sdk/python/Command Execution/PyCtypes
Command Execution

PyCtypes

The ctypes module for calling C libraries. LoadLibrary / CDLL on user-controlled paths loads arbitrary code — code-execution sink. String pointer operations can also be memory-safety findings.

3 sinks
Taint flow0 sources 3 sinks
Sinks — dangerous call
.CDLL()
.WinDLL()
.LoadLibrary()

Sinks

.CDLL()Sink
#
Signature
ctypes.CDLL(name, mode=DEFAULT_MODE, handle=None, use_errno=False, use_last_error=False, winmode=None) -> CDLL

Loads a shared library. Code-execution sink on user-controlled name.

tracks:0
.WinDLL()Sink
#
Signature
ctypes.WinDLL(name, ...) -> WinDLL

Windows shared library loader. Code-execution sink.

tracks:0
.LoadLibrary()Sink
#
Signature
ctypes.cdll.LoadLibrary(name) -> CDLL

Loads a shared library. Code-execution sink on user-controlled name.

tracks:0

Fully-Qualified Names

FQNField
ctypesfqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

Import

rule.py
from codepathfinder.go_rule import PyCtypes
Next →PyDocker