:15:52:50 | After Attribute() | semmle.label | After Attribute() |
|
||||
| pymongo_test.py:52:26:52:32 | request | semmle.label | request |
|
||||
| pymongo_test.py:52:26:52:49 | After Subscript | semmle.label | After Subscript |
|
||||
| pymongo_test.py:54:5:54:10 | search | semmle.label | search |
|
||||
| pymongo_test.py:54:14:58:5 | After Dict | semmle.label | After Dict |
|
||||
| pymongo_test.py:55:17:55:23 | decoded | semmle.label | decoded |
|
||||
| pymongo_test.py:59:25:59:56 | After Dict | semmle.label | After Dict |
|
||||
| pymongo_test.py:61:25:61:57 | After Dict | semmle.label | After Dict |
|
||||
| pymongo_test.py:62:25:62:42 | After Dict | semmle.label | After Dict |
|
||||
| pymongo_test.py:63:25:63:31 | decoded | semmle.label | decoded |
|
||||
subpaths
|
||||
#select
|
||||
| PoC/server.py:30:27:30:44 | ControlFlowNode for Dict | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | PoC/server.py:30:27:30:44 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| PoC/server.py:31:34:31:51 | ControlFlowNode for Dict | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | PoC/server.py:31:34:31:51 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| PoC/server.py:47:27:47:68 | ControlFlowNode for Dict | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | PoC/server.py:47:27:47:68 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| PoC/server.py:61:27:61:58 | ControlFlowNode for Dict | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | PoC/server.py:61:27:61:58 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| PoC/server.py:91:29:91:47 | ControlFlowNode for Dict | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | PoC/server.py:91:29:91:47 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| PoC/server.py:92:38:92:56 | ControlFlowNode for Dict | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | PoC/server.py:92:38:92:56 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| PoC/server.py:102:9:102:14 | ControlFlowNode for mapper | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | PoC/server.py:102:9:102:14 | ControlFlowNode for mapper | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| flask_mongoengine_bad.py:22:34:22:44 | ControlFlowNode for json_search | flask_mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | flask_mongoengine_bad.py:22:34:22:44 | ControlFlowNode for json_search | This NoSQL query contains an unsanitized $@. | flask_mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| flask_mongoengine_bad.py:30:39:30:59 | ControlFlowNode for Dict | flask_mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | flask_mongoengine_bad.py:30:39:30:59 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | flask_mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| flask_pymongo_bad.py:14:31:14:51 | ControlFlowNode for Dict | flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | flask_pymongo_bad.py:14:31:14:51 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| mongoengine_bad.py:22:26:22:46 | ControlFlowNode for Dict | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | mongoengine_bad.py:22:26:22:46 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| mongoengine_bad.py:30:26:30:46 | ControlFlowNode for Dict | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | mongoengine_bad.py:30:26:30:46 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| mongoengine_bad.py:38:26:38:46 | ControlFlowNode for Dict | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | mongoengine_bad.py:38:26:38:46 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| mongoengine_bad.py:46:26:46:46 | ControlFlowNode for Dict | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | mongoengine_bad.py:46:26:46:46 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| mongoengine_bad.py:53:34:53:44 | ControlFlowNode for json_search | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | mongoengine_bad.py:53:34:53:44 | ControlFlowNode for json_search | This NoSQL query contains an unsanitized $@. | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| mongoengine_bad.py:61:29:61:49 | ControlFlowNode for Dict | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | mongoengine_bad.py:61:29:61:49 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| pymongo_test.py:15:42:15:62 | ControlFlowNode for Dict | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | pymongo_test.py:15:42:15:62 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| pymongo_test.py:33:34:33:73 | ControlFlowNode for Dict | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | pymongo_test.py:33:34:33:73 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| pymongo_test.py:43:34:43:73 | ControlFlowNode for Dict | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | pymongo_test.py:43:34:43:73 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| pymongo_test.py:59:25:59:56 | ControlFlowNode for Dict | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | pymongo_test.py:59:25:59:56 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| pymongo_test.py:61:25:61:57 | ControlFlowNode for Dict | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | pymongo_test.py:61:25:61:57 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| pymongo_test.py:62:25:62:42 | ControlFlowNode for Dict | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | pymongo_test.py:62:25:62:42 | ControlFlowNode for Dict | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| pymongo_test.py:63:25:63:31 | ControlFlowNode for decoded | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | pymongo_test.py:63:25:63:31 | ControlFlowNode for decoded | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | user-provided value |
|
||||
| PoC/server.py:30:27:30:44 | After Dict | PoC/server.py:1:26:1:32 | After ImportMember | PoC/server.py:30:27:30:44 | After Dict | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| PoC/server.py:31:34:31:51 | After Dict | PoC/server.py:1:26:1:32 | After ImportMember | PoC/server.py:31:34:31:51 | After Dict | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| PoC/server.py:47:27:47:68 | After Dict | PoC/server.py:1:26:1:32 | After ImportMember | PoC/server.py:47:27:47:68 | After Dict | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| PoC/server.py:61:27:61:58 | After Dict | PoC/server.py:1:26:1:32 | After ImportMember | PoC/server.py:61:27:61:58 | After Dict | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| PoC/server.py:91:29:91:47 | After Dict | PoC/server.py:1:26:1:32 | After ImportMember | PoC/server.py:91:29:91:47 | After Dict | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| PoC/server.py:92:38:92:56 | After Dict | PoC/server.py:1:26:1:32 | After ImportMember | PoC/server.py:92:38:92:56 | After Dict | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| PoC/server.py:102:9:102:14 | mapper | PoC/server.py:1:26:1:32 | After ImportMember | PoC/server.py:102:9:102:14 | mapper | This NoSQL query contains an unsanitized $@. | PoC/server.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| flask_mongoengine_bad.py:22:34:22:44 | json_search | flask_mongoengine_bad.py:1:26:1:32 | After ImportMember | flask_mongoengine_bad.py:22:34:22:44 | json_search | This NoSQL query contains an unsanitized $@. | flask_mongoengine_bad.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| flask_mongoengine_bad.py:30:39:30:59 | After Dict | flask_mongoengine_bad.py:1:26:1:32 | After ImportMember | flask_mongoengine_bad.py:30:39:30:59 | After Dict | This NoSQL query contains an unsanitized $@. | flask_mongoengine_bad.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| flask_pymongo_bad.py:14:31:14:51 | After Dict | flask_pymongo_bad.py:1:26:1:32 | After ImportMember | flask_pymongo_bad.py:14:31:14:51 | After Dict | This NoSQL query contains an unsanitized $@. | flask_pymongo_bad.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| mongoengine_bad.py:22:26:22:46 | After Dict | mongoengine_bad.py:1:26:1:32 | After ImportMember | mongoengine_bad.py:22:26:22:46 | After Dict | This NoSQL query contains an unsanitized $@. | mongoengine_bad.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| mongoengine_bad.py:30:26:30:46 | After Dict | mongoengine_bad.py:1:26:1:32 | After ImportMember | mongoengine_bad.py:30:26:30:46 | After Dict | This NoSQL query contains an unsanitized $@. | mongoengine_bad.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| mongoengine_bad.py:38:26:38:46 | After Dict | mongoengine_bad.py:1:26:1:32 | After ImportMember | mongoengine_bad.py:38:26:38:46 | After Dict | This NoSQL query contains an unsanitized $@. | mongoengine_bad.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| mongoengine_bad.py:46:26:46:46 | After Dict | mongoengine_bad.py:1:26:1:32 | After ImportMember | mongoengine_bad.py:46:26:46:46 | After Dict | This NoSQL query contains an unsanitized $@. | mongoengine_bad.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| mongoengine_bad.py:53:34:53:44 | json_search | mongoengine_bad.py:1:26:1:32 | After ImportMember | mongoengine_bad.py:53:34:53:44 | json_search | This NoSQL query contains an unsanitized $@. | mongoengine_bad.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| mongoengine_bad.py:61:29:61:49 | After Dict | mongoengine_bad.py:1:26:1:32 | After ImportMember | mongoengine_bad.py:61:29:61:49 | After Dict | This NoSQL query contains an unsanitized $@. | mongoengine_bad.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| pymongo_test.py:15:42:15:62 | After Dict | pymongo_test.py:1:26:1:32 | After ImportMember | pymongo_test.py:15:42:15:62 | After Dict | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| pymongo_test.py:33:34:33:73 | After Dict | pymongo_test.py:1:26:1:32 | After ImportMember | pymongo_test.py:33:34:33:73 | After Dict | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| pymongo_test.py:43:34:43:73 | After Dict | pymongo_test.py:1:26:1:32 | After ImportMember | pymongo_test.py:43:34:43:73 | After Dict | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| pymongo_test.py:59:25:59:56 | After Dict | pymongo_test.py:1:26:1:32 | After ImportMember | pymongo_test.py:59:25:59:56 | After Dict | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| pymongo_test.py:61:25:61:57 | After Dict | pymongo_test.py:1:26:1:32 | After ImportMember | pymongo_test.py:61:25:61:57 | After Dict | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| pymongo_test.py:62:25:62:42 | After Dict | pymongo_test.py:1:26:1:32 | After ImportMember | pymongo_test.py:62:25:62:42 | After Dict | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
| pymongo_test.py:63:25:63:31 | decoded | pymongo_test.py:1:26:1:32 | After ImportMember | pymongo_test.py:63:25:63:31 | decoded | This NoSQL query contains an unsanitized $@. | pymongo_test.py:1:26:1:32 | After ImportMember | user-provided value |
|
||||
|
||||
Reference in New Issue
Block a user