def setUp(self): super(YamlFormatterTests, self).setUp() conf = config.BanditConfig() self.manager = manager.BanditManager(conf, 'file') (tmp_fd, self.tmp_fname) = tempfile.mkstemp() self.context = {'filename': self.tmp_fname, 'lineno': 4, 'linerange': [4]} self.check_name = 'hardcoded_bind_all_interfaces' self.issue = issue.Issue(bandit.MEDIUM, bandit.MEDIUM, 'Possible binding to all interfaces.') self.candidates = [issue.Issue(bandit.LOW, bandit.LOW, 'Candidate A', lineno=1), issue.Issue(bandit.HIGH, bandit.HIGH, 'Candiate B', lineno=2)] self.manager.out_file = self.tmp_fname self.issue.fname = self.context['filename'] self.issue.lineno = self.context['lineno'] self.issue.linerange = self.context['linerange'] self.issue.test = self.check_name self.manager.results.append(self.issue) self.manager.metrics = metrics.Metrics() # mock up the metrics for key in ['_totals', 'binding.py']: self.manager.metrics.data[key] = {'loc': 4, 'nosec': 2} for (criteria, default) in constants.CRITERIA: for rank in constants.RANKING: self.manager.metrics.data[key]['{0}.{1}'.format( criteria, rank )] = 0
def setUp(self): super().setUp() conf = config.BanditConfig() self.manager = manager.BanditManager(conf, "file") (tmp_fd, self.tmp_fname) = tempfile.mkstemp() self.context = { "filename": self.tmp_fname, "lineno": 4, "linerange": [4], } self.check_name = "hardcoded_bind_all_interfaces" self.issue = issue.Issue(bandit.MEDIUM, bandit.MEDIUM, "Possible binding to all interfaces.") self.candidates = [ issue.Issue(bandit.LOW, bandit.LOW, "Candidate A", lineno=1), issue.Issue(bandit.HIGH, bandit.HIGH, "Candiate B", lineno=2), ] self.manager.out_file = self.tmp_fname self.issue.fname = self.context["filename"] self.issue.lineno = self.context["lineno"] self.issue.linerange = self.context["linerange"] self.issue.test = self.check_name self.manager.results.append(self.issue) self.manager.metrics = metrics.Metrics() # mock up the metrics for key in ["_totals", "binding.py"]: self.manager.metrics.data[key] = {"loc": 4, "nosec": 2} for (criteria, default) in constants.CRITERIA: for rank in constants.RANKING: self.manager.metrics.data[key][f"{criteria}.{rank}"] = 0
def _get_issue_instance(severity=bandit.MEDIUM, confidence=bandit.MEDIUM): new_issue = issue.Issue(severity, confidence, "Test issue") new_issue.fname = "code.py" new_issue.test = "bandit_plugin" new_issue.test_id = "B999" new_issue.lineno = 1 return new_issue
def _get_issue_instance(severity=bandit.MEDIUM, confidence=bandit.MEDIUM): new_issue = issue.Issue(severity, confidence, 'Test issue') new_issue.fname = 'code.py' new_issue.test = 'bandit_plugin' new_issue.test_id = 'B999' new_issue.lineno = 1 return new_issue
def setUp(self): super().setUp() conf = config.BanditConfig() self.manager = manager.BanditManager(conf, "custom") (tmp_fd, self.tmp_fname) = tempfile.mkstemp() self.context = { "filename": self.tmp_fname, "lineno": 4, "linerange": [4], "col_offset": 30, } self.check_name = "hardcoded_bind_all_interfaces" self.issue = issue.Issue( bandit.MEDIUM, bandit.MEDIUM, text="Possible binding to all interfaces.", ) self.manager.out_file = self.tmp_fname self.issue.fname = self.context["filename"] self.issue.lineno = self.context["lineno"] self.issue.linerange = self.context["linerange"] self.issue.col_offset = self.context["col_offset"] self.issue.test = self.check_name self.manager.results.append(self.issue)
def test_get_code(self, getline): getline.return_value = b"\x08\x30" new_issue = issue.Issue(bandit.MEDIUM, lineno=1) try: new_issue.get_code() except UnicodeDecodeError: self.fail("Bytes not properly decoded in issue.get_code()")
def report_issue(check, name): return issue.Issue( severity=check.get("level", "MEDIUM"), confidence="HIGH", text=check["message"].replace("{name}", name), ident=name, test_id=check.get("id", "LEGACY"), )
def test_results_count(self): levels = [constants.LOW, constants.MEDIUM, constants.HIGH] self.manager.results = ( [issue.Issue(severity=l, confidence=l) for l in levels]) r = [self.manager.results_count(sev_filter=l, conf_filter=l) for l in levels] self.assertEqual([3, 2, 1], r)
def _get_issue_instance( severity=bandit.MEDIUM, cwe=issue.Cwe.MULTIPLE_BINDS, confidence=bandit.MEDIUM, ): new_issue = issue.Issue(severity, cwe, confidence, "Test issue") new_issue.fname = "code.py" new_issue.test = "bandit_plugin" new_issue.lineno = 1 return new_issue
def _get_issue_instance( self, sev=constants.MEDIUM, cwe=issue.Cwe.MULTIPLE_BINDS, conf=constants.MEDIUM, ): new_issue = issue.Issue(sev, cwe, conf, "Test issue") new_issue.fname = "code.py" new_issue.test = "bandit_plugin" new_issue.lineno = 1 return new_issue
def test_results_count(self): levels = [constants.LOW, constants.MEDIUM, constants.HIGH] self.manager.results = [ issue.Issue(severity=level, cwe=issue.Cwe.MULTIPLE_BINDS, confidence=level) for level in levels ] r = [ self.manager.results_count(sev_filter=level, conf_filter=level) for level in levels ] self.assertEqual([3, 2, 1], r)
def setUp(self): super(CsvFormatterTests, self).setUp() conf = config.BanditConfig() self.manager = manager.BanditManager(conf, 'file') (tmp_fd, self.tmp_fname) = tempfile.mkstemp() self.context = {'filename': self.tmp_fname, 'lineno': 4, 'linerange': [4]} self.check_name = 'hardcoded_bind_all_interfaces' self.issue = issue.Issue(bandit.MEDIUM, bandit.MEDIUM, 'Possible binding to all interfaces.') self.manager.out_file = self.tmp_fname self.issue.fname = self.context['filename'] self.issue.lineno = self.context['lineno'] self.issue.linerange = self.context['linerange'] self.issue.test = self.check_name self.manager.results.append(self.issue)
def _get_issue_instance(self, sev=constants.MEDIUM, conf=constants.MEDIUM): new_issue = issue.Issue(sev, conf, 'Test issue') new_issue.fname = 'code.py' new_issue.test = 'bandit_plugin' new_issue.lineno = 1 return new_issue
def report_issue(check, name): return issue.Issue(severity=check['level'], confidence='HIGH', text=check['message'].replace('{name}', name), ident=name, test_id=check["id"])
def report_issue(check, name): return issue.Issue(severity=check.get('level', 'MEDIUM'), confidence='HIGH', text=check['message'].replace('{name}', name), ident=name, test_id=check.get("id", 'LEGACY'))