The following issues were found
selfdrive/manager/manager.py
5 issues
Line: 9
Column: 1
import sys
import traceback
import cereal.messaging as messaging
import selfdrive.crash as crash
from common.basedir import BASEDIR
from common.params import Params, ParamKeyType
from common.text_window import TextWindow
from selfdrive.boardd.set_time import set_time
Reported by Pylint.
Line: 9
Column: 1
import sys
import traceback
import cereal.messaging as messaging
import selfdrive.crash as crash
from common.basedir import BASEDIR
from common.params import Params, ParamKeyType
from common.text_window import TextWindow
from selfdrive.boardd.set_time import set_time
Reported by Pylint.
Line: 62
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b108_hardcoded_tmp_directory.html
# Create folders needed for msgq
try:
os.mkdir("/dev/shm")
except FileExistsError:
pass
except PermissionError:
print("WARNING: failed to make /dev/shm")
Reported by Bandit.
Line: 5
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import datetime
import os
import signal
import subprocess
import sys
import traceback
import cereal.messaging as messaging
import selfdrive.crash as crash
Reported by Bandit.
Line: 115
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
cloudlog.info({"environ": os.environ})
# save boot log
subprocess.call("./bootlog", cwd=os.path.join(BASEDIR, "selfdrive/loggerd"))
params = Params()
ignore = []
if params.get("DongleId", encoding='utf8') == UNREGISTERED_DONGLE_ID:
Reported by Bandit.
selfdrive/car/tests/test_car_interfaces.py
5 issues
Line: 4
Column: 1
#!/usr/bin/env python3
import unittest
import importlib
from parameterized import parameterized
from cereal import car
from selfdrive.car.fingerprints import all_known_cars
from selfdrive.car.car_helpers import interfaces
from selfdrive.car.fingerprints import _FINGERPRINTS as FINGERPRINTS
Reported by Pylint.
Line: 6
Column: 1
import importlib
from parameterized import parameterized
from cereal import car
from selfdrive.car.fingerprints import all_known_cars
from selfdrive.car.car_helpers import interfaces
from selfdrive.car.fingerprints import _FINGERPRINTS as FINGERPRINTS
class TestCarInterfaces(unittest.TestCase):
Reported by Pylint.
Line: 32
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
car_params = CarInterface.get_params(car_name, fingerprints, car_fw)
car_interface = CarInterface(car_params, CarController, CarState)
assert car_params
assert car_interface
self.assertGreater(car_params.mass, 1)
self.assertGreater(car_params.steerRateCost, 1e-3)
Reported by Bandit.
Line: 33
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
car_params = CarInterface.get_params(car_name, fingerprints, car_fw)
car_interface = CarInterface(car_params, CarController, CarState)
assert car_params
assert car_interface
self.assertGreater(car_params.mass, 1)
self.assertGreater(car_params.steerRateCost, 1e-3)
if car_params.steerControlType != car.CarParams.SteerControlType.angle:
Reported by Bandit.
Line: 64
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
# Test radar interface
RadarInterface = importlib.import_module('selfdrive.car.%s.radar_interface' % car_params.carName).RadarInterface
radar_interface = RadarInterface(car_params)
assert radar_interface
# Run radar interface once
radar_interface.update([])
if not car_params.radarOffCan and hasattr(radar_interface, '_update') and hasattr(radar_interface, 'trigger_msg'):
radar_interface._update([radar_interface.trigger_msg])
Reported by Bandit.
selfdrive/car/gm/carstate.py
5 issues
Line: 1
Column: 1
from cereal import car
from common.numpy_fast import mean
from selfdrive.config import Conversions as CV
from opendbc.can.can_define import CANDefine
from opendbc.can.parser import CANParser
from selfdrive.car.interfaces import CarStateBase
from selfdrive.car.gm.values import DBC, CAR, AccState, CanBus, \
CruiseButtons, STEER_THRESHOLD
Reported by Pylint.
Line: 4
Column: 1
from cereal import car
from common.numpy_fast import mean
from selfdrive.config import Conversions as CV
from opendbc.can.can_define import CANDefine
from opendbc.can.parser import CANParser
from selfdrive.car.interfaces import CarStateBase
from selfdrive.car.gm.values import DBC, CAR, AccState, CanBus, \
CruiseButtons, STEER_THRESHOLD
Reported by Pylint.
Line: 4
Column: 1
from cereal import car
from common.numpy_fast import mean
from selfdrive.config import Conversions as CV
from opendbc.can.can_define import CANDefine
from opendbc.can.parser import CANParser
from selfdrive.car.interfaces import CarStateBase
from selfdrive.car.gm.values import DBC, CAR, AccState, CanBus, \
CruiseButtons, STEER_THRESHOLD
Reported by Pylint.
Line: 5
Column: 1
from common.numpy_fast import mean
from selfdrive.config import Conversions as CV
from opendbc.can.can_define import CANDefine
from opendbc.can.parser import CANParser
from selfdrive.car.interfaces import CarStateBase
from selfdrive.car.gm.values import DBC, CAR, AccState, CanBus, \
CruiseButtons, STEER_THRESHOLD
Reported by Pylint.
Line: 5
Column: 1
from common.numpy_fast import mean
from selfdrive.config import Conversions as CV
from opendbc.can.can_define import CANDefine
from opendbc.can.parser import CANParser
from selfdrive.car.interfaces import CarStateBase
from selfdrive.car.gm.values import DBC, CAR, AccState, CanBus, \
CruiseButtons, STEER_THRESHOLD
Reported by Pylint.
selfdrive/car/subaru/carstate.py
5 issues
Line: 2
Column: 1
import copy
from cereal import car
from opendbc.can.can_define import CANDefine
from selfdrive.config import Conversions as CV
from selfdrive.car.interfaces import CarStateBase
from opendbc.can.parser import CANParser
from selfdrive.car.subaru.values import DBC, STEER_THRESHOLD, CAR, PREGLOBAL_CARS
Reported by Pylint.
Line: 3
Column: 1
import copy
from cereal import car
from opendbc.can.can_define import CANDefine
from selfdrive.config import Conversions as CV
from selfdrive.car.interfaces import CarStateBase
from opendbc.can.parser import CANParser
from selfdrive.car.subaru.values import DBC, STEER_THRESHOLD, CAR, PREGLOBAL_CARS
Reported by Pylint.
Line: 3
Column: 1
import copy
from cereal import car
from opendbc.can.can_define import CANDefine
from selfdrive.config import Conversions as CV
from selfdrive.car.interfaces import CarStateBase
from opendbc.can.parser import CANParser
from selfdrive.car.subaru.values import DBC, STEER_THRESHOLD, CAR, PREGLOBAL_CARS
Reported by Pylint.
Line: 6
Column: 1
from opendbc.can.can_define import CANDefine
from selfdrive.config import Conversions as CV
from selfdrive.car.interfaces import CarStateBase
from opendbc.can.parser import CANParser
from selfdrive.car.subaru.values import DBC, STEER_THRESHOLD, CAR, PREGLOBAL_CARS
class CarState(CarStateBase):
def __init__(self, CP):
Reported by Pylint.
Line: 6
Column: 1
from opendbc.can.can_define import CANDefine
from selfdrive.config import Conversions as CV
from selfdrive.car.interfaces import CarStateBase
from opendbc.can.parser import CANParser
from selfdrive.car.subaru.values import DBC, STEER_THRESHOLD, CAR, PREGLOBAL_CARS
class CarState(CarStateBase):
def __init__(self, CP):
Reported by Pylint.
selfdrive/modeld/visiontest.py
5 issues
Line: 2
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import os
import subprocess
from cffi import FFI
from common.basedir import BASEDIR
# Initialize visiontest. Ignore output.
_visiond_dir = os.path.dirname(os.path.abspath(__file__))
_libvisiontest = "libvisiontest.so"
try: # because this crashes sometimes when running pipeline
Reported by Bandit.
Line: 10
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b607_start_process_with_partial_path.html
_visiond_dir = os.path.dirname(os.path.abspath(__file__))
_libvisiontest = "libvisiontest.so"
try: # because this crashes sometimes when running pipeline
subprocess.check_output(["make", "-C", _visiond_dir, "-f",
os.path.join(_visiond_dir, "visiontest.mk"),
_libvisiontest])
except Exception:
pass
Reported by Bandit.
Line: 10
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
_visiond_dir = os.path.dirname(os.path.abspath(__file__))
_libvisiontest = "libvisiontest.so"
try: # because this crashes sometimes when running pipeline
subprocess.check_output(["make", "-C", _visiond_dir, "-f",
os.path.join(_visiond_dir, "visiontest.mk"),
_libvisiontest])
except Exception:
pass
Reported by Bandit.
Line: 13
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b110_try_except_pass.html
subprocess.check_output(["make", "-C", _visiond_dir, "-f",
os.path.join(_visiond_dir, "visiontest.mk"),
_libvisiontest])
except Exception:
pass
class VisionTest():
"""A version of the vision model that can be run on a desktop.
Reported by Bandit.
Line: 109
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def transform_output_buffer(self, yuv_data, y_out, u_out, v_out,
transform):
assert len(yuv_data) == self.input_size[0] * self.input_size[1] * 3 / 2
cast = self.ffi.cast
from_buffer = self.ffi.from_buffer
yuv_ptr = cast("unsigned char*", from_buffer(yuv_data))
transform_ptr = self.ffi.new("float[]", transform)
Reported by Bandit.
phonelibs/nanovg/nanovg.c
4 issues
Line: 268
CWE codes:
908
}
NVGcompositeOperationState state;
state.srcRGB = sfactor;
state.dstRGB = dfactor;
state.srcAlpha = sfactor;
state.dstAlpha = dfactor;
return state;
}
Reported by Cppcheck.
Line: 269
CWE codes:
908
NVGcompositeOperationState state;
state.srcRGB = sfactor;
state.dstRGB = dfactor;
state.srcAlpha = sfactor;
state.dstAlpha = dfactor;
return state;
}
Reported by Cppcheck.
Line: 270
CWE codes:
908
NVGcompositeOperationState state;
state.srcRGB = sfactor;
state.dstRGB = dfactor;
state.srcAlpha = sfactor;
state.dstAlpha = dfactor;
return state;
}
static NVGstate* nvg__getState(NVGcontext* ctx)
Reported by Cppcheck.
Line: 271
CWE codes:
908
state.srcRGB = sfactor;
state.dstRGB = dfactor;
state.srcAlpha = sfactor;
state.dstAlpha = dfactor;
return state;
}
static NVGstate* nvg__getState(NVGcontext* ctx)
{
Reported by Cppcheck.
selfdrive/updated.py
4 issues
Line: 28
Column: 1
import os
import datetime
import subprocess
import psutil
import shutil
import signal
import fcntl
import time
import threading
Reported by Pylint.
Line: 43
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b108_hardcoded_tmp_directory.html
from selfdrive.swaglog import cloudlog
from selfdrive.controls.lib.alertmanager import set_offroad_alert
LOCK_FILE = os.getenv("UPDATER_LOCK_FILE", "/tmp/safe_staging_overlay.lock")
STAGING_ROOT = os.getenv("UPDATER_STAGING_ROOT", "/data/safe_staging")
NEOSUPDATE_DIR = os.getenv("UPDATER_NEOSUPDATE_DIR", "/data/neoupdate")
OVERLAY_UPPER = os.path.join(STAGING_ROOT, "upper")
Reported by Bandit.
Line: 27
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import os
import datetime
import subprocess
import psutil
import shutil
import signal
import fcntl
import time
Reported by Bandit.
Line: 87
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
def run(cmd: List[str], cwd: Optional[str] = None, low_priority: bool = False):
if low_priority:
cmd = ["nice", "-n", "19"] + cmd
return subprocess.check_output(cmd, cwd=cwd, stderr=subprocess.STDOUT, encoding='utf8')
def set_consistent_flag(consistent: bool) -> None:
os.sync()
consistent_file = Path(os.path.join(FINALIZED, ".overlay_consistent"))
Reported by Bandit.
selfdrive/tombstoned.py
4 issues
Line: 55
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html
def get_apport_stacktrace(fn):
try:
cmd = f'apport-retrace -s <(cat <(echo "Package: openpilot") "{fn}")'
return subprocess.check_output(cmd, shell=True, encoding='utf8', timeout=30, executable='/bin/bash') # pylint: disable=unexpected-keyword-arg
except subprocess.CalledProcessError:
return "Error getting stacktrace"
except subprocess.TimeoutExpired:
return "Timeout getting stacktrace"
Reported by Bandit.
Line: 11
Column: 1
import time
import glob
import sentry_sdk
from common.params import Params
from common.file_helpers import mkdirs_exists_ok
from selfdrive.hardware import TICI, HARDWARE
from selfdrive.loggerd.config import ROOT
Reported by Pylint.
Line: 7
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import re
import shutil
import signal
import subprocess
import time
import glob
import sentry_sdk
Reported by Bandit.
Line: 48
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b110_try_except_pass.html
for f in glob.glob(APPORT_DIR + '*'):
try:
os.remove(f)
except Exception:
pass
def get_apport_stacktrace(fn):
try:
Reported by Bandit.
selfdrive/locationd/test/test_calibrationd.py
4 issues
Line: 5
Column: 1
import random
import unittest
import cereal.messaging as messaging
from common.params import Params
from selfdrive.locationd.calibrationd import Calibrator
class TestCalibrationd(unittest.TestCase):
Reported by Pylint.
Line: 5
Column: 1
import random
import unittest
import cereal.messaging as messaging
from common.params import Params
from selfdrive.locationd.calibrationd import Calibrator
class TestCalibrationd(unittest.TestCase):
Reported by Pylint.
Line: 14
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b311-random
def test_read_saved_params(self):
msg = messaging.new_message('liveCalibration')
msg.liveCalibration.validBlocks = random.randint(1, 10)
msg.liveCalibration.rpyCalib = [random.random() for _ in range(3)]
Params().put("CalibrationParams", msg.to_bytes())
c = Calibrator(param_put=True)
self.assertEqual(list(msg.liveCalibration.rpyCalib), c.rpy)
Reported by Bandit.
Line: 15
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b311-random
def test_read_saved_params(self):
msg = messaging.new_message('liveCalibration')
msg.liveCalibration.validBlocks = random.randint(1, 10)
msg.liveCalibration.rpyCalib = [random.random() for _ in range(3)]
Params().put("CalibrationParams", msg.to_bytes())
c = Calibrator(param_put=True)
self.assertEqual(list(msg.liveCalibration.rpyCalib), c.rpy)
self.assertEqual(msg.liveCalibration.validBlocks, c.valid_blocks)
Reported by Bandit.
selfdrive/debug/check_lag.py
4 issues
Line: 4
Column: 1
#!/usr/bin/env python3
# type: ignore
import cereal.messaging as messaging
from cereal.services import service_list
TO_CHECK = ['carState']
Reported by Pylint.
Line: 4
Column: 1
#!/usr/bin/env python3
# type: ignore
import cereal.messaging as messaging
from cereal.services import service_list
TO_CHECK = ['carState']
Reported by Pylint.
Line: 5
Column: 1
# type: ignore
import cereal.messaging as messaging
from cereal.services import service_list
TO_CHECK = ['carState']
if __name__ == "__main__":
Reported by Pylint.
Line: 5
Column: 1
# type: ignore
import cereal.messaging as messaging
from cereal.services import service_list
TO_CHECK = ['carState']
if __name__ == "__main__":
Reported by Pylint.