sdk/python/File System/PyTempfile

PyTempfile

The tempfile module. mktemp() is deprecated and insecure (race condition between filename generation and open). Use NamedTemporaryFile, mkstemp, or TemporaryDirectory which atomically create the file.

1 sink2 sanitizers

Taint flow0 sources → 2 sanitizers → 1 sink

Sanitizers — blocks taint

.mkstemp().NamedTemporaryFile()

Sinks — dangerous call

.mktemp()Returns a candidate temp file path without creating it

Sinks

— dangerous functions taint must not reach

.mktemp()Sink

Signature

tempfile.mktemp(suffix='', prefix='tmp', dir=None) -> str

Returns a candidate temp file path without creating it. Insecure (TOCTOU) — finding whenever used.

Sanitizers

— functions that neutralize taint

.mkstemp()Sanitizer

Signature

tempfile.mkstemp(suffix=None, prefix=None, dir=None, text=False) -> (fd, path)

Atomically creates a temp file and returns an open fd. Safe replacement for mktemp.

tracks:return

.NamedTemporaryFile()Sanitizer

Signature

tempfile.NamedTemporaryFile(mode='w+b', ...) -> _TemporaryFileWrapper

Context-managed temp file. Atomic creation. Safe.

tracks:return

Fully-Qualified Names

FQN	Field
tempfile	fqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

Import

rule.py

from codepathfinder.go_rule import PyTempfile

← PreviousPyShutil