diff -r ffd1f00ca376 -r 384e2aa5c073 eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionShell.py
--- a/eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionShell.py Tue Jun 16 17:44:28 2020 +0200
+++ b/eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionShell.py Tue Jun 16 17:45:12 2020 +0200
@@ -19,6 +19,8 @@
import re
import sys
+import AstUtilities
+
from Security.SecurityDefaults import SecurityDefaults
# This regex starts with a windows drive letter (eg C:)
@@ -55,7 +57,7 @@
@return severity level (L, M or H)
@rtype str
"""
- noFormatting = isinstance(context.node.args[0], ast.Str)
+ noFormatting = AstUtilities.isString(context.node.args[0])
if noFormatting:
return "L"
@@ -81,7 +83,7 @@
for key in keywords:
if key.arg == 'shell':
val = key.value
- if isinstance(val, ast.Num):
+ if AstUtilities.isNumber(val):
result = bool(val.n)
elif isinstance(val, ast.List):
result = bool(val.elts)
@@ -90,8 +92,8 @@
elif isinstance(val, ast.Name) and val.id in ['False', 'None']:
result = False
elif (
- sys.version_info[0] > 2 and
- isinstance(val, ast.NameConstant)
+ sys.version_info[0] >= 3 and
+ AstUtilities.isNameConstant(val)
):
result = val.value
else:
@@ -292,7 +294,10 @@
node = node.elts[0]
# make sure the param is a string literal and not a var name
- if isinstance(node, ast.Str) and not fullPathMatchRe.match(node.s):
+ if (
+ AstUtilities.isString(node) and
+ not fullPathMatchRe.match(node.s)
+ ):
reportError(
context.node.lineno - 1,
context.node.col_offset,
