You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/codeql/codeql-language-guides/analyzing-data-flow-in-python.rst
+18-14Lines changed: 18 additions & 14 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -288,20 +288,24 @@ Class hierarchy
288
288
- ``DataFlow::Configuration`` - base class for custom global data flow analysis.
289
289
- ``DataFlow::Node`` - an element behaving as a data flow node.
290
290
291
-
- ``DataFlow::ExprNode`` - an expression behaving as a data flow node.
292
-
- ``DataFlow::ParameterNode`` - a parameter data flow node representing the value of a parameter at function entry.
293
-
- ``RemoteFlowSource`` - data flow from network/remote input.
294
-
- ``Attributes::AttrRead`` - flow out of an attribute.
295
-
- ``Attributes::AttrWrite`` - flow into an attribute.
296
-
- ``Concepts::SystemCommandExecution`` - a data-flow node that executes an operating system command, for instance by spawning a new process.
297
-
- ``Concepts::FileSystemAccess`` - a data flow node that performs a file system access, including reading and writing data, creating and deleting files and folders, checking and updating permissions, and so on.
298
-
- ``Concepts::Path::PathNormalization`` - a data-flow node that performs path normalization. This is often needed in order to safely access paths.
299
-
- ``Concepts::Decoding`` - a data-flow node that decodes data from a binary or textual format. A decoding (automatically) preserves taint from input to output. However, it can also be a problem in itself, for example if it allows code execution or could result in denial-of-service.
300
-
- ``Concepts::Encoding`` - a data-flow node that encodes data to a binary or textual format. An encoding (automatically) preserves taint from input to output.
301
-
- ``Concepts::CodeExecution`` - a data-flow node that dynamically executes Python code.
302
-
- ``Concepts::SqlExecution`` - a data-flow node that executes SQL statements.
303
-
- ``Concepts::HTTP::Server::RouteSetup`` - a data-flow node that sets up a route on a server.
304
-
- ``Concepts::HTTP::Server::HttpResponse`` - a data-flow node that creates a HTTP response on a server.
291
+
- ``DataFlow::CfgNode`` - a control-flow node behaving as a data flow node.
292
+
293
+
- ``DataFlow::ExprNode`` - an expression behaving as a data flow node.
294
+
- ``DataFlow::ParameterNode`` - a parameter data flow node representing the value of a parameter at function entry.
295
+
- ``DataFlow::CallCfgNode`` - a control-flow node for a function or method call behaving as a data flow node.
296
+
297
+
- ``RemoteFlowSource`` - data flow from network/remote input.
298
+
- ``Attributes::AttrRead`` - flow out of an attribute.
299
+
- ``Attributes::AttrWrite`` - flow into an attribute.
300
+
- ``Concepts::SystemCommandExecution`` - a data-flow node that executes an operating system command, for instance by spawning a new process.
301
+
- ``Concepts::FileSystemAccess`` - a data flow node that performs a file system access, including reading and writing data, creating and deleting files and folders, checking and updating permissions, and so on.
302
+
- ``Concepts::Path::PathNormalization`` - a data-flow node that performs path normalization. This is often needed in order to safely access paths.
303
+
- ``Concepts::Decoding`` - a data-flow node that decodes data from a binary or textual format. A decoding (automatically) preserves taint from input to output. However, it can also be a problem in itself, for example if it allows code execution or could result in denial-of-service.
304
+
- ``Concepts::Encoding`` - a data-flow node that encodes data to a binary or textual format. An encoding (automatically) preserves taint from input to output.
305
+
- ``Concepts::CodeExecution`` - a data-flow node that dynamically executes Python code.
306
+
- ``Concepts::SqlExecution`` - a data-flow node that executes SQL statements.
307
+
- ``Concepts::HTTP::Server::RouteSetup`` - a data-flow node that sets up a route on a server.
308
+
- ``Concepts::HTTP::Server::HttpResponse`` - a data-flow node that creates a HTTP response on a server.
305
309
306
310
- ``TaintTracking::Configuration`` - base class for custom global taint tracking analysis.
Copy file name to clipboardExpand all lines: docs/codeql/codeql-language-guides/codeql-library-for-python.rst
+7Lines changed: 7 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -20,6 +20,13 @@ The CodeQL library for Python incorporates a large number of classes. Each class
20
20
21
21
- **Syntactic** - classes that represent entities in the Python source code.
22
22
- **Control flow** - classes that represent entities from the control flow graphs.
23
+
- **Data flow** - classes that represent entities from the data flow graphs.
24
+
- **API graphs** - classes that represent entities from the API graphs.
25
+
26
+
The first two categories are described below. See ":doc:`Analyzing data flow in Python <analyzing-data-flow-in-python>`" for a description of data flow and associated classes.
27
+
28
+
..
29
+
and [TO COME IN FUTURE PR] for a description of API graphs and their use.
0 commit comments