Bitmessage/PyBitmessage-2024-08-21
Archived
2
0
Fork 0
Code Issues 168 Pull Requests 53 Actions Packages Projects Releases 5 Wiki Activity

Code quality + Security related changes #2184

Merged
anand-skss merged 2 commits from code-quality1 into v0.6 2024-02-28 04:35:51 +01:00
Conversation 0 Commits 2 Files Changed 8 +22 -17
8 changed files with 22 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/depends.py
View File

@ -361,7 +361,7 @@ def check_curses():
return False return False
try: try:
subprocess.check_call(['which', 'dialog']) subprocess.check_call(['which', 'dialog']) # nosec:B603, B607
except subprocess.CalledProcessError: except subprocess.CalledProcessError:
logger.error( logger.error(
'Curses requires the `dialog` command to be installed as well as' 'Curses requires the `dialog` command to be installed as well as'

4
src/helper_startup.py
View File

@ -12,6 +12,7 @@ import sys
import time import time
from distutils.version import StrictVersion from distutils.version import StrictVersion
from struct import pack from struct import pack
from six.moves import configparser
try: try:
import defaults import defaults
@ -218,7 +219,8 @@ def updateConfig():
config.set( config.set(
addressInKeysFile, 'payloadlengthextrabytes', addressInKeysFile, 'payloadlengthextrabytes',
str(int(previousSmallMessageDifficulty * 1000))) str(int(previousSmallMessageDifficulty * 1000)))
except Exception: except (ValueError, TypeError, configparser.NoSectionError,
configparser.NoOptionError):
continue continue
config.set('bitmessagesettings', 'maxdownloadrate', '0') config.set('bitmessagesettings', 'maxdownloadrate', '0')
config.set('bitmessagesettings', 'maxuploadrate', '0') config.set('bitmessagesettings', 'maxuploadrate', '0')

2
src/network/bmproto.py
View File

@ -610,7 +610,7 @@ class BMProto(AdvancedDispatcher, ObjectTracker):
'Closed connection to %s because we are already' 'Closed connection to %s because we are already'
' connected to that IP.', self.destination) ' connected to that IP.', self.destination)
return False return False
except Exception: # TODO: exception types except Exception: # nosec:B110 pylint:disable=broad-exception-caught
pass pass
if not self.isOutbound: if not self.isOutbound:
# incoming from a peer we're connected to as outbound, # incoming from a peer we're connected to as outbound,

4
src/plugins/sound_playfile.py
View File

@ -11,14 +11,14 @@ try:
winsound.PlaySound(sound_file, winsound.SND_FILENAME) winsound.PlaySound(sound_file, winsound.SND_FILENAME)
except ImportError: except ImportError:
import os import os
import subprocess import subprocess # nosec:B404
play_cmd = {} play_cmd = {}
def _subprocess(*args): def _subprocess(*args):
FNULL = open(os.devnull, 'wb') FNULL = open(os.devnull, 'wb')
subprocess.call( subprocess.call(
args, stdout=FNULL, stderr=subprocess.STDOUT, close_fds=True) args, stdout=FNULL, stderr=subprocess.STDOUT, close_fds=True) # nosec:B603
def connect_plugin(sound_file): def connect_plugin(sound_file):
"""This function implements the entry point.""" """This function implements the entry point."""

9
src/proofofwork.py
View File

@ -10,7 +10,7 @@ import sys
import tempfile import tempfile
import time import time
from struct import pack, unpack from struct import pack, unpack
from subprocess import call from subprocess import call # nosec:B404
import openclpow import openclpow
import paths import paths
@ -135,7 +135,7 @@ def _doFastPoW(target, initialHash):
try: try:
pool.terminate() pool.terminate()
pool.join() pool.join()
except: # noqa:E722 except: # nosec:B110 noqa:E722 pylint:disable=bare-except
pass pass
raise StopIteration("Interrupted") raise StopIteration("Interrupted")
for i in range(pool_size): for i in range(pool_size):
@ -272,10 +272,11 @@ def buildCPoW():
try: try:
if "bsd" in sys.platform: if "bsd" in sys.platform:
# BSD make # BSD make
call(["make", "-C", os.path.join(paths.codePath(), "bitmsghash"), '-f', 'Makefile.bsd']) call(["make", "-C", os.path.join(paths.codePath(), "bitmsghash"),
'-f', 'Makefile.bsd']) # nosec:B607, B603
else: else:
# GNU make # GNU make
call(["make", "-C", os.path.join(paths.codePath(), "bitmsghash")]) call(["make", "-C", os.path.join(paths.codePath(), "bitmsghash")]) # nosec:B607, B603
if os.path.exists(os.path.join(paths.codePath(), "bitmsghash", "bitmsghash.so")): if os.path.exists(os.path.join(paths.codePath(), "bitmsghash", "bitmsghash.so")):
init() init()
notifyBuild(True) notifyBuild(True)

2
src/shared.py
View File

@ -11,7 +11,7 @@ from __future__ import division
import hashlib import hashlib
import os import os
import stat import stat
import subprocess import subprocess # nosec:B404
import sys import sys
from binascii import hexlify from binascii import hexlify

4
src/singleinstance.py
View File

@ -93,7 +93,7 @@ class singleinstance(object):
os.close(self.fd) os.close(self.fd)
else: else:
fcntl.lockf(self.fp, fcntl.LOCK_UN) fcntl.lockf(self.fp, fcntl.LOCK_UN)
except Exception: except (IOError, OSError):
pass pass
return return
@ -107,5 +107,5 @@ class singleinstance(object):
fcntl.lockf(self.fp, fcntl.LOCK_UN) fcntl.lockf(self.fp, fcntl.LOCK_UN)
if os.path.isfile(self.lockfile): if os.path.isfile(self.lockfile):
os.unlink(self.lockfile) os.unlink(self.lockfile)
except Exception: except (IOError, OSError):
pass pass

12
src/upnp.py
View File

@ -5,12 +5,14 @@ Reference: http://mattscodecave.com/posts/using-python-and-upnp-to-forward-a-por
""" """
import httplib import httplib
import re
import socket import socket
import time import time
import urllib2 import urllib2
from random import randint from random import randint
from urlparse import urlparse from urlparse import urlparse
from xml.dom.minidom import Document, parseString from xml.dom.minidom import Document # nosec:B408
from defusedxml.minidom import parseString
import queues import queues
import state import state
@ -119,7 +121,7 @@ class Router: # pylint: disable=old-style-class
if service.childNodes[0].data.find('WANIPConnection') > 0 or \ if service.childNodes[0].data.find('WANIPConnection') > 0 or \
service.childNodes[0].data.find('WANPPPConnection') > 0: service.childNodes[0].data.find('WANPPPConnection') > 0:
self.path = service.parentNode.getElementsByTagName('controlURL')[0].childNodes[0].data self.path = service.parentNode.getElementsByTagName('controlURL')[0].childNodes[0].data
self.upnp_schema = service.childNodes[0].data.split(':')[-2] self.upnp_schema = re.sub(r'[^A-Za-z0-9:-]', '', service.childNodes[0].data.split(':')[-2])
def AddPortMapping( def AddPortMapping(
self, self,
@ -239,7 +241,7 @@ class uPnPThread(StoppableThread):
if time.time() - lastSent > self.sendSleep and not self.routers: if time.time() - lastSent > self.sendSleep and not self.routers:
try: try:
self.sendSearchRouter() self.sendSearchRouter()
except: # noqa:E722 except: # nosec:B110 noqa:E722 pylint:disable=bare-except
pass pass
lastSent = time.time() lastSent = time.time()
try: try:
@ -279,11 +281,11 @@ class uPnPThread(StoppableThread):
self.createPortMapping(router) self.createPortMapping(router)
try: try:
self.sock.shutdown(socket.SHUT_RDWR) self.sock.shutdown(socket.SHUT_RDWR)
except: # noqa:E722 except (IOError, OSError): # noqa:E722
pass pass
try: try:
self.sock.close() self.sock.close()
except: # noqa:E722 except (IOError, OSError): # noqa:E722
pass pass
deleted = False deleted = False
for router in self.routers: for router in self.routers: