Mercurial Repositories > eric / file comparison
comparison: src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionParamiko.py
src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionParamiko.py
- branch
- eric7
- changeset 9221
- bf71ee032bb4
- parent 9209
- b99e7fd55fd3
- child 9653
- e67609152c5e
equal
deleted
inserted
replaced
| 9220:e9e7eca7efee | 9221:bf71ee032bb4 |
|---|---|
| 17 | 17 |
| 18 | 18 |
| 19 def getChecks(): | 19 def getChecks(): |
| 20 """ | 20 """ |
| 21 Public method to get a dictionary with checks handled by this module. | 21 Public method to get a dictionary with checks handled by this module. |
| 22 | 22 |
| 23 @return dictionary containing checker lists containing checker function and | 23 @return dictionary containing checker lists containing checker function and |
| 24 list of codes | 24 list of codes |
| 25 @rtype dict | 25 @rtype dict |
| 26 """ | 26 """ |
| 27 return { | 27 return { |
| 32 | 32 |
| 33 | 33 |
| 34 def checkParamikoCalls(reportError, context, config): | 34 def checkParamikoCalls(reportError, context, config): |
| 35 """ | 35 """ |
| 36 Function to check for shell injection within Paramiko. | 36 Function to check for shell injection within Paramiko. |
| 37 | 37 |
| 38 @param reportError function to be used to report errors | 38 @param reportError function to be used to report errors |
| 39 @type func | 39 @type func |
| 40 @param context security context object | 40 @param context security context object |
| 41 @type SecurityContext | 41 @type SecurityContext |
| 42 @param config dictionary with configuration data | 42 @param config dictionary with configuration data |
| 43 @type dict | 43 @type dict |
| 44 """ | 44 """ |
| 45 for module in ['paramiko']: | 45 for module in ["paramiko"]: |
| 46 if ( | 46 if context.isModuleImportedLike(module) and context.callFunctionName in [ |
| 47 context.isModuleImportedLike(module) and | 47 "exec_command" |
| 48 context.callFunctionName in ['exec_command'] | 48 ]: |
| 49 ): | |
| 50 reportError( | 49 reportError( |
| 51 context.node.lineno - 1, | 50 context.node.lineno - 1, |
| 52 context.node.col_offset, | 51 context.node.col_offset, |
| 53 "S601", | 52 "S601", |
| 54 "M", | 53 "M", |
