The following issues were found
Lib/email/__init__.py
21 issues
Line: 8
Column: 5
"""A package for parsing, handling, and generating email messages."""
__all__ = [
'base64mime',
'charset',
'encoders',
'errors',
'feedparser',
'generator',
Reported by Pylint.
Line: 9
Column: 5
__all__ = [
'base64mime',
'charset',
'encoders',
'errors',
'feedparser',
'generator',
'header',
Reported by Pylint.
Line: 10
Column: 5
__all__ = [
'base64mime',
'charset',
'encoders',
'errors',
'feedparser',
'generator',
'header',
'iterators',
Reported by Pylint.
Line: 11
Column: 5
'base64mime',
'charset',
'encoders',
'errors',
'feedparser',
'generator',
'header',
'iterators',
'message',
Reported by Pylint.
Line: 12
Column: 5
'charset',
'encoders',
'errors',
'feedparser',
'generator',
'header',
'iterators',
'message',
'message_from_file',
Reported by Pylint.
Line: 13
Column: 5
'encoders',
'errors',
'feedparser',
'generator',
'header',
'iterators',
'message',
'message_from_file',
'message_from_binary_file',
Reported by Pylint.
Line: 14
Column: 5
'errors',
'feedparser',
'generator',
'header',
'iterators',
'message',
'message_from_file',
'message_from_binary_file',
'message_from_string',
Reported by Pylint.
Line: 15
Column: 5
'feedparser',
'generator',
'header',
'iterators',
'message',
'message_from_file',
'message_from_binary_file',
'message_from_string',
'message_from_bytes',
Reported by Pylint.
Line: 16
Column: 5
'generator',
'header',
'iterators',
'message',
'message_from_file',
'message_from_binary_file',
'message_from_string',
'message_from_bytes',
'mime',
Reported by Pylint.
Line: 21
Column: 5
'message_from_binary_file',
'message_from_string',
'message_from_bytes',
'mime',
'parser',
'quoprimime',
'utils',
]
Reported by Pylint.
Lib/encodings/uu_codec.py
20 issues
Line: 16
Column: 15
### Codec APIs
def uu_encode(input, errors='strict', filename='<data>', mode=0o666):
assert errors == 'strict'
infile = BytesIO(input)
outfile = BytesIO()
read = infile.read
write = outfile.write
Reported by Pylint.
Line: 37
Column: 15
return (outfile.getvalue(), len(input))
def uu_decode(input, errors='strict'):
assert errors == 'strict'
infile = BytesIO(input)
outfile = BytesIO()
readline = infile.readline
write = outfile.write
Reported by Pylint.
Line: 59
Column: 9
break
try:
data = binascii.a2b_uu(s)
except binascii.Error as v:
# Workaround for broken uuencoders by /Fredrik Lundh
nbytes = (((s[0]-32) & 63) * 4 + 5) // 3
data = binascii.a2b_uu(s[:nbytes])
#sys.stderr.write("Warning: %s\n" % str(v))
write(data)
Reported by Pylint.
Line: 71
Column: 22
return (outfile.getvalue(), len(input))
class Codec(codecs.Codec):
def encode(self, input, errors='strict'):
return uu_encode(input, errors)
def decode(self, input, errors='strict'):
return uu_decode(input, errors)
Reported by Pylint.
Line: 74
Column: 22
def encode(self, input, errors='strict'):
return uu_encode(input, errors)
def decode(self, input, errors='strict'):
return uu_decode(input, errors)
class IncrementalEncoder(codecs.IncrementalEncoder):
def encode(self, input, final=False):
return uu_encode(input, self.errors)[0]
Reported by Pylint.
Line: 78
Column: 22
return uu_decode(input, errors)
class IncrementalEncoder(codecs.IncrementalEncoder):
def encode(self, input, final=False):
return uu_encode(input, self.errors)[0]
class IncrementalDecoder(codecs.IncrementalDecoder):
def decode(self, input, final=False):
return uu_decode(input, self.errors)[0]
Reported by Pylint.
Line: 82
Column: 22
return uu_encode(input, self.errors)[0]
class IncrementalDecoder(codecs.IncrementalDecoder):
def decode(self, input, final=False):
return uu_decode(input, self.errors)[0]
class StreamWriter(Codec, codecs.StreamWriter):
charbuffertype = bytes
Reported by Pylint.
Line: 16
Column: 1
### Codec APIs
def uu_encode(input, errors='strict', filename='<data>', mode=0o666):
assert errors == 'strict'
infile = BytesIO(input)
outfile = BytesIO()
read = infile.read
write = outfile.write
Reported by Pylint.
Line: 17
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
### Codec APIs
def uu_encode(input, errors='strict', filename='<data>', mode=0o666):
assert errors == 'strict'
infile = BytesIO(input)
outfile = BytesIO()
read = infile.read
write = outfile.write
Reported by Bandit.
Line: 37
Column: 1
return (outfile.getvalue(), len(input))
def uu_decode(input, errors='strict'):
assert errors == 'strict'
infile = BytesIO(input)
outfile = BytesIO()
readline = infile.readline
write = outfile.write
Reported by Pylint.
Lib/encodings/quopri_codec.py
20 issues
Line: 10
Column: 19
import quopri
from io import BytesIO
def quopri_encode(input, errors='strict'):
assert errors == 'strict'
f = BytesIO(input)
g = BytesIO()
quopri.encode(f, g, quotetabs=True)
return (g.getvalue(), len(input))
Reported by Pylint.
Line: 17
Column: 19
quopri.encode(f, g, quotetabs=True)
return (g.getvalue(), len(input))
def quopri_decode(input, errors='strict'):
assert errors == 'strict'
f = BytesIO(input)
g = BytesIO()
quopri.decode(f, g)
return (g.getvalue(), len(input))
Reported by Pylint.
Line: 25
Column: 22
return (g.getvalue(), len(input))
class Codec(codecs.Codec):
def encode(self, input, errors='strict'):
return quopri_encode(input, errors)
def decode(self, input, errors='strict'):
return quopri_decode(input, errors)
class IncrementalEncoder(codecs.IncrementalEncoder):
Reported by Pylint.
Line: 27
Column: 22
class Codec(codecs.Codec):
def encode(self, input, errors='strict'):
return quopri_encode(input, errors)
def decode(self, input, errors='strict'):
return quopri_decode(input, errors)
class IncrementalEncoder(codecs.IncrementalEncoder):
def encode(self, input, final=False):
return quopri_encode(input, self.errors)[0]
Reported by Pylint.
Line: 31
Column: 22
return quopri_decode(input, errors)
class IncrementalEncoder(codecs.IncrementalEncoder):
def encode(self, input, final=False):
return quopri_encode(input, self.errors)[0]
class IncrementalDecoder(codecs.IncrementalDecoder):
def decode(self, input, final=False):
return quopri_decode(input, self.errors)[0]
Reported by Pylint.
Line: 35
Column: 22
return quopri_encode(input, self.errors)[0]
class IncrementalDecoder(codecs.IncrementalDecoder):
def decode(self, input, final=False):
return quopri_decode(input, self.errors)[0]
class StreamWriter(Codec, codecs.StreamWriter):
charbuffertype = bytes
Reported by Pylint.
Line: 10
Column: 1
import quopri
from io import BytesIO
def quopri_encode(input, errors='strict'):
assert errors == 'strict'
f = BytesIO(input)
g = BytesIO()
quopri.encode(f, g, quotetabs=True)
return (g.getvalue(), len(input))
Reported by Pylint.
Line: 11
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
from io import BytesIO
def quopri_encode(input, errors='strict'):
assert errors == 'strict'
f = BytesIO(input)
g = BytesIO()
quopri.encode(f, g, quotetabs=True)
return (g.getvalue(), len(input))
Reported by Bandit.
Line: 12
Column: 5
def quopri_encode(input, errors='strict'):
assert errors == 'strict'
f = BytesIO(input)
g = BytesIO()
quopri.encode(f, g, quotetabs=True)
return (g.getvalue(), len(input))
def quopri_decode(input, errors='strict'):
Reported by Pylint.
Line: 13
Column: 5
def quopri_encode(input, errors='strict'):
assert errors == 'strict'
f = BytesIO(input)
g = BytesIO()
quopri.encode(f, g, quotetabs=True)
return (g.getvalue(), len(input))
def quopri_decode(input, errors='strict'):
assert errors == 'strict'
Reported by Pylint.
Lib/distutils/cygwinccompiler.py
20 issues
Line: 380
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b602_subprocess_popen_with_shell_equals_true.html
executable = cmd.split()[0]
if find_executable(executable) is None:
return None
out = Popen(cmd, shell=True, stdout=PIPE).stdout
try:
out_string = out.read()
finally:
out.close()
result = RE_VERSION.search(out_string)
Reported by Bandit.
Line: 167
Column: 28
raise CompileError(msg)
else: # for other files use the C-compiler
try:
self.spawn(self.compiler_so + cc_args + [src, '-o', obj] +
extra_postargs)
except DistutilsExecError as msg:
raise CompileError(msg)
def link(self, target_desc, objects, output_filename, output_dir=None,
Reported by Pylint.
Line: 137
Column: 3
shared_option = "-mdll -static"
# Hard-code GCC because that's what this is all about.
# XXX optimization, warnings etc. should be customizable.
self.set_executables(compiler='gcc -mcygwin -O -Wall',
compiler_so='gcc -mcygwin -mdll -O -Wall',
compiler_cxx='g++ -mcygwin -O -Wall',
linker_exe='gcc -mcygwin',
linker_so=('%s -mcygwin %s' %
Reported by Pylint.
Line: 164
Column: 17
try:
self.spawn(["windres", "-i", src, "-o", obj])
except DistutilsExecError as msg:
raise CompileError(msg)
else: # for other files use the C-compiler
try:
self.spawn(self.compiler_so + cc_args + [src, '-o', obj] +
extra_postargs)
except DistutilsExecError as msg:
Reported by Pylint.
Line: 170
Column: 17
self.spawn(self.compiler_so + cc_args + [src, '-o', obj] +
extra_postargs)
except DistutilsExecError as msg:
raise CompileError(msg)
def link(self, target_desc, objects, output_filename, output_dir=None,
libraries=None, library_dirs=None, runtime_library_dirs=None,
export_symbols=None, debug=0, extra_preargs=None,
extra_postargs=None, build_temp=None, target_lang=None):
Reported by Pylint.
Line: 199
Column: 24
# where are the object files
temp_dir = os.path.dirname(objects[0])
# name of dll to give the helper files the same base name
(dll_name, dll_extension) = os.path.splitext(
os.path.basename(output_filename))
# generate the filenames for these files
def_file = os.path.join(temp_dir, dll_name + ".def")
lib_file = os.path.join(temp_dir, 'lib' + dll_name + ".a")
Reported by Pylint.
Line: 344
Column: 3
installed "pyconfig.h" contains the string "__GNUC__".
"""
# XXX since this function also checks sys.version, it's not strictly a
# "pyconfig.h" check -- should probably be renamed...
from distutils import sysconfig
# if sys.version contains GCC then python was compiled with GCC, and the
Reported by Pylint.
Line: 51
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import os
import sys
import copy
from subprocess import Popen, PIPE, check_output
import re
from distutils.unixccompiler import UnixCCompiler
from distutils.file_util import write_file
from distutils.errors import (DistutilsExecError, CCompilerError,
Reported by Bandit.
Line: 61
Column: 1
from distutils.version import LooseVersion
from distutils.spawn import find_executable
def get_msvcr():
"""Include the appropriate MSVC runtime library if Python was built
with MSVC 7.0 or later.
"""
msc_pos = sys.version.find('MSC v.')
if msc_pos != -1:
Reported by Pylint.
Line: 68
Column: 9
msc_pos = sys.version.find('MSC v.')
if msc_pos != -1:
msc_ver = sys.version[msc_pos+6:msc_pos+10]
if msc_ver == '1300':
# MSVC 7.0
return ['msvcr70']
elif msc_ver == '1310':
# MSVC 7.1
return ['msvcr71']
Reported by Pylint.
Lib/idlelib/filelist.py
20 issues
Line: 41
Column: 17
if edit.good_load:
return edit
else:
edit._close()
return None
def gotofileline(self, filename, lineno=None):
edit = self.open(filename)
if edit is not None and lineno is not None:
Reported by Pylint.
Line: 52
Column: 1
def new(self, filename=None):
return self.EditorWindow(self, filename)
def close_all_callback(self, *args, **kwds):
for edit in list(self.inversedict):
reply = edit.close()
if reply == "cancel":
break
return "break"
Reported by Pylint.
Line: 52
Column: 1
def new(self, filename=None):
return self.EditorWindow(self, filename)
def close_all_callback(self, *args, **kwds):
for edit in list(self.inversedict):
reply = edit.close()
if reply == "cancel":
break
return "break"
Reported by Pylint.
Line: 114
Column: 3
return os.path.normpath(filename)
def _test(): # TODO check and convert to htest
from tkinter import Tk
from idlelib.editor import fixwordbreaks
from idlelib.run import fix_scaling
root = Tk()
fix_scaling(root)
Reported by Pylint.
Line: 7
Column: 1
from tkinter import messagebox
class FileList:
# N.B. this import overridden in PyShellFileList.
from idlelib.editor import EditorWindow
def __init__(self, root):
Reported by Pylint.
Line: 10
Column: 5
class FileList:
# N.B. this import overridden in PyShellFileList.
from idlelib.editor import EditorWindow
def __init__(self, root):
self.root = root
self.dict = {}
self.inversedict = {}
Reported by Pylint.
Line: 18
Column: 5
self.inversedict = {}
self.vars = {} # For EditorWindow.getrawvar (shared Tcl variables)
def open(self, filename, action=None):
assert filename
filename = self.canonize(filename)
if os.path.isdir(filename):
# This can happen when bad filename is passed on command line:
messagebox.showerror(
Reported by Pylint.
Line: 19
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
self.vars = {} # For EditorWindow.getrawvar (shared Tcl variables)
def open(self, filename, action=None):
assert filename
filename = self.canonize(filename)
if os.path.isdir(filename):
# This can happen when bad filename is passed on command line:
messagebox.showerror(
"File Error",
Reported by Bandit.
Line: 33
Column: 9
edit = self.dict[key]
edit.top.wakeup()
return edit
if action:
# Don't create window, perform 'action', e.g. open in same window
return action(filename)
else:
edit = self.EditorWindow(self, filename, key)
if edit.good_load:
Reported by Pylint.
Line: 38
Column: 13
return action(filename)
else:
edit = self.EditorWindow(self, filename, key)
if edit.good_load:
return edit
else:
edit._close()
return None
Reported by Pylint.
Lib/idlelib/window.py
20 issues
Line: 24
Column: 9
self.call_callbacks()
def add_windows_to_menu(self, menu):
list = []
for key in self.dict:
window = self.dict[key]
try:
title = window.get_title()
except TclError:
Reported by Pylint.
Line: 49
Column: 13
for callback in self.callbacks:
try:
callback()
except:
t, v, tb = sys.exc_info()
print("warning: callback failed in WindowList", t, ":", v)
registry = WindowList()
Reported by Pylint.
Line: 50
Column: 23
try:
callback()
except:
t, v, tb = sys.exc_info()
print("warning: callback failed in WindowList", t, ":", v)
registry = WindowList()
Reported by Pylint.
Line: 76
Column: 42
if not registry.dict:
self.quit()
def update_windowlist_registry(self, window):
registry.call_callbacks()
def get_title(self):
# Subclass can override
return self.wm_title()
Reported by Pylint.
Line: 1
Column: 1
from tkinter import Toplevel, TclError
import sys
class WindowList:
def __init__(self):
self.dict = {}
self.callbacks = []
Reported by Pylint.
Line: 5
Column: 1
import sys
class WindowList:
def __init__(self):
self.dict = {}
self.callbacks = []
Reported by Pylint.
Line: 11
Column: 5
self.dict = {}
self.callbacks = []
def add(self, window):
window.after_idle(self.call_callbacks)
self.dict[str(window)] = window
def delete(self, window):
try:
Reported by Pylint.
Line: 15
Column: 5
window.after_idle(self.call_callbacks)
self.dict[str(window)] = window
def delete(self, window):
try:
del self.dict[str(window)]
except KeyError:
# Sometimes, destroy() is called twice
pass
Reported by Pylint.
Line: 23
Column: 5
pass
self.call_callbacks()
def add_windows_to_menu(self, menu):
list = []
for key in self.dict:
window = self.dict[key]
try:
title = window.get_title()
Reported by Pylint.
Line: 36
Column: 5
for title, key, window in list:
menu.add_command(label=title, command=window.wakeup)
def register_callback(self, callback):
self.callbacks.append(callback)
def unregister_callback(self, callback):
try:
self.callbacks.remove(callback)
Reported by Pylint.
Lib/idlelib/runscript.py
20 issues
Line: 41
Column: 3
def __init__(self, editwin):
self.editwin = editwin
# Provide instance variables referenced by debugger
# XXX This should be done differently
self.flist = self.editwin.flist
self.root = self.editwin.root
# cli_args is list of strings that extends sys.argv
self.cli_args = []
self.perf = 0.0 # Workaround for macOS 11 Uni2; see bpo-42508.
Reported by Pylint.
Line: 48
Column: 34
self.cli_args = []
self.perf = 0.0 # Workaround for macOS 11 Uni2; see bpo-42508.
def check_module_event(self, event):
if isinstance(self.editwin, outwin.OutputWindow):
self.editwin.text.bell()
return 'break'
filename = self.getfilename()
if not filename:
Reported by Pylint.
Line: 62
Column: 3
return "break"
def tabnanny(self, filename):
# XXX: tabnanny should work on binary files as well
with tokenize.open(filename) as f:
try:
tabnanny.process_tokens(tokenize.generate_tokens(f.readline))
except tokenize.TokenError as msg:
msgtxt, (lineno, start) = msg.args
Reported by Pylint.
Line: 67
Column: 34
try:
tabnanny.process_tokens(tokenize.generate_tokens(f.readline))
except tokenize.TokenError as msg:
msgtxt, (lineno, start) = msg.args
self.editwin.gotoline(lineno)
self.errorbox("Tabnanny Tokenizing Error",
"Token Error: %s" % msgtxt)
return False
except tabnanny.NannyNag as nag:
Reported by Pylint.
Line: 67
Column: 17
try:
tabnanny.process_tokens(tokenize.generate_tokens(f.readline))
except tokenize.TokenError as msg:
msgtxt, (lineno, start) = msg.args
self.editwin.gotoline(lineno)
self.errorbox("Tabnanny Tokenizing Error",
"Token Error: %s" % msgtxt)
return False
except tabnanny.NannyNag as nag:
Reported by Pylint.
Line: 80
Column: 9
return True
def checksyntax(self, filename):
self.shell = shell = self.flist.open_shell()
saved_stream = shell.get_warning_stream()
shell.set_warning_stream(shell.stderr)
with open(filename, 'rb') as f:
source = f.read()
if b'\r' in source:
Reported by Pylint.
Line: 112
Column: 32
def run_custom_event(self, event):
return self.run_module_event(event, customize=True)
def run_module_event(self, event, *, customize=False):
"""Run the module after setting up the environment.
First check the syntax. Next get customization. If OK, make
sure the shell is active and then transfer the arguments, set
the run environment's working directory to the directory of the
Reported by Pylint.
Line: 163
Column: 3
del _sys, argv, _basename, _os
\n""")
interp.prepend_syspath(filename)
# XXX KBK 03Jul04 When run w/o subprocess, runtime warnings still
# go to __stderr__. With subprocess, they go to the shell.
# Need to change streams in pyshell.ModifiedInterpreter.
interp.runcode(code)
return 'break'
Reported by Pylint.
Line: 205
Column: 3
return confirm
def errorbox(self, title, message):
# XXX This should really be a function of EditorWindow...
messagebox.showerror(title, message, parent=self.editwin.text)
self.editwin.text.focus_set()
self.perf = time.perf_counter()
Reported by Pylint.
Line: 25
Column: 1
from idlelib.query import CustomRun
from idlelib import outwin
indent_message = """Error: Inconsistent indentation detected!
1) Your indentation is outright incorrect (easy to fix), OR
2) Your indentation mixes tabs and spaces.
Reported by Pylint.
Lib/glob.py
20 issues
Line: 99
Column: 39
names = (x for x in names if not _ishidden(x))
return fnmatch.filter(names, pattern)
def _glob0(dirname, basename, dir_fd, dironly):
if basename:
if _lexists(_join(dirname, basename), dir_fd):
return [basename]
else:
# `os.path.split()` returns an empty basename for paths ending with a
Reported by Pylint.
Line: 43
Column: 5
root_dir = os.fspath(root_dir)
else:
root_dir = pathname[:0]
it = _iglob(pathname, root_dir, dir_fd, recursive, False)
if not pathname or recursive and _isrecursive(pathname[:2]):
try:
s = next(it) # skip empty string
if s:
it = itertools.chain((s,), it)
Reported by Pylint.
Line: 46
Column: 13
it = _iglob(pathname, root_dir, dir_fd, recursive, False)
if not pathname or recursive and _isrecursive(pathname[:2]):
try:
s = next(it) # skip empty string
if s:
it = itertools.chain((s,), it)
except StopIteration:
pass
return it
Reported by Pylint.
Line: 48
Column: 17
try:
s = next(it) # skip empty string
if s:
it = itertools.chain((s,), it)
except StopIteration:
pass
return it
def _iglob(pathname, root_dir, dir_fd, recursive, dironly):
Reported by Pylint.
Line: 53
Column: 1
pass
return it
def _iglob(pathname, root_dir, dir_fd, recursive, dironly):
dirname, basename = os.path.split(pathname)
if not has_magic(pathname):
assert not dironly
if basename:
if _lexists(_join(root_dir, pathname), dir_fd):
Reported by Pylint.
Line: 56
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
def _iglob(pathname, root_dir, dir_fd, recursive, dironly):
dirname, basename = os.path.split(pathname)
if not has_magic(pathname):
assert not dironly
if basename:
if _lexists(_join(root_dir, pathname), dir_fd):
yield pathname
else:
# Patterns ending with a slash should match only directories
Reported by Bandit.
Line: 112
Column: 1
# Following functions are not public but can be used by third-party code.
def glob0(dirname, pattern):
return _glob0(dirname, pattern, None, False)
def glob1(dirname, pattern):
return _glob1(dirname, pattern, None, False)
Reported by Pylint.
Line: 115
Column: 1
def glob0(dirname, pattern):
return _glob0(dirname, pattern, None, False)
def glob1(dirname, pattern):
return _glob1(dirname, pattern, None, False)
# This helper function recursively yields relative pathnames inside a literal
# directory.
Reported by Pylint.
Line: 122
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
# directory.
def _glob2(dirname, pattern, dir_fd, dironly):
assert _isrecursive(pattern)
yield pattern[:0]
yield from _rlistdir(dirname, dir_fd, dironly)
# If dironly is false, yields all file names inside a directory.
# If dironly is true, yields only directory names.
Reported by Bandit.
Line: 128
Column: 1
# If dironly is false, yields all file names inside a directory.
# If dironly is true, yields only directory names.
def _iterdir(dirname, dir_fd, dironly):
try:
fd = None
fsencode = None
if dir_fd is not None:
if dirname:
Reported by Pylint.
Objects/stringlib/transmogrify.h
20 issues
Line: 123
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (u) {
if (left)
memset(STRINGLIB_STR(u), fill, left);
memcpy(STRINGLIB_STR(u) + left,
STRINGLIB_STR(self),
STRINGLIB_LEN(self));
if (right)
memset(STRINGLIB_STR(u) + left + STRINGLIB_LEN(self),
fill, right);
Reported by FlawFinder.
Line: 320
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (to_len > 1) {
/* Lay the first one down (guaranteed this will occur) */
memcpy(result_s, to_s, to_len);
result_s += to_len;
count -= 1;
for (i = 0; i < count; i++) {
*result_s++ = *self_s++;
Reported by FlawFinder.
Line: 326
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (i = 0; i < count; i++) {
*result_s++ = *self_s++;
memcpy(result_s, to_s, to_len);
result_s += to_len;
}
}
else {
result_s[0] = to_s[0];
Reported by FlawFinder.
Line: 342
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
/* Copy the rest of the original string */
memcpy(result_s, self_s, self_len - i);
return result;
}
/* Special case for deleting a single character */
Reported by FlawFinder.
Line: 382
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
next = findchar(start, end - start, from_c);
if (next == NULL)
break;
memcpy(result_s, start, next - start);
result_s += (next - start);
start = next + 1;
}
memcpy(result_s, start, end - start);
Reported by FlawFinder.
Line: 386
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
result_s += (next - start);
start = next + 1;
}
memcpy(result_s, start, end - start);
return result;
}
/* len(self)>=1, len(from)>=2, to="", maxcount>=1 */
Reported by FlawFinder.
Line: 435
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
break;
next = start + offset;
memcpy(result_s, start, next - start);
result_s += (next - start);
start = next + from_len;
}
memcpy(result_s, start, end - start);
Reported by FlawFinder.
Line: 440
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
result_s += (next - start);
start = next + from_len;
}
memcpy(result_s, start, end - start);
return result;
}
/* len(self)>=1, len(from)==len(to)==1, maxcount>=1 */
static PyObject *
Reported by FlawFinder.
Line: 472
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return NULL;
}
result_s = STRINGLIB_STR(result);
memcpy(result_s, self_s, self_len);
/* change everything in-place, starting with this one */
start = result_s + (next - self_s);
*start = to_c;
start++;
Reported by FlawFinder.
Line: 522
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return NULL;
}
result_s = STRINGLIB_STR(result);
memcpy(result_s, self_s, self_len);
/* change everything in-place, starting with this one */
start = result_s + offset;
memcpy(start, to_s, from_len);
start += from_len;
Reported by FlawFinder.
PC/winreg.c
20 issues
Line: 942
Column: 32
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
static HKEY
winreg_CreateKeyEx_impl(PyObject *module, HKEY key,
const Py_UNICODE *sub_key, int reserved,
REGSAM access)
/*[clinic end generated code: output=643a70ad6a361a97 input=42c2b03f98406b66]*/
{
HKEY retKey;
long rc;
Reported by FlawFinder.
Line: 950
Column: 33
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
if (PySys_Audit("winreg.CreateKey", "nun",
(Py_ssize_t)key, sub_key,
(Py_ssize_t)access) < 0) {
return NULL;
}
rc = RegCreateKeyExW(key, sub_key, reserved, NULL, 0,
access, NULL, &retKey, NULL);
if (rc != ERROR_SUCCESS) {
Reported by FlawFinder.
Line: 954
Column: 26
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
return NULL;
}
rc = RegCreateKeyExW(key, sub_key, reserved, NULL, 0,
access, NULL, &retKey, NULL);
if (rc != ERROR_SUCCESS) {
PyErr_SetFromWindowsErrWithFunction(rc, "CreateKeyEx");
return NULL;
}
if (PySys_Audit("winreg.OpenKey/result", "n",
Reported by FlawFinder.
Line: 1026
Column: 59
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
static PyObject *
winreg_DeleteKeyEx_impl(PyObject *module, HKEY key,
const Py_UNICODE *sub_key, REGSAM access,
int reserved)
/*[clinic end generated code: output=52a1c8b374ebc003 input=711d9d89e7ecbed7]*/
{
HMODULE hMod;
typedef LONG (WINAPI *RDKEFunc)(HKEY, const wchar_t*, REGSAM, int);
Reported by FlawFinder.
Line: 1037
Column: 33
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
if (PySys_Audit("winreg.DeleteKey", "nun",
(Py_ssize_t)key, sub_key,
(Py_ssize_t)access) < 0) {
return NULL;
}
/* Only available on 64bit platforms, so we must load it
dynamically. */
Py_BEGIN_ALLOW_THREADS
Reported by FlawFinder.
Line: 1053
Column: 31
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
return NULL;
}
Py_BEGIN_ALLOW_THREADS
rc = (*pfn)(key, sub_key, access, reserved);
Py_END_ALLOW_THREADS
if (rc != ERROR_SUCCESS)
return PyErr_SetFromWindowsErrWithFunction(rc, "RegDeleteKeyEx");
Py_RETURN_NONE;
Reported by FlawFinder.
Line: 1392
Column: 42
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
static HKEY
winreg_OpenKey_impl(PyObject *module, HKEY key, const Py_UNICODE *sub_key,
int reserved, REGSAM access)
/*[clinic end generated code: output=8849bff2c30104ad input=098505ac36a9ae28]*/
{
HKEY retKey;
long rc;
Reported by FlawFinder.
Line: 1400
Column: 33
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
if (PySys_Audit("winreg.OpenKey", "nun",
(Py_ssize_t)key, sub_key,
(Py_ssize_t)access) < 0) {
return NULL;
}
Py_BEGIN_ALLOW_THREADS
rc = RegOpenKeyExW(key, sub_key, reserved, access, &retKey);
Py_END_ALLOW_THREADS
Reported by FlawFinder.
Line: 1404
Column: 48
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
return NULL;
}
Py_BEGIN_ALLOW_THREADS
rc = RegOpenKeyExW(key, sub_key, reserved, access, &retKey);
Py_END_ALLOW_THREADS
if (rc != ERROR_SUCCESS) {
PyErr_SetFromWindowsErrWithFunction(rc, "RegOpenKeyEx");
return NULL;
}
Reported by FlawFinder.
Line: 1428
Column: 44
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
static HKEY
winreg_OpenKeyEx_impl(PyObject *module, HKEY key, const Py_UNICODE *sub_key,
int reserved, REGSAM access)
/*[clinic end generated code: output=81bc2bd684bc77ae input=c6c4972af8622959]*/
{
return winreg_OpenKey_impl(module, key, sub_key, reserved, access);
}
Reported by FlawFinder.