Mercurial Repositories > eric / file comparison

comparison: src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityChecker.py

src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/SecurityChecker.py

branch
eric7
changeset 11147
dee6e106b4d3
parent 11145
d328a7b74fd8
child 11150
73d80859079c
equal deleted inserted replaced
11146:59e04f7003e9 11147:dee6e106b4d3
19 Class implementing a checker for security issues. 19 Class implementing a checker for security issues.
20 """ 20 """
21 21
22 Codes = [ 22 Codes = [
23 # assert used 23 # assert used
24 "S101", 24 "S-101",
25 # exec used 25 # exec used
26 "S102", 26 "S-102",
27 # bad file permissions 27 # bad file permissions
28 "S103", 28 "S-103",
29 # bind to all interfaces 29 # bind to all interfaces
30 "S104", 30 "S-104",
31 # hardcoded passwords 31 # hardcoded passwords
32 "S105", 32 "S-105",
33 "S106", 33 "S-106",
34 "S107" 34 "S-107"
35 # hardcoded tmp directory 35 # hardcoded tmp directory
36 "S108", 36 "S-108",
37 # try-except 37 # try-except
38 "S110", 38 "S-110",
39 "S112", 39 "S-112",
40 # flask app 40 # flask app
41 "S201", 41 "S-201",
42 # insecure function calls (prohibited) 42 # insecure function calls (prohibited)
43 "S301", 43 "S-301",
44 "S302", 44 "S-302",
45 "S303", 45 "S-303",
46 "S304", 46 "S-304",
47 "S305", 47 "S-305",
48 "S306", 48 "S-306",
49 "S307", 49 "S-307",
50 "S308", 50 "S-308",
51 "S310", 51 "S-310",
52 "S311", 52 "S-311",
53 "S312", 53 "S-312",
54 "S313", 54 "S-313",
55 "S314", 55 "S-314",
56 "S315", 56 "S-315",
57 "S316", 57 "S-316",
58 "S317", 58 "S-317",
59 "S318", 59 "S-318",
60 "S319", 60 "S-319",
61 "S321", 61 "S-321",
62 "S323", 62 "S-323",
63 # hashlib functions 63 # hashlib functions
64 "S331", 64 "S-331",
65 "S332" 65 "S-332"
66 # insecure imports (prohibited) 66 # insecure imports (prohibited)
67 "S401", 67 "S-401",
68 "S402", 68 "S-402",
69 "S403", 69 "S-403",
70 "S404", 70 "S-404",
71 "S405", 71 "S-405",
72 "S406", 72 "S-406",
73 "S407", 73 "S-407",
74 "S408", 74 "S-408",
75 "S409", 75 "S-409",
76 "S411", 76 "S-411",
77 "S412", 77 "S-412",
78 "S413", 78 "S-413",
79 # insecure certificate usage 79 # insecure certificate usage
80 "S501", 80 "S-501",
81 # insecure SSL/TLS protocol version 81 # insecure SSL/TLS protocol version
82 "S502", 82 "S-502",
83 "S503", 83 "S-503",
84 "S504", 84 "S-504",
85 # weak cryptographic keys 85 # weak cryptographic keys
86 "S505", 86 "S-505",
87 # YAML load 87 # YAML load
88 "S506", 88 "S-506",
89 # SSH host key verification 89 # SSH host key verification
90 "S507", 90 "S-507",
91 # Shell injection 91 # Shell injection
92 "S601", 92 "S-601",
93 "S602", 93 "S-602",
94 "S603", 94 "S-603",
95 "S604", 95 "S-604",
96 "S605", 96 "S-605",
97 "S606", 97 "S-606",
98 "S607", 98 "S-607",
99 # SQL injection 99 # SQL injection
100 "S608", 100 "S-608",
101 # Wildcard injection 101 # Wildcard injection
102 "S609", 102 "S-609",
103 # Django SQL injection 103 # Django SQL injection
104 "S610", 104 "S-610",
105 "S611", 105 "S-611",
106 # insecure logging.config.listen() 106 # insecure logging.config.listen()
107 "S612", 107 "S-612",
108 "S613", 108 "S-613",
109 "S614", 109 "S-614",
110 # Jinja2 templates 110 # Jinja2 templates
111 "S701", 111 "S-701",
112 # Mako templates 112 # Mako templates
113 "S702", 113 "S-702",
114 # Django XSS vulnerability 114 # Django XSS vulnerability
115 "S703", 115 "S-703",
116 # hardcoded AWS passwords 116 # hardcoded AWS passwords
117 "S801", 117 "S-801",
118 "S802", 118 "S-802",
119 ] 119 ]
120 120
121 def __init__(self, source, filename, tree, select, ignore, expected, repeat, args): 121 def __init__(self, source, filename, tree, select, ignore, expected, repeat, args):
122 """ 122 """
123 Constructor 123 Constructor

Mercurial Repository: eric

eric ide

mercurial