Mercurial Repositories > eric / annotate

eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityUtils.py@ca2949b1a29a (annotated)

eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityUtils.py

Wed, 10 Jun 2020 17:52:53 +0200

author
Detlev Offenbach <detlev@die-offenbachs.de>
date
Wed, 10 Jun 2020 17:52:53 +0200
changeset 7615
ca2949b1a29a
parent 7613
382f89c11e27
child 7622
384e2aa5c073
permissions
-rw-r--r--

Code Style Checker: continued to implement checker for security related issues.

7612
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
1 # -*- coding: utf-8 -*-
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
2
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
3 # Copyright (c) 2020 Detlev Offenbach <detlev@die-offenbachs.de>
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
4 #
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
5
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
6 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
7 Module implementing utility functions used by the security checks.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
8 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
9
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
10 import ast
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
11 import os
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
12
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
13
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
14 class InvalidModulePath(Exception):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
15 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
16 Class defining an exception for invalid module paths.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
17 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
18 pass
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
19
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
20
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
21 def getModuleQualnameFromPath(path):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
22 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
23 Function to get the module's qualified name by analysis of the
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
24 path.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
25
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
26 Resolve the absolute pathname and eliminate symlinks. This could result
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
27 in an incorrect name if symlinks are used to restructure the python lib
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
28 directory.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
29
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
30 Starting from the right-most directory component look for __init__.py
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
31 in the directory component. If it exists then the directory name is
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
32 part of the module name. Move left to the subsequent directory
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
33 components until a directory is found without __init__.py.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
34
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
35 @param path path of the module to be analyzed
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
36 @type str
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
37 @return qualified name of the module
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
38 @rtype str
7613
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
39 @exception InvalidModulePath raised to indicate an invalid module path
7612
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
40 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
41 (head, tail) = os.path.split(path)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
42 if head == '' or tail == '':
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
43 raise InvalidModulePath('Invalid python file path: "{0}"'
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
44 ' Missing path or file name'.format(path))
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
45
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
46 qname = [os.path.splitext(tail)[0]]
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
47 while head not in ['/', '.', '']:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
48 if os.path.isfile(os.path.join(head, '__init__.py')):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
49 (head, tail) = os.path.split(head)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
50 qname.insert(0, tail)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
51 else:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
52 break
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
53
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
54 qualname = '.'.join(qname)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
55 return qualname
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
56
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
57
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
58 def namespacePathJoin(namespace, name):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
59 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
60 Function to extend a given namespace path.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
61
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
62 @param namespace namespace to be extended
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
63 @type str
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
64 @param name node name to be appended
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
65 @type str
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
66 @return extended namespace
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
67 @rtype str
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
68 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
69 return "{0}.{1}".format(namespace, name)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
70
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
71
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
72 def namespacePathSplit(path):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
73 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
74 Function to split a namespace path into a head and tail.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
75
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
76 Tail will be the last namespace path component and head will
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
77 be everything leading up to that in the path. This is similar to
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
78 os.path.split.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
79
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
80 @param path namespace path to be split
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
81 @type str
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
82 @return tuple containing the namespace path head and tail
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
83 @rtype tuple of (str, str)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
84 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
85 return tuple(path.rsplit('.', 1))
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
86
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
87
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
88 def getAttrQualName(node, aliases):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
89 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
90 Function to get a the full name for the attribute node.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
91
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
92 This will resolve a pseudo-qualified name for the attribute
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
93 rooted at node as long as all the deeper nodes are Names or
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
94 Attributes. This will give you how the code referenced the name but
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
95 will not tell you what the name actually refers to. If we
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
96 encounter a node without a static name we punt with an
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
97 empty string. If this encounters something more complex, such as
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
98 foo.mylist[0](a,b) we just return empty string.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
99
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
100 @param node attribute node to be treated
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
101 @type ast.Attribute
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
102 @param aliases dictionary of import aliases
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
103 @type dict
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
104 @return qualified name of the attribute
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
105 @rtype str
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
106 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
107 if isinstance(node, ast.Name):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
108 if node.id in aliases:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
109 return aliases[node.id]
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
110 return node.id
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
111 elif isinstance(node, ast.Attribute):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
112 name = "{0}.{1}".format(getAttrQualName(node.value, aliases),
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
113 node.attr)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
114 if name in aliases:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
115 return aliases[name]
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
116 return name
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
117 else:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
118 return ""
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
119
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
120
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
121 def getCallName(node, aliases):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
122 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
123 Function to extract the call name from an ast.Call node.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
124
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
125 @param node node to extract information from
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
126 @type ast.Call
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
127 @param aliases dictionary of import aliases
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
128 @type dict
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
129 @return name of the ast.Call node
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
130 @rtype str
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
131 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
132 if isinstance(node.func, ast.Name):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
133 if deepgetattr(node, 'func.id') in aliases:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
134 return aliases[deepgetattr(node, 'func.id')]
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
135 return deepgetattr(node, 'func.id')
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
136 elif isinstance(node.func, ast.Attribute):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
137 return getAttrQualName(node.func, aliases)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
138 else:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
139 return ""
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
140
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
141
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
142 def getQualAttr(node, aliases):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
143 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
144 Function to extract the qualified name from an ast.Attribute node.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
145
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
146 @param node node to extract information from
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
147 @type ast.Attribute
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
148 @param aliases dictionary of import aliases
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
149 @type dict
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
150 @return qualified attribute name
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
151 @rtype str
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
152 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
153 prefix = ""
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
154 if isinstance(node, ast.Attribute):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
155 try:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
156 val = deepgetattr(node, 'value.id')
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
157 if val in aliases:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
158 prefix = aliases[val]
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
159 else:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
160 prefix = deepgetattr(node, 'value.id')
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
161 except Exception:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
162 # We can't get the fully qualified name for an attr, just return
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
163 # its base name.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
164 pass
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
165
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
166 return "{0}.{1}".format(prefix, node.attr)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
167 else:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
168 return ""
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
169
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
170
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
171 def deepgetattr(obj, attr):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
172 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
173 Function to recurs through an attribute chain to get the ultimate value.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
174
7613
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
175 @param obj reference to the object to be recursed
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
176 @type ast.Name or ast.Attribute
7612
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
177 @param attr attribute chain to be parsed
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
178 @type ast.Attribute
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
179 @return ultimate value
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
180 @rtype ast.AST
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
181 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
182 for key in attr.split('.'):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
183 obj = getattr(obj, key)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
184 return obj
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
185
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
186
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
187 def linerange(node):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
188 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
189 Function to get line number range from a node.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
190
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
191 @param node node to extract a line range from
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
192 @type ast.AST
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
193 @return list containing the line number range
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
194 @rtype list of int
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
195 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
196 strip = {"body": None, "orelse": None,
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
197 "handlers": None, "finalbody": None}
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
198 for key in strip.keys():
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
199 if hasattr(node, key):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
200 strip[key] = getattr(node, key)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
201 node.key = []
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
202
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
203 lines_min = 9999999999
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
204 lines_max = -1
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
205 for n in ast.walk(node):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
206 if hasattr(n, 'lineno'):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
207 lines_min = min(lines_min, n.lineno)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
208 lines_max = max(lines_max, n.lineno)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
209
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
210 for key in strip.keys():
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
211 if strip[key] is not None:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
212 node.key = strip[key]
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
213
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
214 if lines_max > -1:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
215 return list(range(lines_min, lines_max + 1))
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
216
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
217 return [0, 1]
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
218
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
219
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
220 def linerange_fix(node):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
221 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
222 Function to get a line number range working around a known Python bug
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
223 with multi-line strings.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
224
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
225 @param node node to extract a line range from
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
226 @type ast.AST
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
227 @return list containing the line number range
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
228 @rtype list of int
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
229 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
230 # deal with multiline strings lineno behavior (Python issue #16806)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
231 lines = linerange(node)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
232 if (
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
233 hasattr(node, '_securitySibling') and
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
234 hasattr(node._securitySibling, 'lineno')
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
235 ):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
236 start = min(lines)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
237 delta = node._securitySibling.lineno - start
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
238 if delta > 1:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
239 return list(range(start, node._securitySibling.lineno))
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
240
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
241 return lines
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
242
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
243
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
244 def escapedBytesRepresentation(b):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
245 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
246 Function to escape bytes for comparison with other strings.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
247
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
248 In practice it turns control characters into acceptable codepoints then
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
249 encodes them into bytes again to turn unprintable bytes into printable
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
250 escape sequences.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
251
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
252 This is safe to do for the whole range 0..255 and result matches
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
253 unicode_escape on a unicode string.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
254
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
255 @param b bytes object to be escaped
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
256 @type bytes
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
257 @return escaped bytes object
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
258 @rtype bytes
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
259 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
260 return b.decode('unicode_escape').encode('unicode_escape')
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
261
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
262
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
263 def concatString(node, stop=None):
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
264 """
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
265 Function to build a string from an ast.BinOp chain.
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
266
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
267 This will build a string from a series of ast.Str nodes wrapped in
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
268 ast.BinOp nodes. Something like "a" + "b" + "c" or "a %s" % val etc.
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
269 The provided node can be any participant in the BinOp chain.
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
270
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
271 @param node node to be processed
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
272 @type ast.BinOp or ast.Str
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
273 @param stop base node to stop at
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
274 @type ast.BinOp or ast.Str
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
275 @return tuple containing the root node of the expression and the string
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
276 value
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
277 @rtype tuple of (ast.AST, str)
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
278 """
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
279 def _get(node, bits, stop=None):
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
280 if node != stop:
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
281 bits.append(
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
282 _get(node.left, bits, stop)
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
283 if isinstance(node.left, ast.BinOp)
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
284 else node.left
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
285 )
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
286 bits.append(
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
287 _get(node.right, bits, stop)
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
288 if isinstance(node.right, ast.BinOp)
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
289 else node.right
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
290 )
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
291
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
292 bits = [node]
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
293 while isinstance(node._securityParent, ast.BinOp):
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
294 node = node._securityParent
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
295 if isinstance(node, ast.BinOp):
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
296 _get(node, bits, stop)
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
297
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
298 return (
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
299 node,
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
300 " ".join([x.s for x in bits if isinstance(x, ast.Str)])
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
301 )
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
302
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
303
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
304 def getCalledName(node):
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
305 """
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
306 Function to get the function name from an ast.Call node.
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
307
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
308 An ast.Call node representing a method call will present differently to one
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
309 wrapping a function call: thing.call() vs call(). This helper will grab the
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
310 unqualified call name correctly in either case.
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
311
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
312 @param node reference to the call node
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
313 @type ast.Call
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
314 @return function name of the node
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
315 @rtype str
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
316 """
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
317 func = node.func
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
318 try:
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
319 return func.attr if isinstance(func, ast.Attribute) else func.id
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
320 except AttributeError:
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
321 return ""
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
322
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
323 #
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
324 # eflag: noqa = M601

Mercurial Repository: eric

eric ide

mercurial