The following issues were found
Modules/expat/xmltok_impl.c
6 issues
Line: 610
Column: 11
CWE codes:
362
}
/* fall through */
case BT_EQUALS: {
int open;
# ifdef XML_NS
hadColon = 0;
# endif
for (;;) {
ptr += MINBPC(enc);
Reported by FlawFinder.
Line: 620
Column: 17
CWE codes:
362
open = BYTE_TYPE(enc, ptr);
if (open == BT_QUOT || open == BT_APOS)
break;
switch (open) {
case BT_S:
case BT_LF:
case BT_CR:
break;
default:
Reported by FlawFinder.
Line: 636
Column: 18
CWE codes:
362
int t;
REQUIRE_CHAR(enc, ptr, end);
t = BYTE_TYPE(enc, ptr);
if (t == open)
break;
switch (t) {
INVALID_CASES(ptr, nextTokPtr)
case BT_AMP: {
int tok = PREFIX(scanRef)(enc, ptr + MINBPC(enc), end, &ptr);
Reported by FlawFinder.
Line: 973
Column: 21
CWE codes:
362
}
static int PTRCALL
PREFIX(scanLit)(int open, const ENCODING *enc, const char *ptr, const char *end,
const char **nextTokPtr) {
while (HAS_CHAR(enc, ptr, end)) {
int t = BYTE_TYPE(enc, ptr);
switch (t) {
INVALID_CASES(ptr, nextTokPtr)
Reported by FlawFinder.
Line: 982
Column: 16
CWE codes:
362
case BT_QUOT:
case BT_APOS:
ptr += MINBPC(enc);
if (t != open)
break;
if (! HAS_CHAR(enc, ptr, end))
return -XML_TOK_LITERAL;
*nextTokPtr = ptr;
switch (BYTE_TYPE(enc, ptr)) {
Reported by FlawFinder.
Line: 1563
Column: 60
CWE codes:
362
&& (ptr == atts[nAtts].valuePtr
|| BYTE_TO_ASCII(enc, ptr) != ASCII_SPACE
|| BYTE_TO_ASCII(enc, ptr + MINBPC(enc)) == ASCII_SPACE
|| BYTE_TYPE(enc, ptr + MINBPC(enc)) == open))
atts[nAtts].normalized = 0;
break;
case BT_CR:
case BT_LF:
/* This case ensures that the first attribute name is counted
Reported by FlawFinder.
Lib/test/test_sndhdr.py
6 issues
Line: 33
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b301-pickle
what = sndhdr.what(filename)
for proto in range(pickle.HIGHEST_PROTOCOL + 1):
dump = pickle.dumps(what, proto)
self.assertEqual(pickle.loads(dump), what)
if __name__ == '__main__':
unittest.main()
Reported by Bandit.
Line: 1
Column: 1
import sndhdr
import pickle
import unittest
from test.support import findfile
class TestFormats(unittest.TestCase):
def test_data(self):
for filename, expected in (
('sndhdr.8svx', ('8svx', 0, 1, 0, 8)),
Reported by Pylint.
Line: 2
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b403-import-pickle
import sndhdr
import pickle
import unittest
from test.support import findfile
class TestFormats(unittest.TestCase):
def test_data(self):
for filename, expected in (
('sndhdr.8svx', ('8svx', 0, 1, 0, 8)),
Reported by Bandit.
Line: 6
Column: 1
import unittest
from test.support import findfile
class TestFormats(unittest.TestCase):
def test_data(self):
for filename, expected in (
('sndhdr.8svx', ('8svx', 0, 1, 0, 8)),
('sndhdr.aifc', ('aifc', 44100, 2, 5, 16)),
('sndhdr.aiff', ('aiff', 44100, 2, 5, 16)),
Reported by Pylint.
Line: 7
Column: 5
from test.support import findfile
class TestFormats(unittest.TestCase):
def test_data(self):
for filename, expected in (
('sndhdr.8svx', ('8svx', 0, 1, 0, 8)),
('sndhdr.aifc', ('aifc', 44100, 2, 5, 16)),
('sndhdr.aiff', ('aiff', 44100, 2, 5, 16)),
('sndhdr.au', ('au', 44100, 2, 5.0, 16)),
Reported by Pylint.
Line: 28
Column: 5
self.assertEqual(what.nframes, expected[3])
self.assertEqual(what.sampwidth, expected[4])
def test_pickleable(self):
filename = findfile('sndhdr.aifc', subdir="sndhdrdata")
what = sndhdr.what(filename)
for proto in range(pickle.HIGHEST_PROTOCOL + 1):
dump = pickle.dumps(what, proto)
self.assertEqual(pickle.loads(dump), what)
Reported by Pylint.
Modules/faulthandler.c
6 issues
Line: 1025
CWE codes:
476
faulthandler_suppress_crash_report();
x = NULL;
y = *x;
return PyLong_FromLong(y);
}
static void
Reported by Cppcheck.
Line: 1113
CWE codes:
369
PowerPC. Use volatile to disable compile-time optimizations. */
volatile int x = 1, y = 0, z;
faulthandler_suppress_crash_report();
z = x / y;
/* If the division by zero didn't raise a SIGFPE (e.g. on PowerPC),
raise it manually. */
raise(SIGFPE);
/* This line is never reached, but we pretend to make something with z
to silence a compiler warning. */
Reported by Cppcheck.
Line: 659
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
format_timeout(_PyTime_t us)
{
unsigned long sec, min, hour;
char buffer[100];
/* the downcast is safe: the caller check that 0 < us <= LONG_MAX */
sec = (unsigned long)(us / SEC_TO_US);
us %= SEC_TO_US;
Reported by FlawFinder.
Line: 1140
Column: 23
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
bpo-23654, bpo-38965: use volatile keyword to prevent tail call
optimization. */
volatile unsigned char buffer[4096];
uintptr_t sp = (uintptr_t)&buffer;
*depth += 1;
if (sp < min_sp || max_sp < sp)
return sp;
buffer[0] = 1;
Reported by FlawFinder.
Line: 30
Column: 50
CWE codes:
126
# define FAULTHANDLER_USER
#endif
#define PUTS(fd, str) _Py_write_noraise(fd, str, strlen(str))
_Py_IDENTIFIER(enable);
_Py_IDENTIFIER(fileno);
_Py_IDENTIFIER(flush);
_Py_IDENTIFIER(stderr);
Reported by FlawFinder.
Line: 751
Column: 18
CWE codes:
126
if (header == NULL) {
return PyErr_NoMemory();
}
header_len = strlen(header);
/* Cancel previous thread, if running */
cancel_dump_traceback_later();
Py_XINCREF(file);
Reported by FlawFinder.
Tools/demo/beer.py
6 issues
Line: 16
Column: 12
if sys.argv[1:]:
n = int(sys.argv[1])
def bottle(n):
if n == 0: return "no more bottles of beer"
if n == 1: return "one bottle of beer"
return str(n) + " bottles of beer"
for i in range(n, 0, -1):
Reported by Pylint.
Line: 12
Column: 1
import sys
n = 100
if sys.argv[1:]:
n = int(sys.argv[1])
def bottle(n):
if n == 0: return "no more bottles of beer"
Reported by Pylint.
Line: 16
Column: 1
if sys.argv[1:]:
n = int(sys.argv[1])
def bottle(n):
if n == 0: return "no more bottles of beer"
if n == 1: return "one bottle of beer"
return str(n) + " bottles of beer"
for i in range(n, 0, -1):
Reported by Pylint.
Line: 16
Column: 1
if sys.argv[1:]:
n = int(sys.argv[1])
def bottle(n):
if n == 0: return "no more bottles of beer"
if n == 1: return "one bottle of beer"
return str(n) + " bottles of beer"
for i in range(n, 0, -1):
Reported by Pylint.
Line: 17
Column: 16
n = int(sys.argv[1])
def bottle(n):
if n == 0: return "no more bottles of beer"
if n == 1: return "one bottle of beer"
return str(n) + " bottles of beer"
for i in range(n, 0, -1):
print(bottle(i), "on the wall,")
Reported by Pylint.
Line: 18
Column: 16
def bottle(n):
if n == 0: return "no more bottles of beer"
if n == 1: return "one bottle of beer"
return str(n) + " bottles of beer"
for i in range(n, 0, -1):
print(bottle(i), "on the wall,")
print(bottle(i) + ".")
Reported by Pylint.
Lib/test/test_type_cache.py
6 issues
Line: 24
Column: 9
# Check if global version tag has already overflowed.
Y = type('Y', (), {})
Y.x = 1
Y.x # Force a _PyType_Lookup, populating version tag
y_ver = type_get_version(Y)
# Overflow, or not enough left to conduct the test.
if y_ver == 0 or y_ver > 0xFFFFF000:
self.skipTest("Out of type version tags")
# Note: try to avoid any method lookups within this loop,
Reported by Pylint.
Line: 38
Column: 13
_clear_type_cache()
X = type('Y', (), {})
X.x = 1
X.x
tp_version_tag_after = type_get_version(X)
assertNotEqual(tp_version_tag_after, 0, msg="Version overflowed")
append_result(tp_version_tag_after)
self.assertEqual(len(set(all_version_tags)), 30,
msg=f"{all_version_tags} contains non-unique versions")
Reported by Pylint.
Line: 24
Column: 9
# Check if global version tag has already overflowed.
Y = type('Y', (), {})
Y.x = 1
Y.x # Force a _PyType_Lookup, populating version tag
y_ver = type_get_version(Y)
# Overflow, or not enough left to conduct the test.
if y_ver == 0 or y_ver > 0xFFFFF000:
self.skipTest("Out of type version tags")
# Note: try to avoid any method lookups within this loop,
Reported by Pylint.
Line: 38
Column: 13
_clear_type_cache()
X = type('Y', (), {})
X.x = 1
X.x
tp_version_tag_after = type_get_version(X)
assertNotEqual(tp_version_tag_after, 0, msg="Version overflowed")
append_result(tp_version_tag_after)
self.assertEqual(len(set(all_version_tags)), 30,
msg=f"{all_version_tags} contains non-unique versions")
Reported by Pylint.
Line: 16
Column: 1
@support.cpython_only
@unittest.skipIf(_clear_type_cache is None, "requires sys._clear_type_cache")
class TypeCacheTests(unittest.TestCase):
def test_tp_version_tag_unique(self):
"""tp_version_tag should be unique assuming no overflow, even after
clearing type cache.
"""
# Check if global version tag has already overflowed.
Reported by Pylint.
Line: 33
Column: 9
# It will affect global version tag.
all_version_tags = []
append_result = all_version_tags.append
assertNotEqual = self.assertNotEqual
for _ in range(30):
_clear_type_cache()
X = type('Y', (), {})
X.x = 1
X.x
Reported by Pylint.
Tools/demo/rpythond.py
6 issues
Line: 46
Column: 13
sys.stdout = sys.stderr = fakefile = io.StringIO()
try:
try:
exec(request, {}, {})
except:
print()
traceback.print_exc(100)
finally:
sys.stderr = stderr
Reported by Pylint.
Line: 46
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b102_exec_used.html
sys.stdout = sys.stderr = fakefile = io.StringIO()
try:
try:
exec(request, {}, {})
except:
print()
traceback.print_exc(100)
finally:
sys.stderr = stderr
Reported by Bandit.
Line: 47
Column: 9
try:
try:
exec(request, {}, {})
except:
print()
traceback.print_exc(100)
finally:
sys.stderr = stderr
sys.stdout = stdout
Reported by Pylint.
Line: 19
Column: 1
PORT = 4127
BUFSIZE = 1024
def main():
if len(sys.argv) > 1:
port = int(sys.argv[1])
else:
port = PORT
s = socket(AF_INET, SOCK_STREAM)
Reported by Pylint.
Line: 24
Column: 5
port = int(sys.argv[1])
else:
port = PORT
s = socket(AF_INET, SOCK_STREAM)
s.bind(('', port))
s.listen(1)
while True:
conn, (remotehost, remoteport) = s.accept()
with conn:
Reported by Pylint.
Line: 40
Column: 1
reply = execute(request.decode())
conn.send(reply.encode())
def execute(request):
stdout = sys.stdout
stderr = sys.stderr
sys.stdout = sys.stderr = fakefile = io.StringIO()
try:
try:
Reported by Pylint.
Lib/test/testcodec.py
6 issues
Line: 14
Column: 21
class Codec(codecs.Codec):
def encode(self,input,errors='strict'):
return codecs.charmap_encode(input,errors,encoding_map)
def decode(self,input,errors='strict'):
Reported by Pylint.
Line: 18
Column: 21
return codecs.charmap_encode(input,errors,encoding_map)
def decode(self,input,errors='strict'):
return codecs.charmap_decode(input,errors,decoding_map)
class StreamWriter(Codec,codecs.StreamWriter):
pass
Reported by Pylint.
Line: 12
Column: 1
### Codec APIs
class Codec(codecs.Codec):
def encode(self,input,errors='strict'):
return codecs.charmap_encode(input,errors,encoding_map)
Reported by Pylint.
Line: 22
Column: 1
return codecs.charmap_decode(input,errors,decoding_map)
class StreamWriter(Codec,codecs.StreamWriter):
pass
class StreamReader(Codec,codecs.StreamReader):
pass
Reported by Pylint.
Line: 25
Column: 1
class StreamWriter(Codec,codecs.StreamWriter):
pass
class StreamReader(Codec,codecs.StreamReader):
pass
### encodings module API
def getregentry():
Reported by Pylint.
Line: 30
Column: 1
### encodings module API
def getregentry():
return (Codec().encode,Codec().decode,StreamReader,StreamWriter)
### Decoding Map
Reported by Pylint.
Modules/_localemodule.c
6 issues
Line: 455
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
_locale__getdefaultlocale_impl(PyObject *module)
/*[clinic end generated code: output=e6254088579534c2 input=003ea41acd17f7c7]*/
{
char encoding[20];
char locale[100];
PyOS_snprintf(encoding, sizeof(encoding), "cp%u", GetACP());
if (GetLocaleInfo(LOCALE_USER_DEFAULT,
Reported by FlawFinder.
Line: 456
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/*[clinic end generated code: output=e6254088579534c2 input=003ea41acd17f7c7]*/
{
char encoding[20];
char locale[100];
PyOS_snprintf(encoding, sizeof(encoding), "cp%u", GetACP());
if (GetLocaleInfo(LOCALE_USER_DEFAULT,
LOCALE_SISO639LANGNAME,
Reported by FlawFinder.
Line: 152
Column: 13
CWE codes:
126
static int
locale_is_ascii(const char *str)
{
return (strlen(str) == 1 && ((unsigned char)str[0]) <= 127);
}
static int
locale_decode_monetary(PyObject *dict, struct lconv *lc)
{
Reported by FlawFinder.
Line: 402
Column: 9
CWE codes:
126
s = PyUnicode_AsWideCharString(str, &n1);
if (s == NULL)
goto exit;
if (wcslen(s) != (size_t)n1) {
PyErr_SetString(PyExc_ValueError,
"embedded null character");
goto exit;
}
Reported by FlawFinder.
Line: 463
Column: 24
CWE codes:
126
if (GetLocaleInfo(LOCALE_USER_DEFAULT,
LOCALE_SISO639LANGNAME,
locale, sizeof(locale))) {
Py_ssize_t i = strlen(locale);
locale[i++] = '_';
if (GetLocaleInfo(LOCALE_USER_DEFAULT,
LOCALE_SISO3166CTRYNAME,
locale+i, (int)(sizeof(locale)-i)))
return Py_BuildValue("ss", locale, encoding);
Reported by FlawFinder.
Line: 723
Column: 10
CWE codes:
126
const char *dirname, *current_dirname;
PyObject *dirname_bytes = NULL, *result;
if (!strlen(domain)) {
PyErr_SetString(get_locale_state(module)->Error,
"domain must be a non-empty string");
return 0;
}
if (dirname_obj != Py_None) {
Reported by FlawFinder.
Lib/test/test_sqlite.py
6 issues
Line: 13
Column: 1
factory, transactions, hooks, regression,
dump, backup)
def load_tests(*args):
if test.support.verbose:
print("test_sqlite: testing with version",
"{!r}, sqlite_version {!r}".format(sqlite3.version,
sqlite3.sqlite_version))
return unittest.TestSuite([dbapi.suite(), types.suite(),
Reported by Pylint.
Line: 1
Column: 1
import test.support
from test.support import import_helper
# Skip test if _sqlite3 module not installed
import_helper.import_module('_sqlite3')
import unittest
import sqlite3
from sqlite3.test import (dbapi, types, userfunctions,
Reported by Pylint.
Line: 7
Column: 1
# Skip test if _sqlite3 module not installed
import_helper.import_module('_sqlite3')
import unittest
import sqlite3
from sqlite3.test import (dbapi, types, userfunctions,
factory, transactions, hooks, regression,
dump, backup)
Reported by Pylint.
Line: 8
Column: 1
import_helper.import_module('_sqlite3')
import unittest
import sqlite3
from sqlite3.test import (dbapi, types, userfunctions,
factory, transactions, hooks, regression,
dump, backup)
def load_tests(*args):
Reported by Pylint.
Line: 9
Column: 1
import unittest
import sqlite3
from sqlite3.test import (dbapi, types, userfunctions,
factory, transactions, hooks, regression,
dump, backup)
def load_tests(*args):
if test.support.verbose:
Reported by Pylint.
Line: 13
Column: 1
factory, transactions, hooks, regression,
dump, backup)
def load_tests(*args):
if test.support.verbose:
print("test_sqlite: testing with version",
"{!r}, sqlite_version {!r}".format(sqlite3.version,
sqlite3.sqlite_version))
return unittest.TestSuite([dbapi.suite(), types.suite(),
Reported by Pylint.
Modules/overlapped.c
6 issues
Line: 188
Py_BEGIN_ALLOW_THREADS
hKernel32 = GetModuleHandle("KERNEL32");
*(FARPROC *)&Py_CancelIoEx = GetProcAddress(hKernel32, "CancelIoEx");
Py_END_ALLOW_THREADS
return 0;
}
/*
* Completion port stuff
Reported by Cppcheck.
Line: 735
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static PyObject *
make_ipv4_addr(const struct sockaddr_in *addr)
{
char buf[INET_ADDRSTRLEN];
if (inet_ntop(AF_INET, &addr->sin_addr, buf, sizeof(buf)) == NULL) {
PyErr_SetFromErrno(PyExc_OSError);
return NULL;
}
return PyUnicode_FromString(buf);
Reported by FlawFinder.
Line: 748
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static PyObject *
make_ipv6_addr(const struct sockaddr_in6 *addr)
{
char buf[INET6_ADDRSTRLEN];
if (inet_ntop(AF_INET6, &addr->sin6_addr, buf, sizeof(buf)) == NULL) {
PyErr_SetFromErrno(PyExc_OSError);
return NULL;
}
return PyUnicode_FromString(buf);
Reported by FlawFinder.
Line: 1397
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
PyObject *AddressObj)
/*[clinic end generated code: output=5aebbbdb4f022833 input=d6bbd2d84b156fc1]*/
{
char AddressBuf[sizeof(struct sockaddr_in6)];
SOCKADDR *Address = (SOCKADDR*)AddressBuf;
int Length;
BOOL ret;
DWORD err;
Reported by FlawFinder.
Line: 1652
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
PyObject *AddressObj)
/*[clinic end generated code: output=ea0b4391e94dad63 input=169f8075e9ae7fa4]*/
{
char AddressBuf[sizeof(struct sockaddr_in6)];
SOCKADDR *Address = (SOCKADDR*)AddressBuf;
int Length;
int err;
Length = sizeof(AddressBuf);
Reported by FlawFinder.
Line: 1696
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
PyObject *AddressObj)
/*[clinic end generated code: output=fe0ff55eb60d65e1 input=f709e6ecebd9bc18]*/
{
char AddressBuf[sizeof(struct sockaddr_in6)];
SOCKADDR *Address = (SOCKADDR*)AddressBuf;
int AddressLength;
DWORD written;
WSABUF wsabuf;
int ret;
Reported by FlawFinder.