Fixed: Simple Codacy errors and warnings in src/helper_*

* Some local pickle operations and non-cryptographic random operations were marked as safe to the bandit linter * A bandit config file was added and assert warnings are now ignored globally * Tightened up exception handling and code style
4 years ago · dd1ee618a5
parent c9a2240b44
commit dd1ee618a5
7 changed files with 15 additions and 8 deletions
--- a/bandit.yml
+++ b/bandit.yml
@ -0,0 +1,4 @@
+# Codacy uses Bandit.
+
+# Asserts are accepted throughout the project.
+skips: ['B101']
--- a/src/helper_bootstrap.py
+++ b/src/helper_bootstrap.py
@ -1,6 +1,6 @@
 import socket
 import defaultKnownNodes
-import pickle
+import pickle  # nosec
 import time

 from bmconfigparser import BMConfigParser
@ -24,7 +24,7 @@ def knownNodes():
    try:
        with open(state.appdata + 'knownnodes.dat', 'rb') as pickleFile:
            with knownnodes.knownNodesLock:
-                knownnodes.knownNodes = pickle.load(pickleFile)
+                knownnodes.knownNodes = pickle.load(pickleFile)  # nosec
            # the old format was {Peer:lastseen, ...}
            # the new format is {Peer:{"lastseen":i, "rating":f}}
            for stream in knownnodes.knownNodes.keys():
--- a/src/helper_msgcoding.py
+++ b/src/helper_msgcoding.py
@ -140,7 +140,6 @@ class MsgDecode(object):
        self.body = body

 if __name__ == '__main__':
-    import random
    messageData = {
        "subject": ''.join(helper_random.randomchoice(string.ascii_lowercase + string.digits) for _ in range(40)),
        "body": ''.join(helper_random.randomchoice(string.ascii_lowercase + string.digits) for _ in range(10000))
--- a/src/helper_random.py
+++ b/src/helper_random.py
@ -1,3 +1,5 @@
+"""Convenience functions for random operations. Not suitable for security / cryptography operations."""
+
 import os
 import random
 from pyelliptic.openssl import OpenSSL
@ -48,9 +50,9 @@ def randomrandrange(x, y=None):
    but doesnt actually build a range object.
    """
    if isinstance(y, NoneType):
-        return random.randrange(x)
+        return random.randrange(x)  # nosec
    else:
-        return random.randrange(x, y)
+        return random.randrange(x, y)  # nosec


 def randomchoice(population):
@ -60,4 +62,4 @@ def randomchoice(population):
    sequence seq. If seq is empty, raises
    IndexError.
    """
-    return random.choice(population)
+    return random.choice(population)  # nosec
--- a/src/helper_search.py
+++ b/src/helper_search.py
@ -5,7 +5,7 @@ from helper_sql import *
 try:
    from PyQt4 import QtGui
    haveQt = True
-except Exception:
+except ImportError:
    haveQt = False

 def search_translate (context, text):
--- a/src/helper_sql.py
+++ b/src/helper_sql.py
@ -91,6 +91,7 @@ class SqlBulkExecute:
    def execute(sqlStatement, *args):
        """Used for statements that do not return results."""
        sqlSubmitQueue.put(sqlStatement)
+
        if args == ():
            sqlSubmitQueue.put('')
        else:
--- a/src/helper_startup.py
+++ b/src/helper_startup.py
@ -113,7 +113,8 @@ def loadConfig():
        BMConfigParser().set('bitmessagesettings', 'maxuploadrate', '0')
        BMConfigParser().set('bitmessagesettings', 'maxoutboundconnections', '8')
        BMConfigParser().set('bitmessagesettings', 'ttl', '367200')
-         #start:UI setting to stop trying to send messages after X days/months
+
+        #start:UI setting to stop trying to send messages after X days/months
        BMConfigParser().set(
            'bitmessagesettings', 'stopresendingafterxdays', '')
        BMConfigParser().set(