diff -r e9e7eca7efee -r bf71ee032bb4 src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/blackListImports.py
--- a/src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/blackListImports.py Wed Jul 13 11:16:20 2022 +0200
+++ b/src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/blackListImports.py Wed Jul 13 14:55:47 2022 +0200
@@ -16,65 +16,45 @@
#
_blacklists = {
- "S401": ([
- 'telnetlib'],
- "H"),
- "S402": ([
- 'ftplib'],
- "H"),
- "S403": ([
- 'pickle',
- 'cPickle',
- 'dill',
- 'shelve'],
- "L"),
- "S404": ([
- 'subprocess'],
- "L"),
- "S405": ([
- 'xml.etree.cElementTree',
- 'xml.etree.ElementTree'],
- "L"),
- "S406": ([
- 'xml.sax'],
- "L"),
- "S407": ([
- 'xml.dom.expatbuilder'],
- "L"),
- "S408": ([
- 'xml.dom.minidom'],
- "L"),
- "S409": ([
- 'xml.dom.pulldom'],
- "L"),
- "S410": ([
- 'lxml'],
- "L"),
- "S411": ([
- 'xmlrpclib'],
- "H"),
- "S412": ([
- 'wsgiref.handlers.CGIHandler',
- 'twisted.web.twcgi.CGIScript',
- 'twisted.web.twcgi.CGIDirectory'],
- "H"),
- "S413": ([
- 'Crypto.Cipher',
- 'Crypto.Hash',
- 'Crypto.IO',
- 'Crypto.Protocol',
- 'Crypto.PublicKey',
- 'Crypto.Random',
- 'Crypto.Signature',
- 'Crypto.Util'],
- "H"),
+ "S401": (["telnetlib"], "H"),
+ "S402": (["ftplib"], "H"),
+ "S403": (["pickle", "cPickle", "dill", "shelve"], "L"),
+ "S404": (["subprocess"], "L"),
+ "S405": (["xml.etree.cElementTree", "xml.etree.ElementTree"], "L"),
+ "S406": (["xml.sax"], "L"),
+ "S407": (["xml.dom.expatbuilder"], "L"),
+ "S408": (["xml.dom.minidom"], "L"),
+ "S409": (["xml.dom.pulldom"], "L"),
+ "S410": (["lxml"], "L"),
+ "S411": (["xmlrpclib"], "H"),
+ "S412": (
+ [
+ "wsgiref.handlers.CGIHandler",
+ "twisted.web.twcgi.CGIScript",
+ "twisted.web.twcgi.CGIDirectory",
+ ],
+ "H",
+ ),
+ "S413": (
+ [
+ "Crypto.Cipher",
+ "Crypto.Hash",
+ "Crypto.IO",
+ "Crypto.Protocol",
+ "Crypto.PublicKey",
+ "Crypto.Random",
+ "Crypto.Signature",
+ "Crypto.Util",
+ ],
+ "H",
+ ),
}
def getChecks():
"""
Public method to get a dictionary with checks handled by this module.
-
+
@return dictionary containing checker lists containing checker function and
list of codes
@rtype dict
@@ -95,7 +75,7 @@
def checkBlacklist(reportError, context, config):
"""
Function to check for blacklisted method calls.
-
+
@param reportError function to be used to report errors
@type func
@param context security context object
@@ -105,12 +85,9 @@
"""
nodeType = context.node.__class__.__name__
- if nodeType.startswith('Import'):
+ if nodeType.startswith("Import"):
prefix = ""
- if (
- nodeType == "ImportFrom" and
- context.node.module is not None
- ):
+ if nodeType == "ImportFrom" and context.node.module is not None:
prefix = context.node.module + "."
for code in _blacklists:
@@ -124,5 +101,5 @@
code,
severity,
"H",
- name.name
+ name.name,
)
