Mercurial Repositories > eric / file comparison
comparison: eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/generalHardcodedPassword.py
eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/generalHardcodedPassword.py
- changeset 7622
- 384e2aa5c073
- parent 7614
- 646742c260bd
- child 7637
- c878e8255972
equal
deleted
inserted
replaced
| 7621:ffd1f00ca376 | 7622:384e2aa5c073 |
|---|---|
| 16 # | 16 # |
| 17 | 17 |
| 18 import ast | 18 import ast |
| 19 import re | 19 import re |
| 20 import sys | 20 import sys |
| 21 | |
| 22 import AstUtilities | |
| 21 | 23 |
| 22 RE_WORDS = "(pas+wo?r?d|pass(phrase)?|pwd|token|secrete?|ken+wort|geheim)" | 24 RE_WORDS = "(pas+wo?r?d|pass(phrase)?|pwd|token|secrete?|ken+wort|geheim)" |
| 23 RE_CANDIDATES = re.compile( | 25 RE_CANDIDATES = re.compile( |
| 24 '(^{0}$|_{0}_|^{0}_|_{0}$)'.format(RE_WORDS), | 26 '(^{0}$|_{0}_|^{0}_|_{0}$)'.format(RE_WORDS), |
| 25 re.IGNORECASE | 27 re.IGNORECASE |
| 79 # looks for "dict[candidate]='some_string'" | 81 # looks for "dict[candidate]='some_string'" |
| 80 # assign -> subscript -> index -> string | 82 # assign -> subscript -> index -> string |
| 81 assign = node._securityParent._securityParent._securityParent | 83 assign = node._securityParent._securityParent._securityParent |
| 82 if ( | 84 if ( |
| 83 isinstance(assign, ast.Assign) and | 85 isinstance(assign, ast.Assign) and |
| 84 isinstance(assign.value, ast.Str) | 86 AstUtilities.isString(assign.value) |
| 85 ): | 87 ): |
| 86 reportError( | 88 reportError( |
| 87 context.node.lineno - 1, | 89 context.node.lineno - 1, |
| 88 context.node.col_offset, | 90 context.node.col_offset, |
| 89 "S105", | 91 "S105", |
| 95 elif isinstance(node._securityParent, ast.Compare): | 97 elif isinstance(node._securityParent, ast.Compare): |
| 96 # looks for "candidate == 'some_string'" | 98 # looks for "candidate == 'some_string'" |
| 97 comp = node._securityParent | 99 comp = node._securityParent |
| 98 if isinstance(comp.left, ast.Name): | 100 if isinstance(comp.left, ast.Name): |
| 99 if RE_CANDIDATES.search(comp.left.id): | 101 if RE_CANDIDATES.search(comp.left.id): |
| 100 if isinstance(comp.comparators[0], ast.Str): | 102 if AstUtilities.isString(comp.comparators[0]): |
| 101 reportError( | 103 reportError( |
| 102 context.node.lineno - 1, | 104 context.node.lineno - 1, |
| 103 context.node.col_offset, | 105 context.node.col_offset, |
| 104 "S105", | 106 "S105", |
| 105 "L", | 107 "L", |
| 119 @param config dictionary with configuration data | 121 @param config dictionary with configuration data |
| 120 @type dict | 122 @type dict |
| 121 """ | 123 """ |
| 122 # looks for "function(candidate='some_string')" | 124 # looks for "function(candidate='some_string')" |
| 123 for kw in context.node.keywords: | 125 for kw in context.node.keywords: |
| 124 if isinstance(kw.value, ast.Str) and RE_CANDIDATES.search(kw.arg): | 126 if AstUtilities.isString(kw.value) and RE_CANDIDATES.search(kw.arg): |
| 125 reportError( | 127 reportError( |
| 126 context.node.lineno - 1, | 128 context.node.lineno - 1, |
| 127 context.node.col_offset, | 129 context.node.col_offset, |
| 128 "S106", | 130 "S106", |
| 129 "L", | 131 "L", |
| 155 isPy3Arg = True | 157 isPy3Arg = True |
| 156 if sys.version_info[0] > 2: | 158 if sys.version_info[0] > 2: |
| 157 isPy3Arg = isinstance(key, ast.arg) | 159 isPy3Arg = isinstance(key, ast.arg) |
| 158 if isinstance(key, ast.Name) or isPy3Arg: | 160 if isinstance(key, ast.Name) or isPy3Arg: |
| 159 check = key.arg if sys.version_info[0] > 2 else key.id # Py3 | 161 check = key.arg if sys.version_info[0] > 2 else key.id # Py3 |
| 160 if isinstance(val, ast.Str) and RE_CANDIDATES.search(check): | 162 if AstUtilities.isString(val) and RE_CANDIDATES.search(check): |
| 161 reportError( | 163 reportError( |
| 162 context.node.lineno - 1, | 164 context.node.lineno - 1, |
| 163 context.node.col_offset, | 165 context.node.col_offset, |
| 164 "S107", | 166 "S107", |
| 165 "L", | 167 "L", |
