sdk/python/Deserialization/PyShelve

PyShelve

The shelve module persists arbitrary Python objects — backed by pickle under the hood. shelve.open() on untrusted files is a deserialization sink (RCE via pickle's __reduce__).

1 sink

Taint flow0 sources → 1 sink

Sinks — dangerous call

.open()Opens a shelf (pickle-backed dict)

Sinks

— dangerous functions taint must not reach

.open()Sink

Signature

shelve.open(filename, flag='c', protocol=None, writeback=False) -> Shelf

Opens a shelf (pickle-backed dict). Deserialization sink on untrusted files.

tracks:0

Fully-Qualified Names

FQN	Field
shelve	fqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

Import

rule.py

from codepathfinder.go_rule import PyShelve

← PreviousPyPyexpat

Next →PySimplejson