From: Neal N. <nno...@us...> - 2002-04-24 22:29:18
|
Update of /cvsroot/pychecker/pychecker/pychecker In directory usw-pr-cvs1:/tmp/cvs-serv10534/pychecker Modified Files: Config.py CodeChecks.py msgs.py python.py Log Message: Add --deprecated option for using deprecated modules or function Add a warning for using functions with security problems (os.t[e]mpnam) Index: Config.py =================================================================== RCS file: /cvsroot/pychecker/pychecker/pychecker/Config.py,v retrieving revision 1.77 retrieving revision 1.78 diff -C2 -d -r1.77 -r1.78 *** Config.py 30 Mar 2002 18:02:57 -0000 1.77 --- Config.py 24 Apr 2002 22:29:15 -0000 1.78 *************** *** 86,89 **** --- 86,90 ---- ('Z', 1, 'varlist', 'variablesToIgnore', 'ignore global variables not used if name is one of these values\n\t\t\t'), ('E', 1, 'unusednames', 'unusedNames', 'ignore unused locals/arguments if name is one of these values\n\t\t\t'), + ( '', 0, 'deprecated', 'deprecated', 'ignore use of deprecated modules/functions'), ]), ('Complexity', [ *************** *** 223,226 **** --- 224,228 ---- self.unpackLength = 1 self.badExceptions = 1 + self.deprecated = 1 self.unusedNames = _DEFAULT_UNUSED_LIST Index: CodeChecks.py =================================================================== RCS file: /cvsroot/pychecker/pychecker/pychecker/CodeChecks.py,v retrieving revision 1.115 retrieving revision 1.116 diff -C2 -d -r1.115 -r1.116 *** CodeChecks.py 4 Apr 2002 13:16:18 -0000 1.115 --- CodeChecks.py 24 Apr 2002 22:29:15 -0000 1.116 *************** *** 430,433 **** --- 430,444 ---- key = (fromName, operand) + if cfg().deprecated: + try: + undeprecated = python.DEPRECATED_MODULES[tmpFromName] + except KeyError: + pass + else: + msg = msgs.USING_DEPRECATED_MODULE % tmpFromName + if undeprecated: + msg = msg + msgs.USE_INSTEAD % undeprecated + code.addWarning(msg) + if cfg().reimportSelf and tmpOperand == module.module.__name__ : code.addWarning(msgs.IMPORT_SELF % tmpOperand) *************** *** 1057,1060 **** --- 1068,1084 ---- pass + def _checkDeprecated(code, identifierTuple): + # check deprecated module.function + try: + name = string.join(identifierTuple, '.') + undeprecated = python.DEPRECATED_ATTRS[name] + except (KeyError, TypeError): + pass + else: + msg = msgs.USING_DEPRECATED_ATTR % name + if undeprecated: + msg = msg + msgs.USE_INSTEAD % undeprecated + code.addWarning(msg) + def _LOAD_ATTR(oparg, operand, codeSource, code) : if len(code.stack) > 0 : *************** *** 1062,1065 **** --- 1086,1103 ---- _checkAttribute(top, operand, codeSource, code) top.addAttribute(operand) + + if len(top.data) == 2: + if cfg().deprecated: + _checkDeprecated(code, top.data) + + try: + insecure = python.SECURITY_FUNCS.get(top.data[0]) + except TypeError: + pass + else: + if insecure and insecure.has_key(operand): + func = string.join(top.data, '.') + code.addWarning(msgs.USING_INSECURE_FUNC % func) + nextOp = code.nextOpInfo()[0] if not OP.LOAD_ATTR(nextOp) : Index: msgs.py =================================================================== RCS file: /cvsroot/pychecker/pychecker/pychecker/msgs.py,v retrieving revision 1.37 retrieving revision 1.38 diff -C2 -d -r1.37 -r1.38 *** msgs.py 4 Apr 2002 03:05:56 -0000 1.37 --- msgs.py 24 Apr 2002 22:29:15 -0000 1.38 *************** *** 114,115 **** --- 114,120 ---- USES_GLOBAL_EXEC = "Using the exec statement in global namespace" USES_INPUT = "Using input() is a security problem, consider using raw_input()" + + USING_DEPRECATED_MODULE = "Module %s is deprecated" + USING_DEPRECATED_ATTR = "%s is deprecated" + USING_INSECURE_FUNC = "%s() is a security problem" + USE_INSTEAD = ", consider using %s" Index: python.py =================================================================== RCS file: /cvsroot/pychecker/pychecker/pychecker/python.py,v retrieving revision 1.13 retrieving revision 1.14 diff -C2 -d -r1.13 -r1.14 *** python.py 24 Apr 2002 22:26:20 -0000 1.13 --- python.py 24 Apr 2002 22:29:15 -0000 1.14 *************** *** 266,267 **** --- 266,298 ---- # have to setup the rest this way to support different versions of Python _setupBuiltinAttrs() + + DEPRECATED_MODULES = { 'audioop': None, 'FCNTL': 'fcntl', 'gopherlib': None, + 'posixfile': 'fcntl', 'pre': None, 'regsub': 're', + 'statcache': 'os.stat()', + 'stringold': None, 'tzparse': None, + 'TERMIOS': 'termios', 'whrandom':'random', + 'xmllib': 'xml.sax', + + # C Modules + 'mpz': None, 'pcre': None, 'pypcre': None, + 'rgbimg': None, 'strop': None, + } + DEPRECATED_ATTRS = { 'array.read': None, 'array.write': None, + 'operator.isCallable': None, + 'operator.sequenceIncludes': None, + 'pty.master_open': None, 'pty.slave_open': None, + 'rfc822.AddrlistClass': 'rfc822.AddressList', + 'string.atof': None, 'string.atoi': None, + 'string.atol': None, 'string.zfill': None, + 'sys.exc_traceback': None, 'sys.exit_thread': None, + 'tempfile.template': None, + } + + # FIXME: can't check these right now, maybe later + DEPRECATED_METHODS = { + 'htmllib.HTMLParser.do_nextid': None, + 'pstats.Stats.ignore': None, + } + + _OS_AND_POSIX_FUNCS = { 'tempnam': None, 'tmpnam': None } + SECURITY_FUNCS = { 'os' : _OS_AND_POSIX_FUNCS, 'posix': _OS_AND_POSIX_FUNCS } |