The following issues were found
Modules/getnameinfo.c
13 issues
Line: 142
Column: 9
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
sprintf(numserv, "%d", ntohs(port));
if (strlen(numserv) > servlen)
return ENI_MEMORY;
strcpy(serv, numserv);
} else {
sp = getservbyport(port, (flags & NI_DGRAM) ? "udp" : "tcp");
if (sp) {
if (strlen(sp->s_name) > servlen)
return ENI_MEMORY;
Reported by FlawFinder.
Line: 148
Column: 13
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (sp) {
if (strlen(sp->s_name) > servlen)
return ENI_MEMORY;
strcpy(serv, sp->s_name);
} else
return ENI_NOSERVNAME;
}
switch (sa->sa_family) {
Reported by FlawFinder.
Line: 178
Column: 9
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
return ENI_SYSTEM;
if (strlen(numaddr) > hostlen)
return ENI_MEMORY;
strcpy(host, numaddr);
} else {
#ifdef ENABLE_IPV6
hp = getipnodebyaddr(addr, gni_afd->a_addrlen, gni_afd->a_af, &h_error);
#else
hp = gethostbyaddr(addr, gni_afd->a_addrlen, gni_afd->a_af);
Reported by FlawFinder.
Line: 198
Column: 13
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
#endif
return ENI_MEMORY;
}
strcpy(host, hp->h_name);
#ifdef ENABLE_IPV6
freehostent(hp);
#endif
} else {
if (flags & NI_NAMEREQD)
Reported by FlawFinder.
Line: 210
Column: 13
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
return ENI_NOHOSTNAME;
if (strlen(numaddr) > hostlen)
return ENI_MEMORY;
strcpy(host, numaddr);
}
}
return SUCCESS;
}
Reported by FlawFinder.
Line: 109
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
u_char pfx;
#endif
int h_error;
char numserv[512];
char numaddr[512];
if (sa == NULL)
return ENI_NOSOCKET;
Reported by FlawFinder.
Line: 110
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#endif
int h_error;
char numserv[512];
char numaddr[512];
if (sa == NULL)
return ENI_NOSOCKET;
#ifdef HAVE_SOCKADDR_SA_LEN
Reported by FlawFinder.
Line: 139
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
if (serv == NULL || servlen == 0) {
/* what we should do? */
} else if (flags & NI_NUMERICSERV) {
sprintf(numserv, "%d", ntohs(port));
if (strlen(numserv) > servlen)
return ENI_MEMORY;
strcpy(serv, numserv);
} else {
sp = getservbyport(port, (flags & NI_DGRAM) ? "udp" : "tcp");
Reported by FlawFinder.
Line: 140
Column: 13
CWE codes:
126
/* what we should do? */
} else if (flags & NI_NUMERICSERV) {
sprintf(numserv, "%d", ntohs(port));
if (strlen(numserv) > servlen)
return ENI_MEMORY;
strcpy(serv, numserv);
} else {
sp = getservbyport(port, (flags & NI_DGRAM) ? "udp" : "tcp");
if (sp) {
Reported by FlawFinder.
Line: 146
Column: 17
CWE codes:
126
} else {
sp = getservbyport(port, (flags & NI_DGRAM) ? "udp" : "tcp");
if (sp) {
if (strlen(sp->s_name) > servlen)
return ENI_MEMORY;
strcpy(serv, sp->s_name);
} else
return ENI_NOSERVNAME;
}
Reported by FlawFinder.
Modules/_io/bufferedio.c
13 issues
Line: 88
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
Py_DECREF(data);
return NULL;
}
memcpy(buffer->buf, PyBytes_AS_STRING(data), len);
Py_DECREF(data);
return PyLong_FromSsize_t(len);
}
Reported by FlawFinder.
Line: 970
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
n = Py_SAFE_DOWNCAST(READAHEAD(self), Py_off_t, Py_ssize_t);
if (n > 0) {
if (n >= buffer->len) {
memcpy(buffer->buf, self->buffer + self->pos, buffer->len);
self->pos += buffer->len;
return PyLong_FromSsize_t(buffer->len);
}
memcpy(buffer->buf, self->buffer + self->pos, n);
self->pos += n;
Reported by FlawFinder.
Line: 974
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
self->pos += buffer->len;
return PyLong_FromSsize_t(buffer->len);
}
memcpy(buffer->buf, self->buffer + self->pos, n);
self->pos += n;
written = n;
}
if (!ENTER_BUFFERED(self))
Reported by FlawFinder.
Line: 1009
Column: 17
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (n > 0) {
if (n > remaining)
n = remaining;
memcpy((char *) buffer->buf + written,
self->buffer + self->pos, n);
self->pos += n;
continue; /* short circuit */
}
}
Reported by FlawFinder.
Line: 1652
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
remaining = n;
written = 0;
if (current_size > 0) {
memcpy(out, self->buffer + self->pos, current_size);
remaining -= current_size;
written += current_size;
self->pos += current_size;
}
/* Flush the write buffer if necessary */
Reported by FlawFinder.
Line: 1709
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
Py_RETURN_NONE;
}
if (remaining > r) {
memcpy(out + written, self->buffer + self->pos, r);
written += r;
self->pos += r;
remaining -= r;
}
else if (remaining > 0) {
Reported by FlawFinder.
Line: 1715
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
remaining -= r;
}
else if (remaining > 0) {
memcpy(out + written, self->buffer + self->pos, remaining);
written += remaining;
self->pos += remaining;
remaining = 0;
}
if (remaining == 0)
Reported by FlawFinder.
Line: 1949
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
avail = Py_SAFE_DOWNCAST(self->buffer_size - self->pos, Py_off_t, Py_ssize_t);
if (buffer->len <= avail) {
memcpy(self->buffer + self->pos, buffer->buf, buffer->len);
if (!VALID_WRITE_BUFFER(self) || self->write_pos > self->pos) {
self->write_pos = self->pos;
}
ADJUST_POSITION(self, self->pos + buffer->len);
if (self->pos > self->write_end)
Reported by FlawFinder.
Line: 1982
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (buffer->len <= avail) {
/* Everything can be buffered */
PyErr_Clear();
memcpy(self->buffer + self->write_end, buffer->buf, buffer->len);
self->write_end += buffer->len;
self->pos += buffer->len;
written = buffer->len;
goto end;
}
Reported by FlawFinder.
Line: 1989
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto end;
}
/* Buffer as much as possible. */
memcpy(self->buffer + self->write_end, buffer->buf, avail);
self->write_end += avail;
self->pos += avail;
/* XXX Modifying the existing exception e using the pointer w
will change e.characters_written but not e.args[2].
Therefore we just replace with a new error. */
Reported by FlawFinder.
PC/layout/support/options.py
13 issues
Line: 53
Column: 3
"dev",
"launchers",
"appxmanifest",
# XXX: Disabled for now "precompile",
],
},
"nuget": {
"help": "nuget package",
"options": [
Reported by Pylint.
Line: 96
Column: 9
@public
def get_argparse_options():
for opt, info in OPTIONS.items():
help = "When specified, includes {}".format(info["help"])
if info.get("not-in-all"):
help = "{}. Not affected by --include-all".format(help)
yield "--include-{}".format(opt), help
Reported by Pylint.
Line: 12
Column: 1
__all__ = []
def public(f):
__all__.append(f.__name__)
return f
OPTIONS = {
Reported by Pylint.
Line: 12
Column: 1
__all__ = []
def public(f):
__all__.append(f.__name__)
return f
OPTIONS = {
Reported by Pylint.
Line: 94
Column: 1
@public
def get_argparse_options():
for opt, info in OPTIONS.items():
help = "When specified, includes {}".format(info["help"])
if info.get("not-in-all"):
help = "{}. Not affected by --include-all".format(help)
Reported by Pylint.
Line: 107
Column: 1
yield "--preset-{}".format(opt), help
def ns_get(ns, key, default=False):
return getattr(ns, key.replace("-", "_"), default)
def ns_set(ns, key, value=True):
k1 = key.replace("-", "_")
Reported by Pylint.
Line: 107
Column: 1
yield "--preset-{}".format(opt), help
def ns_get(ns, key, default=False):
return getattr(ns, key.replace("-", "_"), default)
def ns_set(ns, key, value=True):
k1 = key.replace("-", "_")
Reported by Pylint.
Line: 111
Column: 1
return getattr(ns, key.replace("-", "_"), default)
def ns_set(ns, key, value=True):
k1 = key.replace("-", "_")
k2 = "include_{}".format(k1)
if hasattr(ns, k2):
setattr(ns, k2, value)
elif hasattr(ns, k1):
Reported by Pylint.
Line: 111
Column: 1
return getattr(ns, key.replace("-", "_"), default)
def ns_set(ns, key, value=True):
k1 = key.replace("-", "_")
k2 = "include_{}".format(k1)
if hasattr(ns, k2):
setattr(ns, k2, value)
elif hasattr(ns, k1):
Reported by Pylint.
Line: 112
Column: 5
def ns_set(ns, key, value=True):
k1 = key.replace("-", "_")
k2 = "include_{}".format(k1)
if hasattr(ns, k2):
setattr(ns, k2, value)
elif hasattr(ns, k1):
setattr(ns, k1, value)
Reported by Pylint.
PC/layout/support/props.py
13 issues
Line: 7
Column: 1
import os
from .constants import *
__all__ = ["get_props_layout"]
PYTHON_PROPS_NAME = "python.props"
Reported by Pylint.
Line: 14
Column: 19
PYTHON_PROPS_NAME = "python.props"
PROPS_DATA = {
"PYTHON_TAG": VER_DOT,
"PYTHON_VERSION": os.getenv("PYTHON_NUSPEC_VERSION"),
"PYTHON_PLATFORM": os.getenv("PYTHON_PROPS_PLATFORM"),
"PYTHON_TARGET": "",
}
Reported by Pylint.
Line: 22
Column: 9
if not PROPS_DATA["PYTHON_VERSION"]:
PROPS_DATA["PYTHON_VERSION"] = "{}.{}{}{}".format(
VER_DOT, VER_MICRO, "-" if VER_SUFFIX else "", VER_SUFFIX
)
PROPS_DATA["PYTHON_TARGET"] = "_GetPythonRuntimeFilesDependsOn{}{}_{}".format(
VER_MAJOR, VER_MINOR, PROPS_DATA["PYTHON_PLATFORM"]
)
Reported by Pylint.
Line: 22
Column: 36
if not PROPS_DATA["PYTHON_VERSION"]:
PROPS_DATA["PYTHON_VERSION"] = "{}.{}{}{}".format(
VER_DOT, VER_MICRO, "-" if VER_SUFFIX else "", VER_SUFFIX
)
PROPS_DATA["PYTHON_TARGET"] = "_GetPythonRuntimeFilesDependsOn{}{}_{}".format(
VER_MAJOR, VER_MINOR, PROPS_DATA["PYTHON_PLATFORM"]
)
Reported by Pylint.
Line: 22
Column: 18
if not PROPS_DATA["PYTHON_VERSION"]:
PROPS_DATA["PYTHON_VERSION"] = "{}.{}{}{}".format(
VER_DOT, VER_MICRO, "-" if VER_SUFFIX else "", VER_SUFFIX
)
PROPS_DATA["PYTHON_TARGET"] = "_GetPythonRuntimeFilesDependsOn{}{}_{}".format(
VER_MAJOR, VER_MINOR, PROPS_DATA["PYTHON_PLATFORM"]
)
Reported by Pylint.
Line: 22
Column: 56
if not PROPS_DATA["PYTHON_VERSION"]:
PROPS_DATA["PYTHON_VERSION"] = "{}.{}{}{}".format(
VER_DOT, VER_MICRO, "-" if VER_SUFFIX else "", VER_SUFFIX
)
PROPS_DATA["PYTHON_TARGET"] = "_GetPythonRuntimeFilesDependsOn{}{}_{}".format(
VER_MAJOR, VER_MINOR, PROPS_DATA["PYTHON_PLATFORM"]
)
Reported by Pylint.
Line: 26
Column: 16
)
PROPS_DATA["PYTHON_TARGET"] = "_GetPythonRuntimeFilesDependsOn{}{}_{}".format(
VER_MAJOR, VER_MINOR, PROPS_DATA["PYTHON_PLATFORM"]
)
PROPS_TEMPLATE = r"""<?xml version="1.0" encoding="utf-8"?>
<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup Condition="$(Platform) == '{PYTHON_PLATFORM}'">
Reported by Pylint.
Line: 26
Column: 5
)
PROPS_DATA["PYTHON_TARGET"] = "_GetPythonRuntimeFilesDependsOn{}{}_{}".format(
VER_MAJOR, VER_MINOR, PROPS_DATA["PYTHON_PLATFORM"]
)
PROPS_TEMPLATE = r"""<?xml version="1.0" encoding="utf-8"?>
<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup Condition="$(Platform) == '{PYTHON_PLATFORM}'">
Reported by Pylint.
Line: 7
Column: 1
import os
from .constants import *
__all__ = ["get_props_layout"]
PYTHON_PROPS_NAME = "python.props"
Reported by Pylint.
Line: 89
Column: 3
def get_props_layout(ns):
if ns.include_all or ns.include_props:
# TODO: Filter contents of props file according to included/excluded items
d = dict(PROPS_DATA)
if not d.get("PYTHON_PLATFORM"):
d["PYTHON_PLATFORM"] = {
"win32": "Win32",
"amd64": "X64",
Reported by Pylint.
Lib/test/test_ssl.py
13 issues
Line: 570
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b104_hardcoded_bind_all_interfaces.html
self.assertRaises(OSError, ss.recvfrom, 1)
self.assertRaises(OSError, ss.recvfrom_into, bytearray(b'x'), 1)
self.assertRaises(OSError, ss.send, b'x')
self.assertRaises(OSError, ss.sendto, b'x', ('0.0.0.0', 0))
self.assertRaises(NotImplementedError, ss.dup)
self.assertRaises(NotImplementedError, ss.sendmsg,
[b'x'], (), 0, ('0.0.0.0', 0))
self.assertRaises(NotImplementedError, ss.recvmsg, 100)
self.assertRaises(NotImplementedError, ss.recvmsg_into,
Reported by Bandit.
Line: 573
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b104_hardcoded_bind_all_interfaces.html
self.assertRaises(OSError, ss.sendto, b'x', ('0.0.0.0', 0))
self.assertRaises(NotImplementedError, ss.dup)
self.assertRaises(NotImplementedError, ss.sendmsg,
[b'x'], (), 0, ('0.0.0.0', 0))
self.assertRaises(NotImplementedError, ss.recvmsg, 100)
self.assertRaises(NotImplementedError, ss.recvmsg_into,
[bytearray(100)])
def test_timeout(self):
Reported by Bandit.
Line: 3531
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b310-urllib-urlopen
url = 'https://localhost:%d/%s' % (
server.port, os.path.split(CERTFILE)[1])
context = ssl.create_default_context(cafile=SIGNING_CA)
f = urllib.request.urlopen(url, context=context)
try:
dlen = f.info().get("content-length")
if dlen and (int(dlen) > 0):
d2 = f.read(int(dlen))
if support.verbose:
Reported by Bandit.
Line: 80
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
BYTES_ONLYKEY = os.fsencode(ONLYKEY)
CERTFILE_PROTECTED = data_file("keycert.passwd.pem")
ONLYKEY_PROTECTED = data_file("ssl_key.passwd.pem")
KEY_PASSWORD = "somepass"
CAPATH = data_file("capath")
BYTES_CAPATH = os.fsencode(CAPATH)
CAFILE_NEURONIO = data_file("capath", "4e1295a3.0")
CAFILE_CACERT = data_file("capath", "5ed36f99.0")
Reported by Bandit.
Line: 193
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html
:return: bool
"""
if isinstance(protocol, str):
assert protocol.startswith('PROTOCOL_')
protocol = getattr(ssl, protocol, None)
if protocol is None:
return False
if protocol in {
ssl.PROTOCOL_TLS, ssl.PROTOCOL_TLS_SERVER,
Reported by Bandit.
Line: 647
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b504_ssl_with_no_version.html
self.assertRaisesRegex(ValueError,
"certfile must be specified for server-side operations",
ssl.wrap_socket, sock, server_side=True, certfile="")
with ssl.wrap_socket(sock, server_side=True, certfile=CERTFILE) as s:
self.assertRaisesRegex(ValueError, "can't connect in server-side mode",
s.connect, (HOST, 8080))
with self.assertRaises(OSError) as cm:
with socket.socket() as sock:
ssl.wrap_socket(sock, certfile=NONEXISTINGCERT)
Reported by Bandit.
Line: 652
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b504_ssl_with_no_version.html
s.connect, (HOST, 8080))
with self.assertRaises(OSError) as cm:
with socket.socket() as sock:
ssl.wrap_socket(sock, certfile=NONEXISTINGCERT)
self.assertEqual(cm.exception.errno, errno.ENOENT)
with self.assertRaises(OSError) as cm:
with socket.socket() as sock:
ssl.wrap_socket(sock,
certfile=CERTFILE, keyfile=NONEXISTINGCERT)
Reported by Bandit.
Line: 656
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b504_ssl_with_no_version.html
self.assertEqual(cm.exception.errno, errno.ENOENT)
with self.assertRaises(OSError) as cm:
with socket.socket() as sock:
ssl.wrap_socket(sock,
certfile=CERTFILE, keyfile=NONEXISTINGCERT)
self.assertEqual(cm.exception.errno, errno.ENOENT)
with self.assertRaises(OSError) as cm:
with socket.socket() as sock:
ssl.wrap_socket(sock,
Reported by Bandit.
Line: 661
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b504_ssl_with_no_version.html
self.assertEqual(cm.exception.errno, errno.ENOENT)
with self.assertRaises(OSError) as cm:
with socket.socket() as sock:
ssl.wrap_socket(sock,
certfile=NONEXISTINGCERT, keyfile=NONEXISTINGCERT)
self.assertEqual(cm.exception.errno, errno.ENOENT)
def bad_cert_test(self, certfile):
"""Check that trying to use the given client certificate fails"""
Reported by Bandit.
Line: 1391
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b106_hardcoded_password_funcarg.html
with self.assertRaisesRegex(TypeError, "should be a string"):
ctx.load_cert_chain(CERTFILE_PROTECTED, password=True)
with self.assertRaises(ssl.SSLError):
ctx.load_cert_chain(CERTFILE_PROTECTED, password="badpass")
with self.assertRaisesRegex(ValueError, "cannot be longer"):
# openssl has a fixed limit on the password buffer.
# PEM_BUFSIZE is generally set to 1kb.
# Return a string larger than this.
ctx.load_cert_chain(CERTFILE_PROTECTED, password=b'a' * 102400)
Reported by Bandit.
Lib/test/test_stringprep.py
13 issues
Line: 6
Column: 1
import unittest
from stringprep import *
class StringprepTests(unittest.TestCase):
def test(self):
self.assertTrue(in_table_a1("\u0221"))
self.assertFalse(in_table_a1("\u0222"))
Reported by Pylint.
Line: 6
Column: 1
import unittest
from stringprep import *
class StringprepTests(unittest.TestCase):
def test(self):
self.assertTrue(in_table_a1("\u0221"))
self.assertFalse(in_table_a1("\u0222"))
Reported by Pylint.
Line: 6
Column: 1
import unittest
from stringprep import *
class StringprepTests(unittest.TestCase):
def test(self):
self.assertTrue(in_table_a1("\u0221"))
self.assertFalse(in_table_a1("\u0222"))
Reported by Pylint.
Line: 6
Column: 1
import unittest
from stringprep import *
class StringprepTests(unittest.TestCase):
def test(self):
self.assertTrue(in_table_a1("\u0221"))
self.assertFalse(in_table_a1("\u0222"))
Reported by Pylint.
Line: 6
Column: 1
import unittest
from stringprep import *
class StringprepTests(unittest.TestCase):
def test(self):
self.assertTrue(in_table_a1("\u0221"))
self.assertFalse(in_table_a1("\u0222"))
Reported by Pylint.
Line: 6
Column: 1
import unittest
from stringprep import *
class StringprepTests(unittest.TestCase):
def test(self):
self.assertTrue(in_table_a1("\u0221"))
self.assertFalse(in_table_a1("\u0222"))
Reported by Pylint.
Line: 6
Column: 1
import unittest
from stringprep import *
class StringprepTests(unittest.TestCase):
def test(self):
self.assertTrue(in_table_a1("\u0221"))
self.assertFalse(in_table_a1("\u0222"))
Reported by Pylint.
Line: 6
Column: 1
import unittest
from stringprep import *
class StringprepTests(unittest.TestCase):
def test(self):
self.assertTrue(in_table_a1("\u0221"))
self.assertFalse(in_table_a1("\u0222"))
Reported by Pylint.
Line: 6
Column: 1
import unittest
from stringprep import *
class StringprepTests(unittest.TestCase):
def test(self):
self.assertTrue(in_table_a1("\u0221"))
self.assertFalse(in_table_a1("\u0222"))
Reported by Pylint.
Line: 6
Column: 1
import unittest
from stringprep import *
class StringprepTests(unittest.TestCase):
def test(self):
self.assertTrue(in_table_a1("\u0221"))
self.assertFalse(in_table_a1("\u0222"))
Reported by Pylint.
Modules/_tkinter.c
13 issues
Line: 769
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
return NULL;
}
strcpy(argv0, className);
if (Py_ISUPPER(argv0[0]))
argv0[0] = Py_TOLOWER(argv0[0]);
Tcl_SetVar(v->interp, "argv0", argv0, TCL_GLOBAL_ONLY);
PyMem_Free(argv0);
Reported by FlawFinder.
Line: 810
Column: 13
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
if (sync)
strcat(args, " ");
strcat(args, "-use ");
strcat(args, use);
}
Tcl_SetVar(v->interp, "argv", args, TCL_GLOBAL_ONLY);
PyMem_Free(args);
}
Reported by FlawFinder.
Line: 805
Column: 13
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
args[0] = '\0';
if (sync)
strcat(args, "-sync");
if (use) {
if (sync)
strcat(args, " ");
strcat(args, "-use ");
strcat(args, use);
Reported by FlawFinder.
Line: 809
Column: 13
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
if (use) {
if (sync)
strcat(args, " ");
strcat(args, "-use ");
strcat(args, use);
}
Tcl_SetVar(v->interp, "argv", args, TCL_GLOBAL_ONLY);
PyMem_Free(args);
Reported by FlawFinder.
Line: 485
Column: 43
CWE codes:
126
static PyObject *
unicodeFromTclString(const char *s)
{
return unicodeFromTclStringAndSize(s, strlen(s));
}
static PyObject *
unicodeFromTclObj(Tcl_Obj *value)
{
Reported by FlawFinder.
Line: 762
Column: 33
CWE codes:
126
Tcl_SetVar(v->interp, "tcl_interactive", "0", TCL_GLOBAL_ONLY);
/* This is used to get the application class for Tk 4.1 and up */
argv0 = (char*)PyMem_Malloc(strlen(className) + 1);
if (!argv0) {
PyErr_NoMemory();
Py_DECREF(v);
return NULL;
}
Reported by FlawFinder.
Line: 794
Column: 20
CWE codes:
126
if (sync)
len += sizeof "-sync";
if (use)
len += strlen(use) + sizeof "-use "; /* never overflows */
args = (char*)PyMem_Malloc(len);
if (!args) {
PyErr_NoMemory();
Py_DECREF(v);
Reported by FlawFinder.
Line: 808
Column: 17
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
strcat(args, "-sync");
if (use) {
if (sync)
strcat(args, " ");
strcat(args, "-use ");
strcat(args, use);
}
Tcl_SetVar(v->interp, "argv", args, TCL_GLOBAL_ONLY);
Reported by FlawFinder.
Line: 1017
Column: 26
CWE codes:
126
#if SIZE_MAX > INT_MAX
#define CHECK_STRING_LENGTH(s) do { \
if (s != NULL && strlen(s) >= INT_MAX) { \
PyErr_SetString(PyExc_OverflowError, "string is too long"); \
return NULL; \
} } while(0)
#else
#define CHECK_STRING_LENGTH(s)
Reported by FlawFinder.
Line: 1762
Column: 13
CWE codes:
126
return 0;
}
s = PyBytes_AS_STRING(in);
if (strlen(s) != (size_t)PyBytes_GET_SIZE(in)) {
PyErr_SetString(PyExc_ValueError, "embedded null byte");
return 0;
}
*out = s;
return 1;
Reported by FlawFinder.
Tools/freeze/parsesetup.py
13 issues
Line: 1
Column: 1
# Parse Makefiles and Python Setup(.in) files.
import re
# Extract variable definitions from a Makefile.
# Return a dictionary mapping names to values.
# May raise IOError.
Reported by Pylint.
Line: 12
Column: 1
makevardef = re.compile('^([a-zA-Z0-9_]+)[ \t]*=(.*)')
def getmakevars(filename):
variables = {}
fp = open(filename)
pendingline = ""
try:
while 1:
Reported by Pylint.
Line: 14
Column: 5
def getmakevars(filename):
variables = {}
fp = open(filename)
pendingline = ""
try:
while 1:
line = fp.readline()
if pendingline:
Reported by Pylint.
Line: 48
Column: 1
setupvardef = re.compile('^([a-zA-Z0-9_]+)=(.*)')
def getsetupinfo(filename):
modules = {}
variables = {}
fp = open(filename)
pendingline = ""
try:
Reported by Pylint.
Line: 51
Column: 5
def getsetupinfo(filename):
modules = {}
variables = {}
fp = open(filename)
pendingline = ""
try:
while 1:
line = fp.readline()
if pendingline:
Reported by Pylint.
Line: 83
Column: 1
# Test the above functions.
def test():
import sys
import os
if not sys.argv[1:]:
print('usage: python parsesetup.py Makefile*|Setup* ...')
sys.exit(2)
Reported by Pylint.
Line: 84
Column: 5
# Test the above functions.
def test():
import sys
import os
if not sys.argv[1:]:
print('usage: python parsesetup.py Makefile*|Setup* ...')
sys.exit(2)
for arg in sys.argv[1:]:
Reported by Pylint.
Line: 85
Column: 5
def test():
import sys
import os
if not sys.argv[1:]:
print('usage: python parsesetup.py Makefile*|Setup* ...')
sys.exit(2)
for arg in sys.argv[1:]:
base = os.path.basename(arg)
Reported by Pylint.
Line: 93
Column: 13
base = os.path.basename(arg)
if base[:8] == 'Makefile':
print('Make style parsing:', arg)
v = getmakevars(arg)
prdict(v)
elif base[:5] == 'Setup':
print('Setup style parsing:', arg)
m, v = getsetupinfo(arg)
prdict(m)
Reported by Pylint.
Line: 97
Column: 16
prdict(v)
elif base[:5] == 'Setup':
print('Setup style parsing:', arg)
m, v = getsetupinfo(arg)
prdict(m)
prdict(v)
else:
print(arg, 'is neither a Makefile nor a Setup file')
print('(name must begin with "Makefile" or "Setup")')
Reported by Pylint.
Objects/typeobject.c
13 issues
Line: 219
CWE codes:
682
}
/* back "end" up until it points just past the final ')' */
end -= SIGNATURE_END_MARKER_LENGTH - 1;
assert((end - start) >= 2); /* should be "()" at least */
assert(end[-1] == ')');
assert(end[0] == '\n');
return PyUnicode_FromStringAndSize(start, end - start);
}
Reported by Cppcheck.
Line: 8422
CWE codes:
570
for (pp = ptrs; *pp; pp++) {
p = *pp;
offset = p->offset;
while (p > slotdefs && (p-1)->offset == offset)
--p;
*pp = p;
}
if (ptrs[0] == NULL)
return 0; /* Not an attribute that affects any slots */
Reported by Cppcheck.
Line: 1786
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
set_mro_error(PyObject **to_merge, Py_ssize_t to_merge_size, int *remain)
{
Py_ssize_t i, n, off;
char buf[1000];
PyObject *k, *v;
PyObject *set = PyDict_New();
if (!set) return;
for (i = 0; i < to_merge_size; i++) {
Reported by FlawFinder.
Line: 2880
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return -1;
}
memcpy(tp_doc, doc_str, size);
type->tp_doc = tp_doc;
return 0;
}
Reported by FlawFinder.
Line: 3517
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
PyErr_NoMemory();
goto fail;
}
memcpy(tp_doc, slot->pfunc, len);
type->tp_doc = tp_doc;
}
else if (slot->slot == Py_tp_members) {
/* Move the slots to the heap type itself */
size_t len = Py_TYPE(type)->tp_itemsize * nmembers;
Reported by FlawFinder.
Line: 3523
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
else if (slot->slot == Py_tp_members) {
/* Move the slots to the heap type itself */
size_t len = Py_TYPE(type)->tp_itemsize * nmembers;
memcpy(PyHeapType_GET_MEMBERS(res), slot->pfunc, len);
type->tp_members = PyHeapType_GET_MEMBERS(res);
}
else {
/* Copy other slots directly */
PySlot_Offset slotoffsets = pyslot_offsets[slot->slot];
Reported by FlawFinder.
Line: 4236
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* Because of type_is_gc(), the collector only calls this
for heaptypes. */
if (!(type->tp_flags & Py_TPFLAGS_HEAPTYPE)) {
char msg[200];
sprintf(msg, "type_traverse() called on non-heap type '%.100s'",
type->tp_name);
_PyObject_ASSERT_FAILED_MSG((PyObject *)type, msg);
}
Reported by FlawFinder.
Line: 4237
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
for heaptypes. */
if (!(type->tp_flags & Py_TPFLAGS_HEAPTYPE)) {
char msg[200];
sprintf(msg, "type_traverse() called on non-heap type '%.100s'",
type->tp_name);
_PyObject_ASSERT_FAILED_MSG((PyObject *)type, msg);
}
Py_VISIT(type->tp_dict);
Reported by FlawFinder.
Line: 116
Column: 14
CWE codes:
126
if (dot)
name = dot + 1;
length = strlen(name);
if (strncmp(doc, name, length))
return NULL;
doc += length;
if (*doc != '(')
return NULL;
Reported by FlawFinder.
Line: 533
Column: 9
CWE codes:
126
tp_name = PyUnicode_AsUTF8AndSize(value, &name_size);
if (tp_name == NULL)
return -1;
if (strlen(tp_name) != (size_t)name_size) {
PyErr_SetString(PyExc_ValueError,
"type name must not contain null characters");
return -1;
}
Reported by FlawFinder.
Lib/idlelib/idle_test/test_debugger_r.py
13 issues
Line: 34
Column: 24
class BinData:
def __repr__(self):
return self.length
debugger_r.dicttable[0] = {'BinData': BinData()}
idb = debugger_r.IdbAdapter(None)
self.assertTrue(idb.dict_item(0, 'BinData'))
debugger_r.dicttable.clear()
Reported by Pylint.
Line: 5
Column: 1
from idlelib import debugger_r
import unittest
from test.support import requires
from tkinter import Tk
class Test(unittest.TestCase):
Reported by Pylint.
Line: 6
Column: 1
from idlelib import debugger_r
import unittest
from test.support import requires
from tkinter import Tk
class Test(unittest.TestCase):
## @classmethod
Reported by Pylint.
Line: 22
Column: 9
## del cls.root
def test_init(self):
self.assertTrue(True) # Get coverage of import
# Classes GUIProxy, IdbAdapter, FrameProxy, CodeProxy, DictProxy,
# GUIAdapter, IdbProxy plus 7 module functions.
Reported by Pylint.
Line: 4
Column: 1
"Test debugger_r, coverage 30%."
from idlelib import debugger_r
import unittest
from test.support import requires
from tkinter import Tk
class Test(unittest.TestCase):
Reported by Pylint.
Line: 5
Column: 1
from idlelib import debugger_r
import unittest
from test.support import requires
from tkinter import Tk
class Test(unittest.TestCase):
Reported by Pylint.
Line: 6
Column: 1
from idlelib import debugger_r
import unittest
from test.support import requires
from tkinter import Tk
class Test(unittest.TestCase):
## @classmethod
Reported by Pylint.
Line: 9
Column: 1
from tkinter import Tk
class Test(unittest.TestCase):
## @classmethod
## def setUpClass(cls):
## requires('gui')
## cls.root = Tk()
Reported by Pylint.
Line: 21
Column: 5
## cls.root.destroy()
## del cls.root
def test_init(self):
self.assertTrue(True) # Get coverage of import
# Classes GUIProxy, IdbAdapter, FrameProxy, CodeProxy, DictProxy,
# GUIAdapter, IdbProxy plus 7 module functions.
Reported by Pylint.
Line: 28
Column: 1
# Classes GUIProxy, IdbAdapter, FrameProxy, CodeProxy, DictProxy,
# GUIAdapter, IdbProxy plus 7 module functions.
class IdbAdapterTest(unittest.TestCase):
def test_dict_item_noattr(self): # Issue 33065.
class BinData:
def __repr__(self):
Reported by Pylint.