--- a/eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionWildcard.py Fri Apr 02 11:59:41 2021 +0200
+++ b/eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionWildcard.py Sat May 01 14:27:20 2021 +0200
@@ -44,49 +44,50 @@
@param config dictionary with configuration data
@type dict
"""
- if config and "shell_injection_subprocess" in config:
- subProcessFunctionNames = config["shell_injection_subprocess"]
- else:
- subProcessFunctionNames = SecurityDefaults[
- "shell_injection_subprocess"]
+ subProcessFunctionNames = (
+ config["shell_injection_subprocess"]
+ if config and "shell_injection_subprocess" in config else
+ SecurityDefaults["shell_injection_subprocess"]
+ )
- if config and "shell_injection_shell" in config:
- shellFunctionNames = config["shell_injection_shell"]
- else:
- shellFunctionNames = SecurityDefaults["shell_injection_shell"]
+ shellFunctionNames = (
+ config["shell_injection_shell"]
+ if config and "shell_injection_shell" in config else
+ SecurityDefaults["shell_injection_shell"]
+ )
vulnerableFunctions = ['chown', 'chmod', 'tar', 'rsync']
if (
- context.callFunctionNameQual in shellFunctionNames or
- (context.callFunctionNameQual in subProcessFunctionNames and
- context.checkCallArgValue('shell', 'True'))
+ (context.callFunctionNameQual in shellFunctionNames or
+ (context.callFunctionNameQual in subProcessFunctionNames and
+ context.checkCallArgValue('shell', 'True'))) and
+ context.callArgsCount >= 1
):
- if context.callArgsCount >= 1:
- callArgument = context.getCallArgAtPosition(0)
- argumentString = ''
- if isinstance(callArgument, list):
- for li in callArgument:
- argumentString = argumentString + ' {0}'.format(li)
- elif isinstance(callArgument, str):
- argumentString = callArgument
-
- if argumentString != '':
- for vulnerableFunction in vulnerableFunctions:
- if (
- vulnerableFunction in argumentString and
- '*' in argumentString
- ):
- lineNo = context.getLinenoForCallArg('shell')
- if lineNo < 1:
- lineNo = context.node.lineno
- offset = context.getOffsetForCallArg('shell')
- if offset < 0:
- offset = context.node.col_offset
- reportError(
- lineNo - 1,
- offset,
- "S609",
- "H",
- "M",
- context.callFunctionNameQual
- )
+ callArgument = context.getCallArgAtPosition(0)
+ argumentString = ''
+ if isinstance(callArgument, list):
+ for li in callArgument:
+ argumentString += ' {0}'.format(li)
+ elif isinstance(callArgument, str):
+ argumentString = callArgument
+
+ if argumentString != '':
+ for vulnerableFunction in vulnerableFunctions:
+ if (
+ vulnerableFunction in argumentString and
+ '*' in argumentString
+ ):
+ lineNo = context.getLinenoForCallArg('shell')
+ if lineNo < 1:
+ lineNo = context.node.lineno
+ offset = context.getOffsetForCallArg('shell')
+ if offset < 0:
+ offset = context.node.col_offset
+ reportError(
+ lineNo - 1,
+ offset,
+ "S609",
+ "H",
+ "M",
+ context.callFunctionNameQual
+ )
