cffi calls C libraries without writing a C extension. FFI.dlopen() loads a shared library at runtime — code-execution sink on user-controlled path. FFI.cdef parses C declarations — neutral unless the definitions are user-controlled.
.dlopen().dlopen()SinkFFI.dlopen(name, flags=0) -> Library
Loads a shared library. Code-execution sink on user-controlled name.
0| FQN | Field | |
|---|---|---|
| cffi | fqns[0] | |
| cffi.FFI | fqns[1] |
Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.
from codepathfinder.go_rule import PyCffi