Mercurial Repositories > eric / file diff

diff: eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionWildcard.py

eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionWildcard.py

changeset 8222
5994b80b8760
parent 8217
385f60c94548
child 8259
2bbec88047dd
diff -r 0572a215bd2f -r 5994b80b8760 eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionWildcard.py
--- a/eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionWildcard.py	Sun Apr 11 16:53:48 2021 +0200
+++ b/eric6/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/injectionWildcard.py	Sun Apr 11 18:45:10 2021 +0200
@@ -57,36 +57,36 @@
     
     vulnerableFunctions = ['chown', 'chmod', 'tar', 'rsync']
     if (
-        context.callFunctionNameQual in shellFunctionNames or
-        (context.callFunctionNameQual in subProcessFunctionNames and
-         context.checkCallArgValue('shell', 'True'))
+        (context.callFunctionNameQual in shellFunctionNames or
+         (context.callFunctionNameQual in subProcessFunctionNames and
+          context.checkCallArgValue('shell', 'True'))) and
+        context.callArgsCount >= 1
     ):
-        if context.callArgsCount >= 1:
-            callArgument = context.getCallArgAtPosition(0)
-            argumentString = ''
-            if isinstance(callArgument, list):
-                for li in callArgument:
-                    argumentString += ' {0}'.format(li)
-            elif isinstance(callArgument, str):
-                argumentString = callArgument
-            
-            if argumentString != '':
-                for vulnerableFunction in vulnerableFunctions:
-                    if (
-                        vulnerableFunction in argumentString and
-                        '*' in argumentString
-                    ):
-                        lineNo = context.getLinenoForCallArg('shell')
-                        if lineNo < 1:
-                            lineNo = context.node.lineno
-                        offset = context.getOffsetForCallArg('shell')
-                        if offset < 0:
-                            offset = context.node.col_offset
-                        reportError(
-                            lineNo - 1,
-                            offset,
-                            "S609",
-                            "H",
-                            "M",
-                            context.callFunctionNameQual
-                        )
+        callArgument = context.getCallArgAtPosition(0)
+        argumentString = ''
+        if isinstance(callArgument, list):
+            for li in callArgument:
+                argumentString += ' {0}'.format(li)
+        elif isinstance(callArgument, str):
+            argumentString = callArgument
+        
+        if argumentString != '':
+            for vulnerableFunction in vulnerableFunctions:
+                if (
+                    vulnerableFunction in argumentString and
+                    '*' in argumentString
+                ):
+                    lineNo = context.getLinenoForCallArg('shell')
+                    if lineNo < 1:
+                        lineNo = context.node.lineno
+                    offset = context.getOffsetForCallArg('shell')
+                    if offset < 0:
+                        offset = context.node.col_offset
+                    reportError(
+                        lineNo - 1,
+                        offset,
+                        "S609",
+                        "H",
+                        "M",
+                        context.callFunctionNameQual
+                    )

Mercurial Repository: eric

eric ide

mercurial