Tainting¶
Some times you need to register a handle for your thread to monitor whether some values have been used or not. All interactions with this variable will infect your source, so you need a way to find them and elliminate them. Satella’s tainting is at your disposal.
Warning
Tainting won’t work correctly on earlier versions than Python 3.7 due to the fact that per-opcode tracing was added there.
-
class
satella.debug.TaintingEnvironment¶ A round of tainting. Taints will be invalidated at the end. Basically any Python opcode that relates to tainting will be tainted itself.
As an added extra, function values will be tainted as well if at least one of the parameters has been tainted
Use like this:
>>> with TaintingEnvironment() as env: >>> a = taint(a) >>> b = a + 5 >>> ...
Warning
Using environment tainting will slow down your Python scripts since they install a per opcode handler.
Warning
Using functions that take at least one tainted argument is supposed to return a tainted result, but I couldn’t get that shipped in time at this involved some serious tweaking with the Python bytecode.
-
static
get_session_in_progress() → satella.debug.tainting.environment.TaintingEnvironment¶ Obtain current tainting session in progress
Raises: RuntimeError – no tainting session started yet
-
get_tainted_variables() → Iterator[T]¶ Return all, of the tainted variables
-
static
-
satella.debug.taint(v: T) → satella.debug.tainting.tainteds.TaintedObject[~T][T]¶ Taints the object if necessary. If already tainted will leave it as is
Raises: RuntimeError – no tainting session in progress
-
satella.debug.access_tainted(v: Union[T, satella.debug.tainting.tainteds.TaintedObject[~T][T]]) → T¶ If v is tainted, this will extract it’s value.
If it is not, v will be returned
There is a class that is a thin proxy at the objects that you taint, namely:
-
class
satella.debug.TaintedObject(v: T)¶
This works rather similar to satella.coding.structures.Proxy.