codeql/python/ql/lib/semmle/python/frameworks/JsonPickle.qll

/**
 * Provides classes modeling security-relevant aspects of the `jsonpickle` PyPI package.
 * See https://pypi.org/project/jsonpickle/.
 */

private import python
private import semmle.python.dataflow.new.RemoteFlowSources
private import semmle.python.Concepts
private import semmle.python.ApiGraphs

/**
 * Provides models for the `jsonpickle` PyPI package.
 * See https://pypi.org/project/jsonpickle/.
 */
private module Jsonpickle {
  /**
   * A Call to `jsonpickle.decode`.
   * See https://jsonpickle.readthedocs.io/en/latest/api.html#jsonpickle.decode
   */
  private class JsonpickleDecode extends Decoding::Range, API::CallNode {
    JsonpickleDecode() { this = API::moduleImport("jsonpickle").getMember("decode").getACall() }

    override predicate mayExecuteInput() { any() }

    override DataFlow::Node getAnInput() { result = this.getParameter(0, "string").asSink() }

    override DataFlow::Node getOutput() { result = this }

    override string getFormat() { result = "pickle" }
  }
}