sdk/python/Deserialization/PyPyasn1

PyPyasn1

pyasn1 decodes ASN.1 structures. der_decoder.decode() on untrusted DER bytes can trigger denial-of-service via deep nesting. Typically used in certificate / LDAP contexts.

1 sink

Taint flow0 sources → 1 sink

Sinks — dangerous call

.der_decoder.decode()Decodes DER bytes

Sinks

— dangerous functions taint must not reach

.der_decoder.decode()Sink

Signature

pyasn1.codec.der.decoder.decode(substrate, asn1Spec=None, ...) -> (value, rest)

Decodes DER bytes. Sink for malformed / nested input (DoS).

tracks:0

Fully-Qualified Names

FQN	Field
pyasn1	fqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

Import

rule.py

from codepathfinder.go_rule import PyPyasn1

← PreviousPyPlistlib

Next →PyPyexpat