How to use the bandit.core.test_properties.takes_config function in bandit

To help you get started, we’ve selected a few bandit examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github PyCQA / bandit / bandit / plugins / injection_wildcard.py View on Github external
@test.takes_config('shell_injection')
@test.checks('Call')
@test.test_id('B609')
def linux_commands_wildcard_injection(context, config):
    if not ('shell' in config and 'subprocess' in config):
        return

    vulnerable_funcs = ['chown', 'chmod', 'tar', 'rsync']
    if context.call_function_name_qual in config['shell'] or (
            context.call_function_name_qual in config['subprocess'] and
            context.check_call_arg_value('shell', 'True')):
        if context.call_args_count >= 1:
            call_argument = context.get_call_arg_at_position(0)
            argument_string = ''
            if isinstance(call_argument, list):
                for li in call_argument:
                    argument_string = argument_string + ' %s' % li
github PyCQA / bandit / bandit / plugins / injection_shell.py View on Github external
@test.takes_config('shell_injection')
@test.checks('Call')
@test.test_id('B605')
def start_process_with_a_shell(context, config):
    """**B605: Test for starting a process with a shell**

    Python possesses many mechanisms to invoke an external executable. However,
    doing so may present a security issue if appropriate care is not taken to
    sanitize any user provided or variable input.

    This plugin test is part of a family of tests built to check for process
    spawning and warn appropriately. Specifically, this test looks for the
    spawning of a subprocess using a command shell. This type of subprocess
    invocation is dangerous as it is vulnerable to various shell injection
    attacks. Great care should be taken to sanitize all input in order to
    mitigate this risk. Calls of this type are identified by the use of certain
    commands which are known to use shells. Bandit will report a LOW
github PyCQA / bandit / bandit / plugins / injection_shell.py View on Github external
@test.takes_config('shell_injection')
@test.checks('Call')
@test.test_id('B607')
def start_process_with_partial_path(context, config):
    """**B607: Test for starting a process with a partial path**

    Python possesses many mechanisms to invoke an external executable. If the
    desired executable path is not fully qualified relative to the filesystem
    root then this may present a potential security risk.

    In POSIX environments, the `PATH` environment variable is used to specify a
    set of standard locations that will be searched for the first matching
    named executable. While convenient, this behavior may allow a malicious
    actor to exert control over a system. If they are able to adjust the
    contents of the `PATH` variable, or manipulate the file system, then a
    bogus executable may be discovered in place of the desired one. This
    executable will be invoked with the user privileges of the Python process
github PyCQA / bandit / bandit / plugins / insecure_ssl_tls.py View on Github external
@test.takes_config("ssl_with_bad_version")
@test.checks('FunctionDef')
@test.test_id('B503')
def ssl_with_bad_defaults(context, config):
    """**B503: Test for SSL use with bad defaults specified**

    This plugin is part of a family of tests that detect the use of known bad
    versions of SSL/TLS, please see :doc:`../plugins/ssl_with_bad_version` for
    a complete discussion. Specifically, this plugin test scans for Python
    methods with default parameter values that specify the use of broken
    SSL/TLS protocol versions. Currently, detection supports methods using
    Python's native SSL/TLS support and the pyOpenSSL module. A MEDIUM severity
    warning will be reported whenever known broken protocol versions are
    detected.

    **Config Options:**
github PyCQA / bandit / bandit / plugins / injection_shell.py View on Github external
@test.takes_config('shell_injection')
@test.checks('Call')
@test.test_id('B602')
def subprocess_popen_with_shell_equals_true(context, config):
    """**B602: Test for use of popen with shell equals true**

    Python possesses many mechanisms to invoke an external executable. However,
    doing so may present a security issue if appropriate care is not taken to
    sanitize any user provided or variable input.

    This plugin test is part of a family of tests built to check for process
    spawning and warn appropriately. Specifically, this test looks for the
    spawning of a subprocess using a command shell. This type of subprocess
    invocation is dangerous as it is vulnerable to various shell injection
    attacks. Great care should be taken to sanitize all input in order to
    mitigate this risk. Calls of this type are identified by a parameter of
    'shell=True' being given.
github PyCQA / bandit / bandit / plugins / injection_shell.py View on Github external
@test.takes_config('shell_injection')
@test.checks('Call')
@test.test_id('B604')
def any_other_function_with_shell_equals_true(context, config):
    """**B604: Test for any function with shell equals true**

    Python possesses many mechanisms to invoke an external executable. However,
    doing so may present a security issue if appropriate care is not taken to
    sanitize any user provided or variable input.

    This plugin test is part of a family of tests built to check for process
    spawning and warn appropriately. Specifically, this plugin test
    interrogates method calls for the presence of a keyword parameter `shell`
    equalling true. It is related to detection of shell injection issues and is
    intended to catch custom wrappers to vulnerable methods that may have been
    created.
github PyCQA / bandit / bandit / plugins / injection_shell.py View on Github external
@test.takes_config('shell_injection')
@test.checks('Call')
@test.test_id('B606')
def start_process_with_no_shell(context, config):
    """**B606: Test for starting a process with no shell**

    Python possesses many mechanisms to invoke an external executable. However,
    doing so may present a security issue if appropriate care is not taken to
    sanitize any user provided or variable input.

    This plugin test is part of a family of tests built to check for process
    spawning and warn appropriately. Specifically, this test looks for the
    spawning of a subprocess in a way that doesn't use a shell. Although this
    is generally safe, it maybe useful for penetration testing workflows to
    track where external system calls are used.  As such a LOW severity message
    is generated.
github lyft / bandit-high-entropy-string / bandit_plugins / high_entropy_string.py View on Github external
@test.takes_config
@test.checks('Dict')
@test.checks('List')
@test.checks('Tuple')
@test.checks('Set')
@test.test_id('BHES102')
def high_entropy_iter(context, config):
    node = context.node
    if isinstance(node, ast.Dict):
        # looks for "some_string = {'target': 'candidate'}"
        _dict = dict(zip(node.keys, node.values))
        strings = []
        for key, val in _dict.iteritems():
            if isinstance(key, ast.Str):
                target = key.s
            if isinstance(key, ast.Name):
                target = key.id