Mercurial Repositories > eric / file comparison
comparison: src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/yamlLoad.py
src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/yamlLoad.py
- branch
- eric7
- changeset 9221
- bf71ee032bb4
- parent 9209
- b99e7fd55fd3
- child 9325
- 8157eb19aba5
equal
deleted
inserted
replaced
| 9220:e9e7eca7efee | 9221:bf71ee032bb4 |
|---|---|
| 17 | 17 |
| 18 | 18 |
| 19 def getChecks(): | 19 def getChecks(): |
| 20 """ | 20 """ |
| 21 Public method to get a dictionary with checks handled by this module. | 21 Public method to get a dictionary with checks handled by this module. |
| 22 | 22 |
| 23 @return dictionary containing checker lists containing checker function and | 23 @return dictionary containing checker lists containing checker function and |
| 24 list of codes | 24 list of codes |
| 25 @rtype dict | 25 @rtype dict |
| 26 """ | 26 """ |
| 27 return { | 27 return { |
| 32 | 32 |
| 33 | 33 |
| 34 def checkYamlLoad(reportError, context, config): | 34 def checkYamlLoad(reportError, context, config): |
| 35 """ | 35 """ |
| 36 Function to check for the use of of yaml load functions. | 36 Function to check for the use of of yaml load functions. |
| 37 | 37 |
| 38 @param reportError function to be used to report errors | 38 @param reportError function to be used to report errors |
| 39 @type func | 39 @type func |
| 40 @param context security context object | 40 @param context security context object |
| 41 @type SecurityContext | 41 @type SecurityContext |
| 42 @param config dictionary with configuration data | 42 @param config dictionary with configuration data |
| 43 @type dict | 43 @type dict |
| 44 """ | 44 """ |
| 45 imported = context.isModuleImportedExact('yaml') | 45 imported = context.isModuleImportedExact("yaml") |
| 46 qualname = context.callFunctionNameQual | 46 qualname = context.callFunctionNameQual |
| 47 if not imported and isinstance(qualname, str): | 47 if not imported and isinstance(qualname, str): |
| 48 return | 48 return |
| 49 | 49 |
| 50 qualnameList = qualname.split('.') | 50 qualnameList = qualname.split(".") |
| 51 func = qualnameList[-1] | 51 func = qualnameList[-1] |
| 52 if all([ | 52 if all( |
| 53 'yaml' in qualnameList, | 53 [ |
| 54 func == 'load', | 54 "yaml" in qualnameList, |
| 55 not context.checkCallArgValue('Loader', 'SafeLoader'), | 55 func == "load", |
| 56 not context.checkCallArgValue('Loader', 'CSafeLoader'), | 56 not context.checkCallArgValue("Loader", "SafeLoader"), |
| 57 ]): | 57 not context.checkCallArgValue("Loader", "CSafeLoader"), |
| 58 reportError( | 58 ] |
| 59 context.node.lineno - 1, | 59 ): |
| 60 context.node.col_offset, | 60 reportError(context.node.lineno - 1, context.node.col_offset, "S506", "M", "H") |
| 61 "S506", | |
| 62 "M", | |
| 63 "H" | |
| 64 ) |
