Mercurial Repositories > eric / annotate

src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/sshNoHostKeyVerification.py@d1c6608155ef (annotated)

src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/sshNoHostKeyVerification.py

Tue, 16 Jan 2024 18:24:06 +0100

author
Detlev Offenbach <detlev@die-offenbachs.de>
date
Tue, 16 Jan 2024 18:24:06 +0100
branch
eric7
changeset 10507
d1c6608155ef
parent 10439
21c28b0f9e41
child 10638
12558008c269
permissions
-rw-r--r--

Code Style Checker
- Updated the 'Security' checkers to support more cases.

7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
1 # -*- coding: utf-8 -*-
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
2
10439
21c28b0f9e41 Updated copyright for 2024.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10069
diff changeset
3 # Copyright (c) 2020 - 2024 Detlev Offenbach <detlev@die-offenbachs.de>
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
4 #
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
5
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
6 """
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
7 Module implementing a check for use of mako templates.
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
8 """
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
9
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
10 #
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
11 # This is a modified version of the one found in the bandit package.
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
12 #
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
13 # Original Copyright 2014 Hewlett-Packard Development Company, L.P.
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
14 #
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
15 # SPDX-License-Identifier: Apache-2.0
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
16 #
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
17
10507
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
18 import ast
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
19
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
20
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
21 def getChecks():
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
22 """
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
23 Public method to get a dictionary with checks handled by this module.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
24
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
25 @return dictionary containing checker lists containing checker function and
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
26 list of codes
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
27 @rtype dict
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
28 """
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
29 return {
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
30 "Call": [
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
31 (checkSshNoHostKeyVerification, ("S507",)),
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
32 ],
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
33 }
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
34
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
35
10069
435cc5875135 Corrected and checked some code style issues (unused function arguments).
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9653
diff changeset
36 def checkSshNoHostKeyVerification(reportError, context, config): # noqa: U100
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
37 """
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
38 Function to check for use of mako templates.
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
39
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
40 @param reportError function to be used to report errors
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
41 @type func
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
42 @param context security context object
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
43 @type SecurityContext
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
44 @param config dictionary with configuration data
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
45 @type dict
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
46 """
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
47 if (
9221
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
48 context.isModuleImportedLike("paramiko")
bf71ee032bb4 Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 9209
diff changeset
49 and context.callFunctionName == "set_missing_host_key_policy"
10507
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
50 and context.node.args
7615
ca2949b1a29a Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff changeset
51 ):
10507
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
52 policyArgument = context.node.args[0]
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
53
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
54 policyArgumentValue = None
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
55 if isinstance(policyArgument, ast.Attribute):
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
56 policyArgumentValue = policyArgument.attr
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
57 elif isinstance(policyArgument, ast.Call):
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
58 policyArgumentValue = policyArgument.func.attr
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
59
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
60 if policyArgumentValue in ["AutoAddPolicy", "WarningPolicy"]:
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
61 reportError(
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
62 context.node.lineno - 1,
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
63 context.node.col_offset,
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
64 "S507",
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
65 "H",
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
66 "M",
d1c6608155ef Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents: 10439
diff changeset
67 )

Mercurial Repository: eric

eric ide

mercurial