Mercurial Repositories > eric / file comparison

comparison: src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/blackListCalls.py

src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/blackListCalls.py

branch
eric7
changeset 9325
8157eb19aba5
parent 9221
bf71ee032bb4
child 9653
e67609152c5e
equal deleted inserted replaced
9324:7f7f3e47b238 9325:8157eb19aba5
15 # SPDX-License-Identifier: Apache-2.0 15 # SPDX-License-Identifier: Apache-2.0
16 # 16 #
17 17
18 import ast 18 import ast
19 import fnmatch 19 import fnmatch
20 import sys
20 21
21 import AstUtilities 22 import AstUtilities
22 23
23 _blacklists = { 24 _blacklists = {
24 "S301": ( 25 "S301": (
36 "shelve.DbfilenameShelf", 37 "shelve.DbfilenameShelf",
37 ], 38 ],
38 "M", 39 "M",
39 ), 40 ),
40 "S302": (["marshal.load", "marshal.loads"], "M"), 41 "S302": (["marshal.load", "marshal.loads"], "M"),
41 "S303": ( 42 }
43 if sys.version_info >= (3, 9):
44 _blacklists["S303"] = (
42 [ 45 [
46 "Crypto.Hash.MD2.new",
47 "Crypto.Hash.MD4.new",
48 "Crypto.Hash.MD5.new",
49 "Crypto.Hash.SHA.new",
50 "Cryptodome.Hash.MD2.new",
51 "Cryptodome.Hash.MD4.new",
52 "Cryptodome.Hash.MD5.new",
53 "Cryptodome.Hash.SHA.new",
54 "cryptography.hazmat.primitives.hashes.MD5",
55 "cryptography.hazmat.primitives.hashes.SHA1",
56 ],
57 "M",
58 )
59 else:
60 _blacklists["S303"] = (
61 [
62 "hashlib.md4",
43 "hashlib.md5", 63 "hashlib.md5",
64 "hashlib.sha",
44 "hashlib.sha1", 65 "hashlib.sha1",
45 "Crypto.Hash.MD2.new", 66 "Crypto.Hash.MD2.new",
46 "Crypto.Hash.MD4.new", 67 "Crypto.Hash.MD4.new",
47 "Crypto.Hash.MD5.new", 68 "Crypto.Hash.MD5.new",
48 "Crypto.Hash.SHA.new", 69 "Crypto.Hash.SHA.new",
52 "Cryptodome.Hash.SHA.new", 73 "Cryptodome.Hash.SHA.new",
53 "cryptography.hazmat.primitives.hashes.MD5", 74 "cryptography.hazmat.primitives.hashes.MD5",
54 "cryptography.hazmat.primitives.hashes.SHA1", 75 "cryptography.hazmat.primitives.hashes.SHA1",
55 ], 76 ],
56 "M", 77 "M",
57 ), 78 )
58 "S304": ( 79
59 [ 80 _blacklists.update(
60 "Crypto.Cipher.ARC2.new", 81 {
61 "Crypto.Cipher.ARC4.new", 82 "S304": (
62 "Crypto.Cipher.Blowfish.new", 83 [
63 "Crypto.Cipher.DES.new", 84 "Crypto.Cipher.ARC2.new",
64 "Crypto.Cipher.XOR.new", 85 "Crypto.Cipher.ARC4.new",
65 "Cryptodome.Cipher.ARC2.new", 86 "Crypto.Cipher.Blowfish.new",
66 "Cryptodome.Cipher.ARC4.new", 87 "Crypto.Cipher.DES.new",
67 "Cryptodome.Cipher.Blowfish.new", 88 "Crypto.Cipher.XOR.new",
68 "Cryptodome.Cipher.DES.new", 89 "Cryptodome.Cipher.ARC2.new",
69 "Cryptodome.Cipher.XOR.new", 90 "Cryptodome.Cipher.ARC4.new",
70 "cryptography.hazmat.primitives.ciphers.algorithms.ARC4", 91 "Cryptodome.Cipher.Blowfish.new",
71 "cryptography.hazmat.primitives.ciphers.algorithms.Blowfish", 92 "Cryptodome.Cipher.DES.new",
72 "cryptography.hazmat.primitives.ciphers.algorithms.IDEA", 93 "Cryptodome.Cipher.XOR.new",
73 ], 94 "cryptography.hazmat.primitives.ciphers.algorithms.ARC4",
74 "H", 95 "cryptography.hazmat.primitives.ciphers.algorithms.Blowfish",
75 ), 96 "cryptography.hazmat.primitives.ciphers.algorithms.IDEA",
76 "S305": (["cryptography.hazmat.primitives.ciphers.modes.ECB"], "M"), 97 ],
77 "S306": (["tempfile.mktemp"], "M"), 98 "H",
78 "S307": (["eval"], "M"), 99 ),
79 "S308": (["django.utils.safestring.mark_safe"], "M"), 100 "S305": (["cryptography.hazmat.primitives.ciphers.modes.ECB"], "M"),
80 "S309": ( 101 "S306": (["tempfile.mktemp"], "M"),
81 [ 102 "S307": (["eval"], "M"),
82 "httplib.HTTPSConnection", 103 "S308": (["django.utils.safestring.mark_safe"], "M"),
83 "http.client.HTTPSConnection", 104 "S309": (
84 "six.moves.http_client.HTTPSConnection", 105 [
85 ], 106 "httplib.HTTPSConnection",
86 "M", 107 "http.client.HTTPSConnection",
87 ), 108 "six.moves.http_client.HTTPSConnection",
88 "S310": ( 109 ],
89 [ 110 "M",
90 "urllib.urlopen", 111 ),
91 "urllib.request.urlopen", 112 "S310": (
92 "urllib.urlretrieve", 113 [
93 "urllib.request.urlretrieve", 114 "urllib.urlopen",
94 "urllib.URLopener", 115 "urllib.request.urlopen",
95 "urllib.request.URLopener", 116 "urllib.urlretrieve",
96 "urllib.FancyURLopener", 117 "urllib.request.urlretrieve",
97 "urllib.request.FancyURLopener", 118 "urllib.URLopener",
98 "urllib2.urlopen", 119 "urllib.request.URLopener",
99 "urllib2.Request", 120 "urllib.FancyURLopener",
100 "six.moves.urllib.request.urlopen", 121 "urllib.request.FancyURLopener",
101 "six.moves.urllib.request.urlretrieve", 122 "urllib2.urlopen",
102 "six.moves.urllib.request.URLopener", 123 "urllib2.Request",
103 "six.moves.urllib.request.FancyURLopener", 124 "six.moves.urllib.request.urlopen",
104 ], 125 "six.moves.urllib.request.urlretrieve",
105 "", 126 "six.moves.urllib.request.URLopener",
106 ), 127 "six.moves.urllib.request.FancyURLopener",
107 "S311": ( 128 ],
108 [ 129 "",
109 "random.random", 130 ),
110 "random.randrange", 131 "S311": (
111 "random.randint", 132 [
112 "random.choice", 133 "random.random",
113 "random.uniform", 134 "random.randrange",
114 "random.triangular", 135 "random.randint",
115 ], 136 "random.choice",
116 "L", 137 "random.choices",
117 ), 138 "random.uniform",
118 "S312": (["telnetlib.*"], "H"), 139 "random.triangular",
119 "S313": ( 140 ],
120 [ 141 "L",
121 "xml.etree.cElementTree.parse", 142 ),
122 "xml.etree.cElementTree.iterparse", 143 "S312": (["telnetlib.*"], "H"),
123 "xml.etree.cElementTree.fromstring", 144 "S313": (
124 "xml.etree.cElementTree.XMLParser", 145 [
125 ], 146 "xml.etree.cElementTree.parse",
126 "M", 147 "xml.etree.cElementTree.iterparse",
127 ), 148 "xml.etree.cElementTree.fromstring",
128 "S314": ( 149 "xml.etree.cElementTree.XMLParser",
129 [ 150 ],
130 "xml.etree.ElementTree.parse", 151 "M",
131 "xml.etree.ElementTree.iterparse", 152 ),
132 "xml.etree.ElementTree.fromstring", 153 "S314": (
133 "xml.etree.ElementTree.XMLParser", 154 [
134 ], 155 "xml.etree.ElementTree.parse",
135 "M", 156 "xml.etree.ElementTree.iterparse",
136 ), 157 "xml.etree.ElementTree.fromstring",
137 "S315": (["xml.sax.expatreader.create_parser"], "M"), 158 "xml.etree.ElementTree.XMLParser",
138 "S316": (["xml.dom.expatbuilder.parse", "xml.dom.expatbuilder.parseString"], "M"), 159 ],
139 "S317": (["xml.sax.parse", "xml.sax.parseString", "xml.sax.make_parser"], "M"), 160 "M",
140 "S318": (["xml.dom.minidom.parse", "xml.dom.minidom.parseString"], "M"), 161 ),
141 "S319": (["xml.dom.pulldom.parse", "xml.dom.pulldom.parseString"], "M"), 162 "S315": (["xml.sax.expatreader.create_parser"], "M"),
142 "S320": ( 163 "S316": (
143 [ 164 ["xml.dom.expatbuilder.parse", "xml.dom.expatbuilder.parseString"],
144 "lxml.etree.parse", 165 "M",
145 "lxml.etree.fromstring", 166 ),
146 "lxml.etree.RestrictedElement", 167 "S317": (["xml.sax.parse", "xml.sax.parseString", "xml.sax.make_parser"], "M"),
147 "lxml.etree.GlobalParserTLS", 168 "S318": (["xml.dom.minidom.parse", "xml.dom.minidom.parseString"], "M"),
148 "lxml.etree.getDefaultParser", 169 "S319": (["xml.dom.pulldom.parse", "xml.dom.pulldom.parseString"], "M"),
149 "lxml.etree.check_docinfo", 170 "S320": (
150 ], 171 [
151 "M", 172 "lxml.etree.parse",
152 ), 173 "lxml.etree.fromstring",
153 "S321": (["ftplib.*"], "H"), 174 "lxml.etree.RestrictedElement",
154 "S322": (["input"], "H"), 175 "lxml.etree.GlobalParserTLS",
155 "S323": (["ssl._create_unverified_context"], "M"), 176 "lxml.etree.getDefaultParser",
156 "S324": (["os.tempnam", "os.tmpnam"], "M"), 177 "lxml.etree.check_docinfo",
157 } 178 ],
179 "M",
180 ),
181 "S321": (["ftplib.*"], "H"),
182 "S322": (["input"], "H"),
183 "S323": (["ssl._create_unverified_context"], "M"),
184 "S324": (["os.tempnam", "os.tmpnam"], "M"),
185 }
186 )
158 187
159 188
160 def getChecks(): 189 def getChecks():
161 """ 190 """
162 Public method to get a dictionary with checks handled by this module. 191 Public method to get a dictionary with checks handled by this module.

Mercurial Repository: eric

eric ide

mercurial