--- a/src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/insecureHashlibNew.py Wed Jul 13 11:16:20 2022 +0200
+++ b/src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/insecureHashlibNew.py Wed Jul 13 14:55:47 2022 +0200
@@ -22,7 +22,7 @@
def getChecks():
"""
Public method to get a dictionary with checks handled by this module.
-
+
@return dictionary containing checker lists containing checker function and
list of codes
@rtype dict
@@ -38,7 +38,7 @@
"""
Function to check for use of insecure md4, md5, or sha1 hash functions
in hashlib.new().
-
+
@param reportError function to be used to report errors
@type func
@param context security context object
@@ -48,26 +48,23 @@
"""
insecureHashes = (
[h.lower() for h in config["insecure_hashes"]]
- if config and "insecure_hashes" in config else
- SecurityDefaults["insecure_hashes"]
+ if config and "insecure_hashes" in config
+ else SecurityDefaults["insecure_hashes"]
)
-
+
if isinstance(context.callFunctionNameQual, str):
- qualnameList = context.callFunctionNameQual.split('.')
+ qualnameList = context.callFunctionNameQual.split(".")
func = qualnameList[-1]
- if 'hashlib' in qualnameList and func == 'new':
+ if "hashlib" in qualnameList and func == "new":
args = context.callArgs
keywords = context.callKeywords
- name = args[0] if args else keywords['name']
- if (
- isinstance(name, str) and
- name.lower() in insecureHashes
- ):
+ name = args[0] if args else keywords["name"]
+ if isinstance(name, str) and name.lower() in insecureHashes:
reportError(
context.node.lineno - 1,
context.node.col_offset,
"S331",
"M",
"H",
- name.upper()
+ name.upper(),
)
