Mercurial Repositories > eric / file comparison
comparison: src/eric7/Documentation/Source/eric7.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html
src/eric7/Documentation/Source/eric7.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell.html
- branch
- eric7
- changeset 10479
- 856476537696
- parent 9325
- 8157eb19aba5
equal
deleted
inserted
replaced
| 10478:de9106c55c3d | 10479:856476537696 |
|---|---|
| 5 <link rel="stylesheet" href="styles.css"> | 5 <link rel="stylesheet" href="styles.css"> |
| 6 </head> | 6 </head> |
| 7 <body> | 7 <body> |
| 8 <a NAME="top" ID="top"></a> | 8 <a NAME="top" ID="top"></a> |
| 9 <h1>eric7.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell</h1> | 9 <h1>eric7.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell</h1> |
| 10 | |
| 11 <p> | 10 <p> |
| 12 Module implementing a check for shell injection. | 11 Module implementing a check for shell injection. |
| 13 </p> | 12 </p> |
| 13 | |
| 14 <h3>Global Attributes</h3> | 14 <h3>Global Attributes</h3> |
| 15 | |
| 16 <table> | 15 <table> |
| 17 <tr><td>fullPathMatchRe</td></tr> | 16 <tr><td>fullPathMatchRe</td></tr> |
| 18 </table> | 17 </table> |
| 18 | |
| 19 <h3>Classes</h3> | 19 <h3>Classes</h3> |
| 20 | |
| 21 <table> | 20 <table> |
| 22 <tr><td>None</td></tr> | 21 <tr><td>None</td></tr> |
| 23 </table> | 22 </table> |
| 23 | |
| 24 <h3>Functions</h3> | 24 <h3>Functions</h3> |
| 25 | |
| 26 <table> | 25 <table> |
| 27 | |
| 28 <tr> | 26 <tr> |
| 29 <td><a href="#_evaluateShellCall">_evaluateShellCall</a></td> | 27 <td><a href="#_evaluateShellCall">_evaluateShellCall</a></td> |
| 30 <td>Function to determine the severity of a shell call.</td> | 28 <td>Function to determine the severity of a shell call.</td> |
| 31 </tr> | 29 </tr> |
| 32 <tr> | 30 <tr> |
| 60 <tr> | 58 <tr> |
| 61 <td><a href="#hasShell">hasShell</a></td> | 59 <td><a href="#hasShell">hasShell</a></td> |
| 62 <td>Function to check, if the node of the context contains the shell keyword.</td> | 60 <td>Function to check, if the node of the context contains the shell keyword.</td> |
| 63 </tr> | 61 </tr> |
| 64 </table> | 62 </table> |
| 63 | |
| 65 <hr /> | 64 <hr /> |
| 66 <hr /> | 65 <hr /> |
| 67 <a NAME="_evaluateShellCall" ID="_evaluateShellCall"></a> | 66 <a NAME="_evaluateShellCall" ID="_evaluateShellCall"></a> |
| 68 <h2>_evaluateShellCall</h2> | 67 <h2>_evaluateShellCall</h2> |
| 69 <b>_evaluateShellCall</b>(<i>context</i>) | 68 <b>_evaluateShellCall</b>(<i>context</i>) |
| 70 | |
| 71 <p> | 69 <p> |
| 72 Function to determine the severity of a shell call. | 70 Function to determine the severity of a shell call. |
| 73 </p> | 71 </p> |
| 72 | |
| 74 <dl> | 73 <dl> |
| 75 | 74 |
| 76 <dt><i>context</i> (SecurityContext)</dt> | 75 <dt><i>context</i> (SecurityContext)</dt> |
| 77 <dd> | 76 <dd> |
| 78 context to be inspected | 77 context to be inspected |
| 94 <hr /> | 93 <hr /> |
| 95 <hr /> | 94 <hr /> |
| 96 <a NAME="checkOtherFunctionWithShell" ID="checkOtherFunctionWithShell"></a> | 95 <a NAME="checkOtherFunctionWithShell" ID="checkOtherFunctionWithShell"></a> |
| 97 <h2>checkOtherFunctionWithShell</h2> | 96 <h2>checkOtherFunctionWithShell</h2> |
| 98 <b>checkOtherFunctionWithShell</b>(<i>reportError, context, config</i>) | 97 <b>checkOtherFunctionWithShell</b>(<i>reportError, context, config</i>) |
| 99 | |
| 100 <p> | 98 <p> |
| 101 Function to check for any function with shell equals true. | 99 Function to check for any function with shell equals true. |
| 102 </p> | 100 </p> |
| 101 | |
| 103 <dl> | 102 <dl> |
| 104 | 103 |
| 105 <dt><i>reportError</i> (func)</dt> | 104 <dt><i>reportError</i> (func)</dt> |
| 106 <dd> | 105 <dd> |
| 107 function to be used to report errors | 106 function to be used to report errors |
| 119 <hr /> | 118 <hr /> |
| 120 <hr /> | 119 <hr /> |
| 121 <a NAME="checkStartProcessWithNoShell" ID="checkStartProcessWithNoShell"></a> | 120 <a NAME="checkStartProcessWithNoShell" ID="checkStartProcessWithNoShell"></a> |
| 122 <h2>checkStartProcessWithNoShell</h2> | 121 <h2>checkStartProcessWithNoShell</h2> |
| 123 <b>checkStartProcessWithNoShell</b>(<i>reportError, context, config</i>) | 122 <b>checkStartProcessWithNoShell</b>(<i>reportError, context, config</i>) |
| 124 | |
| 125 <p> | 123 <p> |
| 126 Function to check for starting a process with no shell. | 124 Function to check for starting a process with no shell. |
| 127 </p> | 125 </p> |
| 126 | |
| 128 <dl> | 127 <dl> |
| 129 | 128 |
| 130 <dt><i>reportError</i> (func)</dt> | 129 <dt><i>reportError</i> (func)</dt> |
| 131 <dd> | 130 <dd> |
| 132 function to be used to report errors | 131 function to be used to report errors |
| 144 <hr /> | 143 <hr /> |
| 145 <hr /> | 144 <hr /> |
| 146 <a NAME="checkStartProcessWithPartialPath" ID="checkStartProcessWithPartialPath"></a> | 145 <a NAME="checkStartProcessWithPartialPath" ID="checkStartProcessWithPartialPath"></a> |
| 147 <h2>checkStartProcessWithPartialPath</h2> | 146 <h2>checkStartProcessWithPartialPath</h2> |
| 148 <b>checkStartProcessWithPartialPath</b>(<i>reportError, context, config</i>) | 147 <b>checkStartProcessWithPartialPath</b>(<i>reportError, context, config</i>) |
| 149 | |
| 150 <p> | 148 <p> |
| 151 Function to check for starting a process with no shell. | 149 Function to check for starting a process with no shell. |
| 152 </p> | 150 </p> |
| 151 | |
| 153 <dl> | 152 <dl> |
| 154 | 153 |
| 155 <dt><i>reportError</i> (func)</dt> | 154 <dt><i>reportError</i> (func)</dt> |
| 156 <dd> | 155 <dd> |
| 157 function to be used to report errors | 156 function to be used to report errors |
| 169 <hr /> | 168 <hr /> |
| 170 <hr /> | 169 <hr /> |
| 171 <a NAME="checkStartProcessWithShell" ID="checkStartProcessWithShell"></a> | 170 <a NAME="checkStartProcessWithShell" ID="checkStartProcessWithShell"></a> |
| 172 <h2>checkStartProcessWithShell</h2> | 171 <h2>checkStartProcessWithShell</h2> |
| 173 <b>checkStartProcessWithShell</b>(<i>reportError, context, config</i>) | 172 <b>checkStartProcessWithShell</b>(<i>reportError, context, config</i>) |
| 174 | |
| 175 <p> | 173 <p> |
| 176 Function to check for starting a process with a shell. | 174 Function to check for starting a process with a shell. |
| 177 </p> | 175 </p> |
| 176 | |
| 178 <dl> | 177 <dl> |
| 179 | 178 |
| 180 <dt><i>reportError</i> (func)</dt> | 179 <dt><i>reportError</i> (func)</dt> |
| 181 <dd> | 180 <dd> |
| 182 function to be used to report errors | 181 function to be used to report errors |
| 194 <hr /> | 193 <hr /> |
| 195 <hr /> | 194 <hr /> |
| 196 <a NAME="checkSubprocessPopenWithShell" ID="checkSubprocessPopenWithShell"></a> | 195 <a NAME="checkSubprocessPopenWithShell" ID="checkSubprocessPopenWithShell"></a> |
| 197 <h2>checkSubprocessPopenWithShell</h2> | 196 <h2>checkSubprocessPopenWithShell</h2> |
| 198 <b>checkSubprocessPopenWithShell</b>(<i>reportError, context, config</i>) | 197 <b>checkSubprocessPopenWithShell</b>(<i>reportError, context, config</i>) |
| 199 | |
| 200 <p> | 198 <p> |
| 201 Function to check for use of popen with shell equals true. | 199 Function to check for use of popen with shell equals true. |
| 202 </p> | 200 </p> |
| 201 | |
| 203 <dl> | 202 <dl> |
| 204 | 203 |
| 205 <dt><i>reportError</i> (func)</dt> | 204 <dt><i>reportError</i> (func)</dt> |
| 206 <dd> | 205 <dd> |
| 207 function to be used to report errors | 206 function to be used to report errors |
| 219 <hr /> | 218 <hr /> |
| 220 <hr /> | 219 <hr /> |
| 221 <a NAME="checkSubprocessPopenWithoutShell" ID="checkSubprocessPopenWithoutShell"></a> | 220 <a NAME="checkSubprocessPopenWithoutShell" ID="checkSubprocessPopenWithoutShell"></a> |
| 222 <h2>checkSubprocessPopenWithoutShell</h2> | 221 <h2>checkSubprocessPopenWithoutShell</h2> |
| 223 <b>checkSubprocessPopenWithoutShell</b>(<i>reportError, context, config</i>) | 222 <b>checkSubprocessPopenWithoutShell</b>(<i>reportError, context, config</i>) |
| 224 | |
| 225 <p> | 223 <p> |
| 226 Function to check for use of popen without shell equals true. | 224 Function to check for use of popen without shell equals true. |
| 227 </p> | 225 </p> |
| 226 | |
| 228 <dl> | 227 <dl> |
| 229 | 228 |
| 230 <dt><i>reportError</i> (func)</dt> | 229 <dt><i>reportError</i> (func)</dt> |
| 231 <dd> | 230 <dd> |
| 232 function to be used to report errors | 231 function to be used to report errors |
| 244 <hr /> | 243 <hr /> |
| 245 <hr /> | 244 <hr /> |
| 246 <a NAME="getChecks" ID="getChecks"></a> | 245 <a NAME="getChecks" ID="getChecks"></a> |
| 247 <h2>getChecks</h2> | 246 <h2>getChecks</h2> |
| 248 <b>getChecks</b>(<i></i>) | 247 <b>getChecks</b>(<i></i>) |
| 249 | |
| 250 <p> | 248 <p> |
| 251 Public method to get a dictionary with checks handled by this module. | 249 Public method to get a dictionary with checks handled by this module. |
| 252 </p> | 250 </p> |
| 251 | |
| 253 <dl> | 252 <dl> |
| 254 <dt>Return:</dt> | 253 <dt>Return:</dt> |
| 255 <dd> | 254 <dd> |
| 256 dictionary containing checker lists containing checker function and | 255 dictionary containing checker lists containing checker function and |
| 257 list of codes | 256 list of codes |
| 267 <hr /> | 266 <hr /> |
| 268 <hr /> | 267 <hr /> |
| 269 <a NAME="hasShell" ID="hasShell"></a> | 268 <a NAME="hasShell" ID="hasShell"></a> |
| 270 <h2>hasShell</h2> | 269 <h2>hasShell</h2> |
| 271 <b>hasShell</b>(<i>context</i>) | 270 <b>hasShell</b>(<i>context</i>) |
| 272 | |
| 273 <p> | 271 <p> |
| 274 Function to check, if the node of the context contains the shell keyword. | 272 Function to check, if the node of the context contains the shell keyword. |
| 275 </p> | 273 </p> |
| 274 | |
| 276 <dl> | 275 <dl> |
| 277 | 276 |
| 278 <dt><i>context</i> (SecurityContext)</dt> | 277 <dt><i>context</i> (SecurityContext)</dt> |
| 279 <dd> | 278 <dd> |
| 280 context to be inspected | 279 context to be inspected |
