Mercurial Repositories > eric / file comparison
comparison: eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionWildcard.py
eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionWildcard.py
- changeset 8259
- 2bbec88047dd
- parent 8222
- 5994b80b8760
equal
deleted
inserted
replaced
| 8258:82b608e352ec | 8259:2bbec88047dd |
|---|---|
| 42 @param context security context object | 42 @param context security context object |
| 43 @type SecurityContext | 43 @type SecurityContext |
| 44 @param config dictionary with configuration data | 44 @param config dictionary with configuration data |
| 45 @type dict | 45 @type dict |
| 46 """ | 46 """ |
| 47 if config and "shell_injection_subprocess" in config: | 47 subProcessFunctionNames = ( |
| 48 subProcessFunctionNames = config["shell_injection_subprocess"] | 48 config["shell_injection_subprocess"] |
| 49 else: | 49 if config and "shell_injection_subprocess" in config else |
| 50 subProcessFunctionNames = SecurityDefaults[ | 50 SecurityDefaults["shell_injection_subprocess"] |
| 51 "shell_injection_subprocess"] | 51 ) |
| 52 | 52 |
| 53 if config and "shell_injection_shell" in config: | 53 shellFunctionNames = ( |
| 54 shellFunctionNames = config["shell_injection_shell"] | 54 config["shell_injection_shell"] |
| 55 else: | 55 if config and "shell_injection_shell" in config else |
| 56 shellFunctionNames = SecurityDefaults["shell_injection_shell"] | 56 SecurityDefaults["shell_injection_shell"] |
| 57 ) | |
| 57 | 58 |
| 58 vulnerableFunctions = ['chown', 'chmod', 'tar', 'rsync'] | 59 vulnerableFunctions = ['chown', 'chmod', 'tar', 'rsync'] |
| 59 if ( | 60 if ( |
| 60 (context.callFunctionNameQual in shellFunctionNames or | 61 (context.callFunctionNameQual in shellFunctionNames or |
| 61 (context.callFunctionNameQual in subProcessFunctionNames and | 62 (context.callFunctionNameQual in subProcessFunctionNames and |
