sdk/python/Deserialization/PyDbm

PyDbm

The dbm family (dbm.gnu, dbm.ndbm, dbm.dumb). dbm.open() on untrusted files reads a DBM-format database. dbm.dumb is pickle-like and unsafe on untrusted input.

1 sink

Taint flow0 sources → 1 sink

Sinks — dangerous call

.open()Opens a DBM database

Sinks

— dangerous functions taint must not reach

.open()Sink

Signature

dbm.open(file, flag='r', mode=0o666) -> dbm

Opens a DBM database. Finding on untrusted files (dbm.dumb is especially unsafe).

tracks:0

Fully-Qualified Names

FQN	Field
dbm	fqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

Import

rule.py

from codepathfinder.go_rule import PyDbm

← PreviousPyCsv

Next →PyDefusedXml