Mercurial Repositories > eric / file comparison
comparison: src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionShell.py
src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionShell.py
- branch
- eric7
- changeset 10169
- 0f70a4ef4592
- parent 9653
- e67609152c5e
- child 10439
- 21c28b0f9e41
equal
deleted
inserted
replaced
| 10168:8312e0e76795 | 10169:0f70a4ef4592 |
|---|---|
| 78 if "shell" in context.callKeywords: | 78 if "shell" in context.callKeywords: |
| 79 for key in keywords: | 79 for key in keywords: |
| 80 if key.arg == "shell": | 80 if key.arg == "shell": |
| 81 val = key.value | 81 val = key.value |
| 82 if AstUtilities.isNumber(val): | 82 if AstUtilities.isNumber(val): |
| 83 result = bool(val.n) | 83 result = bool(val.value) |
| 84 elif isinstance(val, ast.List): | 84 elif isinstance(val, ast.List): |
| 85 result = bool(val.elts) | 85 result = bool(val.elts) |
| 86 elif isinstance(val, ast.Dict): | 86 elif isinstance(val, ast.Dict): |
| 87 result = bool(val.keys) | 87 result = bool(val.keys) |
| 88 elif isinstance(val, ast.Name) and val.id in ["False", "None"]: | 88 elif isinstance(val, ast.Name) and val.id in ["False", "None"]: |
| 287 # some calls take an arg list, check the first part | 287 # some calls take an arg list, check the first part |
| 288 if isinstance(node, ast.List): | 288 if isinstance(node, ast.List): |
| 289 node = node.elts[0] | 289 node = node.elts[0] |
| 290 | 290 |
| 291 # make sure the param is a string literal and not a var name | 291 # make sure the param is a string literal and not a var name |
| 292 if AstUtilities.isString(node) and not fullPathMatchRe.match(node.s): | 292 if AstUtilities.isString(node) and not fullPathMatchRe.match(node.value): |
| 293 reportError( | 293 reportError( |
| 294 context.node.lineno - 1, | 294 context.node.lineno - 1, |
| 295 context.node.col_offset, | 295 context.node.col_offset, |
| 296 "S607", | 296 "S607", |
| 297 "L", | 297 "L", |
