sdk/python/File System/PyConfigparser

PyConfigparser

The configparser module reads INI-style config files. Values read via get() are sources when the config file is user-supplied. The module itself has no injection sinks of its own.

1 source

Taint flow1 source → 0 sinks

Sources — untrusted input

.get()Returns a config value

Sources

— user-controlled input enters here

.get()Source

Signature

ConfigParser.get(section: str, option: str, *, raw=False, vars=None, fallback=...) -> str

Returns a config value. Source when the config file is user-supplied.

tracks:return

Other Methods

.ConfigParser()Neutral

Signature

configparser.ConfigParser(defaults=None, ...) -> ConfigParser

Creates a parser.

.read()Neutral

Signature

ConfigParser.read(filenames, encoding=None) -> list[str]

Reads config files. Subsequent get() values become sources.

Fully-Qualified Names

FQN	Field
configparser	fqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

Import

rule.py

from codepathfinder.go_rule import PyConfigparser

← PreviousPyAiofiles

Next →PyDockerfileParse