def pre_visit(self, node):
self.context = {}
self.context['imports'] = self.imports
self.context['import_aliases'] = self.import_aliases
if self.debug:
logger.debug(ast.dump(node))
self.metaast.add_node(node, '', self.depth)
if hasattr(node, 'lineno'):
self.context['lineno'] = node.lineno
if node.lineno in self.nosec_lines:
logger.debug("skipped, nosec")
self.metrics.note_nosec()
return False
self.context['node'] = node
self.context['linerange'] = b_utils.linerange_fix(node)
self.context['filename'] = self.fname
self.seen += 1
logger.debug("entering: %s %s [%s]", hex(id(node)), type(node),
self.depth)
self.depth += 1
logger.debug(self.context)
return True
def visit(self, node):
"""Generic visitor
add the node to the node collection, and log it
:param node: The node that is being inspected
:return: -
"""
self.context = copy.copy(self.context_template)
if self.debug:
logger.debug(ast.dump(node))
if self.debug:
self.metaast.add_node(node, "", self.depth)
if hasattr(node, "lineno"):
self.context["lineno"] = node.lineno
if "# nosec" in self.lines[node.lineno - 1] or "#nosec" in self.lines[node.lineno - 1]:
logger.debug("skipped, nosec")
return
self.context["node"] = node
self.context["linerange"] = b_utils.linerange_fix(node)
self.context["filename"] = self.fname
self.seen += 1
logger.debug("entering: %s %s [%s]", hex(id(node)), type(node), self.depth)
self.depth += 1
method = "visit_" + node.__class__.__name__
visitor = getattr(self, method, self.generic_visit)
visitor(node)
self.depth -= 1
logger.debug("%s\texiting : %s", self.depth, hex(id(node)))
def pre_visit(self, node):
self.context = {}
self.context['imports'] = self.imports
self.context['import_aliases'] = self.import_aliases
if self.debug:
LOG.debug(ast.dump(node))
self.metaast.add_node(node, '', self.depth)
if hasattr(node, 'lineno'):
self.context['lineno'] = node.lineno
if node.lineno in self.nosec_lines:
LOG.debug("skipped, nosec")
self.metrics.note_nosec()
return False
self.context['node'] = node
self.context['linerange'] = b_utils.linerange_fix(node)
self.context['filename'] = self.fname
self.seen += 1
LOG.debug("entering: %s %s [%s]", hex(id(node)), type(node),
self.depth)
self.depth += 1
LOG.debug(self.context)
return True
def visit(self, node):
'''Generic visitor
add the node to the node collection, and log it
:param node: The node that is being inspected
:return: -
'''
self.context = copy.copy(self.context_template)
if self.debug:
self.logger.debug(ast.dump(node))
self.metaast.add_node(node, '', self.depth)
if hasattr(node, 'lineno'):
self.context['lineno'] = node.lineno
if ("# nosec" in self.lines[node.lineno - 1]
or "#nosec" in self.lines[node.lineno - 1]):
self.logger.debug("skipped, nosec")
return
self.context['node'] = node
self.context['linerange'] = b_utils.linerange_fix(node)
self.context['filename'] = self.fname
self.seen += 1
self.logger.debug("entering: %s %s [%s]", hex(id(node)), type(node),
self.depth)
self.depth += 1
method = 'visit_' + node.__class__.__name__
visitor = getattr(self, method, self.generic_visit)
visitor(node)
self.depth -= 1
self.logger.debug("%s\texiting : %s", self.depth, hex(id(node)))
def pre_visit(self, node):
self.context = {}
self.context["imports"] = self.imports
self.context["import_aliases"] = self.import_aliases
if self.debug:
LOG.debug(ast.dump(node))
self.metaast.add_node(node, "", self.depth)
if hasattr(node, "lineno"):
self.context["lineno"] = node.lineno
if node.lineno in self.nosec_lines:
LOG.debug("skipped, nosec")
self.metrics.note_nosec()
return False
if hasattr(node, "col_offset"):
self.context["col_offset"] = node.col_offset
self.context["node"] = node
self.context["linerange"] = b_utils.linerange_fix(node)
self.context["filename"] = self.fname
self.seen += 1
LOG.debug("entering: %s %s [%s]", hex(id(node)), type(node),
self.depth)
self.depth += 1
LOG.debug(self.context)
return True
def visit_Bytes(self, node):
'''Visitor for AST Bytes nodes
add relevant information about node to
the context for use in tests which inspect strings.
:param node: The node that is being inspected
:return: -
'''
self.context['bytes'] = node.s
if not isinstance(node.parent, ast.Expr): # docstring
self.context['linerange'] = b_utils.linerange_fix(node.parent)
self.update_scores(self.tester.run_tests(self.context, 'Bytes'))
def visit_Bytes(self, node):
'''Visitor for AST Bytes nodes
add relevant information about node to
the context for use in tests which inspect strings.
:param node: The node that is being inspected
:return: -
'''
self.context['bytes'] = node.s
if not isinstance(node.parent, ast.Expr): # docstring
self.context['linerange'] = b_utils.linerange_fix(node.parent)
self.update_scores(self.tester.run_tests(self.context, 'Bytes'))
def visit_Str(self, node):
"""Visitor for AST String nodes
add relevant information about node to
the context for use in tests which inspect strings.
:param node: The node that is being inspected
:return: -
"""
self.context["str"] = node.s
if not isinstance(node._bandit_parent, ast.Expr): # docstring
self.context["linerange"] = b_utils.linerange_fix(
node._bandit_parent)
self.update_scores(self.tester.run_tests(self.context, "Str"))
def visit_Bytes(self, node):
"""Visitor for AST Bytes nodes
add relevant information about node to
the context for use in tests which inspect strings.
:param node: The node that is being inspected
:return: -
"""
self.context["bytes"] = node.s
if self.debug:
logger.debug("visit_Bytes called (%s)", ast.dump(node))
if not isinstance(node.parent, ast.Expr): # docstring
self.context["linerange"] = b_utils.linerange_fix(node.parent)
self.update_scores(self.tester.run_tests(self.context, "Bytes"))
self.generic_visit(node)
def visit_Str(self, node):
'''Visitor for AST String nodes
add relevant information about node to
the context for use in tests which inspect strings.
:param node: The node that is being inspected
:return: -
'''
self.context['str'] = node.s
if self.debug:
self.logger.debug("visit_Str called (%s)", ast.dump(node))
if not isinstance(node.parent, ast.Expr): # docstring
self.context['linerange'] = b_utils.linerange_fix(node.parent)
self.update_scores(self.tester.run_tests(self.context, 'Str'))
self.generic_visit(node)
def visit_Str(self, node):
'''Visitor for AST String nodes
add relevant information about node to
the context for use in tests which inspect strings.
:param node: The node that is being inspected
:return: -
'''
self.context['str'] = node.s
if self.debug:
self.logger.debug("visit_Str called (%s)", ast.dump(node))
if not isinstance(node.parent, ast.Expr): # docstring
self.context['linerange'] = b_utils.linerange_fix(node.parent)
self.update_scores(self.tester.run_tests(self.context, 'Str'))
self.generic_visit(node)
