Mercurial Repositories > eric / annotate
src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityUtils.py@f5631f40c4d9 (annotated)
src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityUtils.py
Mon, 04 Mar 2024 11:42:39 +0100
- author
- Detlev Offenbach <detlev@die-offenbachs.de>
- date
- Mon, 04 Mar 2024 11:42:39 +0100
- branch
- eric7
- changeset 10621
- f5631f40c4d9
- parent 10507
- d1c6608155ef
- child 11090
- f5f5f5803935
- permissions
- -rw-r--r--
Corrected some code formatting issues.
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
1 | # -*- coding: utf-8 -*- |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
2 | |
|
10439
21c28b0f9e41
Updated copyright for 2024.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10372
diff
changeset
|
3 | # Copyright (c) 2020 - 2024 Detlev Offenbach <detlev@die-offenbachs.de> |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
4 | # |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
5 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
6 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
7 | Module implementing utility functions used by the security checks. |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
8 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
9 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
10 | import ast |
|
9473
3f23dbf37dbe
Resorted the import statements using isort.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9462
diff
changeset
|
11 | import contextlib |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
12 | import os |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
13 | |
|
7622
384e2aa5c073
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7615
diff
changeset
|
14 | import AstUtilities |
|
384e2aa5c073
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7615
diff
changeset
|
15 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
16 | |
|
9272
06ed98a19b79
Changed some exception names to comply with PEP-8.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9221
diff
changeset
|
17 | class InvalidModulePathError(Exception): |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
18 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
19 | Class defining an exception for invalid module paths. |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
20 | """ |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
21 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
22 | pass |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
23 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
24 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
25 | def getModuleQualnameFromPath(path): |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
26 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
27 | Function to get the module's qualified name by analysis of the |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
28 | path. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
29 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
30 | Resolve the absolute pathname and eliminate symlinks. This could result |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
31 | in an incorrect name if symlinks are used to restructure the python lib |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
32 | directory. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
33 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
34 | Starting from the right-most directory component look for __init__.py |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
35 | in the directory component. If it exists then the directory name is |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
36 | part of the module name. Move left to the subsequent directory |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
37 | components until a directory is found without __init__.py. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
38 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
39 | @param path path of the module to be analyzed |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
40 | @type str |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
41 | @return qualified name of the module |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
42 | @rtype str |
|
9272
06ed98a19b79
Changed some exception names to comply with PEP-8.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9221
diff
changeset
|
43 | @exception InvalidModulePathError raised to indicate an invalid module path |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
44 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
45 | (head, tail) = os.path.split(path) |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
46 | if head == "" or tail == "": |
|
9272
06ed98a19b79
Changed some exception names to comply with PEP-8.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9221
diff
changeset
|
47 | raise InvalidModulePathError( |
|
10372
1444b4bee64b
Fixed some code style issue related to implicitly and explicitly concatenated strings.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10169
diff
changeset
|
48 | 'Invalid python file path: "{0}" Missing path or file name'.format(path) |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
49 | ) |
|
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
50 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
51 | qname = [os.path.splitext(tail)[0]] |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
52 | while head not in ["/", ".", ""]: |
|
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
53 | if os.path.isfile(os.path.join(head, "__init__.py")): |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
54 | (head, tail) = os.path.split(head) |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
55 | qname.insert(0, tail) |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
56 | else: |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
57 | break |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
58 | |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
59 | qualname = ".".join(qname) |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
60 | return qualname |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
61 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
62 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
63 | def namespacePathJoin(namespace, name): |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
64 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
65 | Function to extend a given namespace path. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
66 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
67 | @param namespace namespace to be extended |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
68 | @type str |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
69 | @param name node name to be appended |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
70 | @type str |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
71 | @return extended namespace |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
72 | @rtype str |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
73 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
74 | return "{0}.{1}".format(namespace, name) |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
75 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
76 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
77 | def namespacePathSplit(path): |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
78 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
79 | Function to split a namespace path into a head and tail. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
80 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
81 | Tail will be the last namespace path component and head will |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
82 | be everything leading up to that in the path. This is similar to |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
83 | os.path.split. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
84 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
85 | @param path namespace path to be split |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
86 | @type str |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
87 | @return tuple containing the namespace path head and tail |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
88 | @rtype tuple of (str, str) |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
89 | """ |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
90 | return tuple(path.rsplit(".", 1)) |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
91 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
92 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
93 | def getAttrQualName(node, aliases): |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
94 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
95 | Function to get a the full name for the attribute node. |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
96 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
97 | This will resolve a pseudo-qualified name for the attribute |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
98 | rooted at node as long as all the deeper nodes are Names or |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
99 | Attributes. This will give you how the code referenced the name but |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
100 | will not tell you what the name actually refers to. If we |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
101 | encounter a node without a static name we punt with an |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
102 | empty string. If this encounters something more complex, such as |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
103 | foo.mylist[0](a,b) we just return empty string. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
104 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
105 | @param node attribute node to be treated |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
106 | @type ast.Attribute |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
107 | @param aliases dictionary of import aliases |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
108 | @type dict |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
109 | @return qualified name of the attribute |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
110 | @rtype str |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
111 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
112 | if isinstance(node, ast.Name): |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
113 | if node.id in aliases: |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
114 | return aliases[node.id] |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
115 | return node.id |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
116 | elif isinstance(node, ast.Attribute): |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
117 | name = "{0}.{1}".format(getAttrQualName(node.value, aliases), node.attr) |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
118 | if name in aliases: |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
119 | return aliases[name] |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
120 | return name |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
121 | else: |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
122 | return "" |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
123 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
124 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
125 | def getCallName(node, aliases): |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
126 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
127 | Function to extract the call name from an ast.Call node. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
128 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
129 | @param node node to extract information from |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
130 | @type ast.Call |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
131 | @param aliases dictionary of import aliases |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
132 | @type dict |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
133 | @return name of the ast.Call node |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
134 | @rtype str |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
135 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
136 | if isinstance(node.func, ast.Name): |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
137 | if deepgetattr(node, "func.id") in aliases: |
|
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
138 | return aliases[deepgetattr(node, "func.id")] |
|
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
139 | return deepgetattr(node, "func.id") |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
140 | elif isinstance(node.func, ast.Attribute): |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
141 | return getAttrQualName(node.func, aliases) |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
142 | else: |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
143 | return "" |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
144 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
145 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
146 | def getQualAttr(node, aliases): |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
147 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
148 | Function to extract the qualified name from an ast.Attribute node. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
149 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
150 | @param node node to extract information from |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
151 | @type ast.Attribute |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
152 | @param aliases dictionary of import aliases |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
153 | @type dict |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
154 | @return qualified attribute name |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
155 | @rtype str |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
156 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
157 | prefix = "" |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
158 | if isinstance(node, ast.Attribute): |
|
9462
e65379fdbd97
Changed code to resolve or acknowledge some potential security issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9272
diff
changeset
|
159 | with contextlib.suppress(AttributeError): |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
160 | val = deepgetattr(node, "value.id") |
|
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
161 | prefix = aliases[val] if val in aliases else deepgetattr(node, "value.id") |
|
8243
cc717c2ae956
Applied some more code simplifications suggested by the new Simplify checker (Y105: use contextlib.suppress) (batch 2).
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
8205
diff
changeset
|
162 | # Id we can't get the fully qualified name for an attr, just return |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
163 | # its base name. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
164 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
165 | return "{0}.{1}".format(prefix, node.attr) |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
166 | else: |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
167 | return "" |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
168 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
169 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
170 | def deepgetattr(obj, attr): |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
171 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
172 | Function to recurs through an attribute chain to get the ultimate value. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
173 | |
|
7613
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7612
diff
changeset
|
174 | @param obj reference to the object to be recursed |
|
382f89c11e27
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7612
diff
changeset
|
175 | @type ast.Name or ast.Attribute |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
176 | @param attr attribute chain to be parsed |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
177 | @type ast.Attribute |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
178 | @return ultimate value |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
179 | @rtype ast.AST |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
180 | """ |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
181 | for key in attr.split("."): |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
182 | obj = getattr(obj, key) |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
183 | return obj |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
184 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
185 | |
|
10507
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
186 | def calcLineRange(node): |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
187 | """ |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
188 | Function to calculate the line range for a subtree. |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
189 | |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
190 | @param node node to calculate the line range for |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
191 | @type ast.AST |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
192 | @return tuple containing the start and end line of the subtree |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
193 | @rtype tuple of (int, int) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
194 | """ |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
195 | if hasattr(node, "_securityLineRange"): |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
196 | return node._securityLineRange |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
197 | |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
198 | lines_min = 9999999999 |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
199 | lines_max = -1 |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
200 | if hasattr(node, "lineno"): |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
201 | lines_min = node.lineno |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
202 | lines_max = node.lineno |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
203 | for n in ast.iter_child_nodes(node): |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
204 | lines_minmax = calcLineRange(n) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
205 | lines_min = min(lines_min, lines_minmax[0]) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
206 | lines_max = max(lines_max, lines_minmax[1]) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
207 | |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
208 | node._securityLineRange = (lines_min, lines_max) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
209 | |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
210 | return (lines_min, lines_max) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
211 | |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
212 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
213 | def linerange(node): |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
214 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
215 | Function to get line number range from a node. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
216 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
217 | @param node node to extract a line range from |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
218 | @type ast.AST |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
219 | @return list containing the line number range |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
220 | @rtype list of int |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
221 | """ |
|
10507
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
222 | if hasattr(node, "lineno") and hasattr(node, "end_lineno"): |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
223 | return list(range(node.lineno, node.end_lineno + 1)) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
224 | else: |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
225 | if hasattr(node, "_securityLineRangeStripped"): |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
226 | lines_minmax = node._securityLineRangeStripped |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
227 | return list(range(lines_minmax[0], lines_minmax[1] + 1)) |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
228 | |
|
10507
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
229 | strip = { |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
230 | "body": None, |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
231 | "orelse": None, |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
232 | "handlers": None, |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
233 | "finalbody": None, |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
234 | } |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
235 | for key in strip: |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
236 | if hasattr(node, key): |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
237 | strip[key] = getattr(node, key) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
238 | setattr(node, key, []) |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
239 | |
|
10507
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
240 | lines_min = 9999999999 |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
241 | lines_max = -1 |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
242 | if hasattr(node, "lineno"): |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
243 | lines_min = node.lineno |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
244 | lines_max = node.lineno |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
245 | for n in ast.iter_child_nodes(node): |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
246 | lines_minmax = calcLineRange(n) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
247 | lines_min = min(lines_min, lines_minmax[0]) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
248 | lines_max = max(lines_max, lines_minmax[1]) |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
249 | |
|
10507
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
250 | for key in strip: |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
251 | if strip[key] is not None: |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
252 | setattr(node, key, strip[key]) |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
253 | |
|
10507
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
254 | if lines_max == -1: |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
255 | lines_min = 0 |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
256 | lines_max = 1 |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
257 | |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
258 | node._securityLineRangeStripped = (lines_min, lines_max) |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
259 | |
|
10507
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
260 | lines = list(range(lines_min, lines_max + 1)) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
261 | # deal with multi-line strings lineno behavior (Python issue #16806) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
262 | if hasattr(node, "_securitySibling") and hasattr( |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
263 | node._securitySibling, "lineno" |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
264 | ): |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
265 | start = min(lines) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
266 | delta = node._securitySibling.lineno - start |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
267 | if delta > 1: |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
268 | return list(range(start, node._securitySibling.lineno)) |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
269 | |
|
d1c6608155ef
Code Style Checker
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
10439
diff
changeset
|
270 | return lines |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
271 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
272 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
273 | def escapedBytesRepresentation(b): |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
274 | """ |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
275 | Function to escape bytes for comparison with other strings. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
276 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
277 | In practice it turns control characters into acceptable codepoints then |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
278 | encodes them into bytes again to turn unprintable bytes into printable |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
279 | escape sequences. |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
280 | |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
281 | This is safe to do for the whole range 0..255 and result matches |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
282 | unicode_escape on a unicode string. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
283 | |
|
7612
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
284 | @param b bytes object to be escaped |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
285 | @type bytes |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
286 | @return escaped bytes object |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
287 | @rtype bytes |
|
ca1ce1e0fcff
Code Style Checker: started to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
diff
changeset
|
288 | """ |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
289 | return b.decode("unicode_escape").encode("unicode_escape") |
|
7615
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
290 | |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
291 | |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
292 | def concatString(node, stop=None): |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
293 | """ |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
294 | Function to build a string from an ast.BinOp chain. |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
295 | |
|
10169
0f70a4ef4592
Made some modification in preparation for Python 3.12.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9653
diff
changeset
|
296 | This will build a string from a series of ast.Constant nodes |
|
7622
384e2aa5c073
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7615
diff
changeset
|
297 | wrapped in ast.BinOp nodes. Something like "a" + "b" + "c" or "a %s" % val |
|
384e2aa5c073
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7615
diff
changeset
|
298 | etc. The provided node can be any participant in the BinOp chain. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
299 | |
|
7615
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
300 | @param node node to be processed |
|
10169
0f70a4ef4592
Made some modification in preparation for Python 3.12.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9653
diff
changeset
|
301 | @type ast.BinOp or ast.Constant |
|
7615
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
302 | @param stop base node to stop at |
|
10169
0f70a4ef4592
Made some modification in preparation for Python 3.12.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9653
diff
changeset
|
303 | @type ast.BinOp or ast.Constant |
|
7615
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
304 | @return tuple containing the root node of the expression and the string |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
305 | value |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
306 | @rtype tuple of (ast.AST, str) |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
307 | """ |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
308 | |
|
7615
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
309 | def _get(node, bits, stop=None): |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
310 | if node != stop: |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
311 | bits.append( |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
312 | _get(node.left, bits, stop) |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
313 | if isinstance(node.left, ast.BinOp) |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
314 | else node.left |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
315 | ) |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
316 | bits.append( |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
317 | _get(node.right, bits, stop) |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
318 | if isinstance(node.right, ast.BinOp) |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
319 | else node.right |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
320 | ) |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
321 | |
|
7615
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
322 | bits = [node] |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
323 | while isinstance(node._securityParent, ast.BinOp): |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
324 | node = node._securityParent |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
325 | if isinstance(node, ast.BinOp): |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
326 | _get(node, bits, stop) |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
327 | |
|
10169
0f70a4ef4592
Made some modification in preparation for Python 3.12.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9653
diff
changeset
|
328 | return (node, " ".join([x.value for x in bits if AstUtilities.isString(x)])) |
|
7615
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
329 | |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
330 | |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
331 | def getCalledName(node): |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
332 | """ |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
333 | Function to get the function name from an ast.Call node. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
334 | |
|
7615
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
335 | An ast.Call node representing a method call will present differently to one |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
336 | wrapping a function call: thing.call() vs call(). This helper will grab the |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
337 | unqualified call name correctly in either case. |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
338 | |
|
7615
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
339 | @param node reference to the call node |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
340 | @type ast.Call |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
341 | @return function name of the node |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
342 | @rtype str |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
343 | """ |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
344 | func = node.func |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
345 | try: |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
346 | return func.attr if isinstance(func, ast.Attribute) else func.id |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
347 | except AttributeError: |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
348 | return "" |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
349 | |
|
9221
bf71ee032bb4
Reformatted the source code using the 'Black' utility.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
9209
diff
changeset
|
350 | |
|
7615
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
351 | # |
|
ca2949b1a29a
Code Style Checker: continued to implement checker for security related issues.
Detlev Offenbach <detlev@die-offenbachs.de>
parents:
7613
diff
changeset
|
352 | # eflag: noqa = M601 |
