Mercurial Repositories > eric / annotate

eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityNodeVisitor.py@cd41c844862f (annotated)

eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityNodeVisitor.py

Fri, 22 Jan 2021 16:48:43 +0100

author
Detlev Offenbach <detlev@die-offenbachs.de>
date
Fri, 22 Jan 2021 16:48:43 +0100
changeset 7998
cd41c844862f
parent 7973
e836d196e888
child 8207
d359172d11be
permissions
-rw-r--r--

Editor
- added functionality to insert docstring templates via the context menu (cursor placed on first line of function definition) or after entering the docstring start string (e.g. """ for Python)

7612
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
1 # -*- coding: utf-8 -*-
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
2
7923
91e843545d9a Updated copyright for 2021.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7651
diff changeset
3 # Copyright (c) 2020 - 2021 Detlev Offenbach <detlev@die-offenbachs.de>
7612
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
4 #
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
5
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
6 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
7 Module implementing an AST node visitor for security checks.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
8 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
9
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
10 import ast
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
11
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
12 from . import SecurityUtils
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
13 from .SecurityContext import SecurityContext
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
14
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
15
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
16 class SecurityNodeVisitor(object):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
17 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
18 Class implementing an AST node visitor for security checks.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
19 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
20 def __init__(self, checker, secCheckers, filename):
7613
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
21 """
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
22 Constructor
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
23
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
24 @param checker reference to the main security checker object
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
25 @type SecurityChecker
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
26 @param secCheckers dictionary containing the available checker routines
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
27 @type dict
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
28 @param filename name of the checked file
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
29 @type str
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
30 """
7612
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
31 self.__checker = checker
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
32 self.__securityCheckers = secCheckers
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
33
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
34 self.seen = 0
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
35 self.depth = 0
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
36 self.filename = filename
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
37 self.imports = set()
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
38 self.import_aliases = {}
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
39
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
40 # in some cases we can't determine a qualified name
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
41 try:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
42 self.namespace = SecurityUtils.getModuleQualnameFromPath(filename)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
43 except SecurityUtils.InvalidModulePath:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
44 self.namespace = ""
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
45
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
46 def __runChecks(self, checkType):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
47 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
48 Private method to run all enabled checks for a given check type.
7613
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
49
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
50 @param checkType type of checks to be run
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
51 @type str
7612
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
52 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
53 if checkType in self.__securityCheckers:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
54 for check in self.__securityCheckers[checkType]:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
55 check(self.__checker.reportError,
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
56 SecurityContext(self.__context),
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
57 self.__checker.getConfig())
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
58
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
59 def visit_ClassDef(self, node):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
60 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
61 Public method defining a visitor for AST ClassDef nodes.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
62
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
63 Add class name to current namespace for all descendants.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
64
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
65 @param node reference to the node being inspected
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
66 @type ast.ClassDef
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
67 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
68 # For all child nodes, add this class name to current namespace
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
69 self.namespace = SecurityUtils.namespacePathJoin(
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
70 self.namespace, node.name)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
71
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
72 def visit_FunctionDef(self, node):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
73 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
74 Public method defining a visitor for AST FunctionDef nodes.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
75
7651
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
76 @param node reference to the node being inspected
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
77 @type ast.FunctionDef
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
78 """
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
79 self.__visitFunctionDefinition(node)
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
80
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
81 def visit_AsyncFunctionDef(self, node):
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
82 """
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
83 Public method defining a visitor for AST AsyncFunctionDef nodes.
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
84
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
85 @param node reference to the node being inspected
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
86 @type ast.AsyncFunctionDef
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
87 """
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
88 self.__visitFunctionDefinition(node)
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
89
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
90 def __visitFunctionDefinition(self, node):
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
91 """
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
92 Private method defining a visitor for AST FunctionDef and
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
93 AsyncFunctionDef nodes.
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
94
7612
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
95 Add relevant information about the node to the context for use in tests
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
96 which inspect function definitions. Add the function name to the
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
97 current namespace for all descendants.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
98
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
99 @param node reference to the node being inspected
7651
ca87b7490449 Code Style Checker: updated the return style checker.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7613
diff changeset
100 @type ast.FunctionDef, ast.AsyncFunctionDef
7612
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
101 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
102 self.__context['function'] = node
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
103 qualname = SecurityUtils.namespacePathJoin(self.namespace, node.name)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
104 name = qualname.split('.')[-1]
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
105 self.__context['qualname'] = qualname
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
106 self.__context['name'] = name
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
107
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
108 # For all child nodes and any tests run, add this function name to
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
109 # current namespace
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
110 self.namespace = SecurityUtils.namespacePathJoin(
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
111 self.namespace, node.name)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
112
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
113 self.__runChecks("FunctionDef")
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
114
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
115 def visit_Call(self, node):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
116 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
117 Public method defining a visitor for AST Call nodes.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
118
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
119 Add relevant information about the node to the context for use in tests
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
120 which inspect function calls.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
121
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
122 @param node reference to the node being inspected
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
123 @type ast.Call
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
124 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
125 self.__context['call'] = node
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
126 qualname = SecurityUtils.getCallName(node, self.import_aliases)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
127 name = qualname.split('.')[-1]
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
128 self.__context['qualname'] = qualname
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
129 self.__context['name'] = name
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
130 self.__runChecks("Call")
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
131
7613
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
132 def visit_Import(self, node):
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
133 """
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
134 Public method defining a visitor for AST Import nodes.
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
135
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
136 @param node reference to the node being inspected
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
137 @type ast.Import
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
138 """
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
139 for nodename in node.names:
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
140 if nodename.asname:
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
141 self.import_aliases[nodename.asname] = nodename.name
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
142 self.imports.add(nodename.name)
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
143 self.__context['module'] = nodename.name
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
144 self.__runChecks("Import")
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
145
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
146 def visit_ImportFrom(self, node):
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
147 """
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
148 Public method defining a visitor for AST Import nodes.
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
149
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
150 This adds relevant information about the node to
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
151 the context for use in tests which inspect imports.
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
152
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
153 @param node reference to the node being inspected
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
154 @type ast.ImportFrom
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
155 """
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
156 module = node.module
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
157 if module is None:
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
158 self.visit_Import(node)
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
159 return
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
160
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
161 for nodename in node.names:
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
162 if nodename.asname:
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
163 self.import_aliases[nodename.asname] = (
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
164 module + "." + nodename.name
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
165 )
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
166 else:
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
167 # Even if import is not aliased we need an entry that maps
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
168 # name to module.name. For example, with 'from a import b'
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
169 # b should be aliased to the qualified name a.b
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
170 self.import_aliases[nodename.name] = (
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
171 module + '.' + nodename.name)
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
172 self.imports.add(module + "." + nodename.name)
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
173 self.__context['module'] = module
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
174 self.__context['name'] = nodename.name
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
175 self.__runChecks("ImportFrom")
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
176
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
177 def visit_Constant(self, node):
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
178 """
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
179 Public method defining a visitor for Constant nodes.
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
180
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
181 This calls the appropriate method for the node type.
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
182 It maintains compatibility with <3.6 and 3.8+
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
183
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
184 @param node reference to the node being inspected
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
185 @type ast.Constant
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
186 """
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
187 if isinstance(node.value, str):
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
188 self.visit_Str(node)
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
189 elif isinstance(node.value, bytes):
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
190 self.visit_Bytes(node)
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
191
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
192 def visit_Str(self, node):
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
193 """
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
194 Public method defining a visitor for String nodes.
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
195
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
196 This adds relevant information about node to
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
197 the context for use in tests which inspect strings.
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
198
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
199 @param node reference to the node being inspected
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
200 @type ast.Str
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
201 """
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
202 self.__context['str'] = node.s
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
203 if not isinstance(node._securityParent, ast.Expr): # docstring
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
204 self.__context['linerange'] = SecurityUtils.linerange_fix(
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
205 node._securityParent
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
206 )
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
207 self.__runChecks("Str")
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
208
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
209 def visit_Bytes(self, node):
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
210 """
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
211 Public method defining a visitor for Bytes nodes.
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
212
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
213 This adds relevant information about node to
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
214 the context for use in tests which inspect strings.
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
215
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
216 @param node reference to the node being inspected
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
217 @type ast.Bytes
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
218 """
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
219 self.__context['bytes'] = node.s
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
220 if not isinstance(node._securityParent, ast.Expr): # docstring
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
221 self.__context['linerange'] = SecurityUtils.linerange_fix(
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
222 node._securityParent
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
223 )
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
224 self.__runChecks("Bytes")
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
225
7612
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
226 def __preVisit(self, node):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
227 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
228 Private method to set up a context for the visit method.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
229
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
230 @param node node to base the context on
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
231 @type ast.AST
7613
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
232 @return flag indicating to visit the node
382f89c11e27 Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 7612
diff changeset
233 @rtype bool
7612
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
234 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
235 self.__context = {}
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
236 self.__context['imports'] = self.imports
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
237 self.__context['import_aliases'] = self.import_aliases
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
238
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
239 if hasattr(node, 'lineno'):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
240 self.__context['lineno'] = node.lineno
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
241
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
242 self.__context['node'] = node
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
243 self.__context['linerange'] = SecurityUtils.linerange_fix(node)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
244 self.__context['filename'] = self.filename
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
245
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
246 self.seen += 1
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
247 self.depth += 1
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
248
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
249 return True
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
250
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
251 def visit(self, node):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
252 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
253 Public method to inspected an AST node.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
254
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
255 @param node AST node to be inspected
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
256 @type ast.AST
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
257 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
258 name = node.__class__.__name__
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
259 method = 'visit_' + name
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
260 visitor = getattr(self, method, None)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
261 if visitor is not None:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
262 visitor(node)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
263 else:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
264 self.__runChecks(name)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
265
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
266 def __postVisit(self, node):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
267 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
268 Private method to clean up after a node was visited.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
269
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
270 @param node AST node that was visited
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
271 @type ast.AST
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
272 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
273 self.depth -= 1
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
274 # Clean up post-recursion stuff that gets setup in the visit methods
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
275 # for these node types.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
276 if isinstance(node, (ast.FunctionDef, ast.ClassDef)):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
277 self.namespace = SecurityUtils.namespacePathSplit(
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
278 self.namespace)[0]
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
279
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
280 def generic_visit(self, node):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
281 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
282 Public method to drive the node visitor.
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
283
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
284 @param node node to be inspected
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
285 @type ast.AST
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
286 """
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
287 for _, value in ast.iter_fields(node):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
288 if isinstance(value, list):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
289 maxIndex = len(value) - 1
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
290 for index, item in enumerate(value):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
291 if isinstance(item, ast.AST):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
292 if index < maxIndex:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
293 item._securitySibling = value[index + 1]
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
294 else:
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
295 item._securitySibling = None
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
296 item._securityParent = node
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
297
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
298 if self.__preVisit(item):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
299 self.visit(item)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
300 self.generic_visit(item)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
301 self.__postVisit(item)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
302
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
303 elif isinstance(value, ast.AST):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
304 value._securitySibling = None
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
305 value._securityParent = node
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
306 if self.__preVisit(value):
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
307 self.visit(value)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
308 self.generic_visit(value)
ca1ce1e0fcff Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
309 self.__postVisit(value)

Mercurial Repository: eric

eric ide

mercurial