eric6.Plugins.CheckerPlugins.CodeStyleChecker.Security.Checks.injectionShell

Module implementing a check for shell injection.

Global Attributes

fullPathMatchRe

Classes

None

Functions

_evaluateShellCall	Function to determine the severity of a shell call.
checkOtherFunctionWithShell	Function to check for any function with shell equals true.
checkStartProcessWithNoShell	Function to check for starting a process with no shell.
checkStartProcessWithPartialPath	Function to check for starting a process with no shell.
checkStartProcessWithShell	Function to check for starting a process with a shell.
checkSubprocessPopenWithShell	Function to check for use of popen with shell equals true.
checkSubprocessPopenWithoutShell	Function to check for use of popen without shell equals true.
getChecks	Public method to get a dictionary with checks handled by this module.
hasShell	Function to check, if the node of the context contains the shell keyword.

_evaluateShellCall

_evaluateShellCall(context)

Function to determine the severity of a shell call.

context (SecurityContext): context to be inspected

Returns:: severity level (L, M or H)

Return Type:: str

checkOtherFunctionWithShell

checkOtherFunctionWithShell(reportError, context, config)

Function to check for any function with shell equals true.

reportError (func): function to be used to report errors
context (SecurityContext): security context object
config (dict): dictionary with configuration data

checkStartProcessWithNoShell

checkStartProcessWithNoShell(reportError, context, config)

Function to check for starting a process with no shell.

reportError (func): function to be used to report errors
context (SecurityContext): security context object
config (dict): dictionary with configuration data

checkStartProcessWithPartialPath

checkStartProcessWithPartialPath(reportError, context, config)

Function to check for starting a process with no shell.

reportError (func): function to be used to report errors
context (SecurityContext): security context object
config (dict): dictionary with configuration data

checkStartProcessWithShell

checkStartProcessWithShell(reportError, context, config)

Function to check for starting a process with a shell.

reportError (func): function to be used to report errors
context (SecurityContext): security context object
config (dict): dictionary with configuration data

checkSubprocessPopenWithShell

checkSubprocessPopenWithShell(reportError, context, config)

Function to check for use of popen with shell equals true.

reportError (func): function to be used to report errors
context (SecurityContext): security context object
config (dict): dictionary with configuration data

checkSubprocessPopenWithoutShell

checkSubprocessPopenWithoutShell(reportError, context, config)

Function to check for use of popen without shell equals true.

reportError (func): function to be used to report errors
context (SecurityContext): security context object
config (dict): dictionary with configuration data

getChecks

getChecks()

Public method to get a dictionary with checks handled by this module.

Returns:: dictionary containing checker lists containing checker function and list of codes

Return Type:: dict

hasShell

hasShell(context)

Function to check, if the node of the context contains the shell keyword.

context (SecurityContext): context to be inspected

Returns:: tuple containing a flag indicating the presence of the 'shell' argument and flag indicating the value of the 'shell' argument

Return Type:: tuple of (bool, bool)

Home ⌂Doc Index ◂Up ▴