sdk/python/Cryptography/PyPysftp

PyPysftp

pysftp wraps paramiko with a simpler SFTP interface. Connection(host, cnopts=...) with CnOpts.hostkeys=None disables host-key checking — MITM finding.

3 sinks

Taint flow0 sources → 3 sinks

Sinks — dangerous call

.Connection()Opens an SFTP connection

.put()Uploads a file

.get()Downloads a file

Sinks

— dangerous functions taint must not reach

.Connection()Sink

Signature

pysftp.Connection(host, username=None, private_key=None, password=None, port=22, cnopts=None, ...) -> Connection

Opens an SFTP connection. Finding when cnopts.hostkeys is None.

.put()Sink

Signature

Connection.put(localpath, remotepath=None, callback=None, confirm=True, preserve_mtime=False) -> SFTPAttributes

Uploads a file. Path-traversal risk on remotepath.

tracks:0, 1

.get()Sink

Signature

Connection.get(remotepath, localpath=None, callback=None, preserve_mtime=False) -> None

Downloads a file. Path-traversal risk on localpath.

tracks:0, 1

Fully-Qualified Names

FQN	Field
pysftp	fqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

Import

rule.py

from codepathfinder.go_rule import PyPysftp

← PreviousPyPyjwt

Next →PyRandom