Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix up issues found running Bandit on itself #1093

Merged
merged 1 commit into from
Jan 14, 2024
+7 −8
Merged

Fix up issues found running Bandit on itself #1093

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
4 changes: 2 additions & 2 deletions bandit/cli/baseline.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
import logging
import os
import shutil
import subprocess
import subprocess # nosec: B404
import sys
import tempfile

Expand Down Expand Up @@ -101,7 +101,7 @@ def main():
bandit_command = ["bandit"] + step["args"]

try:
output = subprocess.check_output(bandit_command)
output = subprocess.check_output(bandit_command) # nosec: B603
except subprocess.CalledProcessError as e:
output = e.output
return_code = e.returncode
Expand Down
3 changes: 1 addition & 2 deletions bandit/core/utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,6 @@ def get_func_name(node):


def get_qual_attr(node, aliases):
prefix = ""
if isinstance(node, ast.Attribute):
try:
val = deepgetattr(node, "value.id")
Expand All @@ -73,7 +72,7 @@ def get_qual_attr(node, aliases):
except Exception:
# NOTE(tkelsey): degrade gracefully when we can't get the fully
# qualified name for an attr, just return its base name.
pass
prefix = ""

return f"{prefix}.{node.attr}"
else:
Expand Down
2 changes: 1 addition & 1 deletion bandit/formatters/xml.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
"""
import logging
import sys
from xml.etree import ElementTree as ET
from xml.etree import ElementTree as ET # nosec: B405

from bandit.core import docs_utils

Expand Down
2 changes: 1 addition & 1 deletion bandit/plugins/general_bind_all_interfaces.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@
@test.checks("Str")
@test.test_id("B104")
def hardcoded_bind_all_interfaces(context):
if context.string_val == "0.0.0.0":
if context.string_val == "0.0.0.0": # nosec: B104
return bandit.Issue(
severity=bandit.MEDIUM,
confidence=bandit.MEDIUM,
Expand Down
4 changes: 2 additions & 2 deletions bandit/plugins/general_hardcoded_tmp.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@

def gen_config(name):
if name == "hardcoded_tmp_directory":
return {"tmp_dirs": ["/tmp", "/var/tmp", "/dev/shm"]}
return {"tmp_dirs": ["/tmp", "/var/tmp", "/dev/shm"]} # nosec: B108


@test.takes_config
Expand All @@ -69,7 +69,7 @@ def hardcoded_tmp_directory(context, config):
if config is not None and "tmp_dirs" in config:
tmp_dirs = config["tmp_dirs"]
else:
tmp_dirs = ["/tmp", "/var/tmp", "/dev/shm"]
tmp_dirs = ["/tmp", "/var/tmp", "/dev/shm"] # nosec: B108

if any(context.string_val.startswith(s) for s in tmp_dirs):
return bandit.Issue(
Expand Down