Mercurial Repositories > eric / file diff

--- a/src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/prohibitedCalls.py	Sun Feb 16 11:26:03 2025 +0100
+++ b/src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/prohibitedCalls.py	Sun Feb 16 12:10:10 2025 +0100
@@ -17,7 +17,6 @@
 
 import ast
 import fnmatch
-import sys
 
 import AstUtilities
 
@@ -27,9 +26,6 @@
             "pickle.loads",
             "pickle.load",
             "pickle.Unpickler",
-            "cPickle.loads",
-            "cPickle.load",
-            "cPickle.Unpickler",
             "dill.loads",
             "dill.load",
             "dill.Unpickler",
@@ -44,42 +40,21 @@
     ),
     "S302": (["marshal.load", "marshal.loads"], "M"),
 }
-if sys.version_info >= (3, 9):
-    _prohibitedCalls["S303"] = (
-        [
-            "Crypto.Hash.MD2.new",
-            "Crypto.Hash.MD4.new",
-            "Crypto.Hash.MD5.new",
-            "Crypto.Hash.SHA.new",
-            "Cryptodome.Hash.MD2.new",
-            "Cryptodome.Hash.MD4.new",
-            "Cryptodome.Hash.MD5.new",
-            "Cryptodome.Hash.SHA.new",
-            "cryptography.hazmat.primitives.hashes.MD5",
-            "cryptography.hazmat.primitives.hashes.SHA1",
-        ],
-        "M",
-    )
-else:
-    _prohibitedCalls["S303"] = (
-        [
-            "hashlib.md4",
-            "hashlib.md5",
-            "hashlib.sha",
-            "hashlib.sha1",
-            "Crypto.Hash.MD2.new",
-            "Crypto.Hash.MD4.new",
-            "Crypto.Hash.MD5.new",
-            "Crypto.Hash.SHA.new",
-            "Cryptodome.Hash.MD2.new",
-            "Cryptodome.Hash.MD4.new",
-            "Cryptodome.Hash.MD5.new",
-            "Cryptodome.Hash.SHA.new",
-            "cryptography.hazmat.primitives.hashes.MD5",
-            "cryptography.hazmat.primitives.hashes.SHA1",
-        ],
-        "M",
-    )
+_prohibitedCalls["S303"] = (
+    [
+        "Crypto.Hash.MD2.new",
+        "Crypto.Hash.MD4.new",
+        "Crypto.Hash.MD5.new",
+        "Crypto.Hash.SHA.new",
+        "Cryptodome.Hash.MD2.new",
+        "Cryptodome.Hash.MD4.new",
+        "Cryptodome.Hash.MD5.new",
+        "Cryptodome.Hash.SHA.new",
+        "cryptography.hazmat.primitives.hashes.MD5",
+        "cryptography.hazmat.primitives.hashes.SHA1",
+    ],
+    "M",
+)
 
 _prohibitedCalls.update(
     {
@@ -97,7 +72,10 @@
                 "Cryptodome.Cipher.XOR.new",
                 "cryptography.hazmat.primitives.ciphers.algorithms.ARC4",
                 "cryptography.hazmat.primitives.ciphers.algorithms.Blowfish",
+                "cryptography.hazmat.primitives.ciphers.algorithms.CAST5",
                 "cryptography.hazmat.primitives.ciphers.algorithms.IDEA",
+                "cryptography.hazmat.primitives.ciphers.algorithms.SEED",
+                "cryptography.hazmat.primitives.ciphers.algorithms.TripleDES",
             ],
             "H",
         ),
@@ -159,19 +137,7 @@
         "S317": (["xml.sax.parse", "xml.sax.parseString", "xml.sax.make_parser"], "M"),
         "S318": (["xml.dom.minidom.parse", "xml.dom.minidom.parseString"], "M"),
         "S319": (["xml.dom.pulldom.parse", "xml.dom.pulldom.parseString"], "M"),
-        "S320": (
-            [
-                "lxml.etree.parse",
-                "lxml.etree.fromstring",
-                "lxml.etree.RestrictedElement",
-                "lxml.etree.GlobalParserTLS",
-                "lxml.etree.getDefaultParser",
-                "lxml.etree.check_docinfo",
-            ],
-            "M",
-        ),
         "S321": (["ftplib.FTP"], "H"),
-        "S322": (["input"], "H"),
         "S323": (["ssl._create_unverified_context"], "M"),
     }
 )