Codeaudit report

Result of scan of file allshit.py

Location of the file: /home/maikel/projects/pythondev/codeaudit/tests/validationfiles/allshit.py

Number of potential security issues found: 51

Click to see the details for found security issues.
line validation severity info code
6 assert Low Assertions are for debugging and development. Misuse can lead to security vulnerabilities. 
    # If 'b' is 0, an AssertionError will be raised with the given message.
    assert b != 0, "Cannot divide by zero!"
    return a / b
28 exec High This built-in function can execute code you do not want and/or aware of. So check and validate if it is used correct. 
print("-" * 20)
exec("4*23") ; exec("4*23")
32 s.bind Medium Network sockets require additional measurements. 
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind(('0.0.0.0', 31137))
s.bind(('192.168.0.1', 8080))
33 s.bind Medium Network sockets require additional measurements. 
s.bind(('0.0.0.0', 31137))
s.bind(('192.168.0.1', 8080))
42 assert Low Assertions are for debugging and development. Misuse can lead to security vulnerabilities. 
# Assert that x is greater than 5.
assert x > 5, "x should be greater than 5"
print(f"Assertion passed: x ({x}) is greater than 5.")
46 pass Low Too broad exception handling risk when not used correctly. 
  do_some_stuff()
except ZeroDivisionError:
  pass
52 continue Low Too broad exception handling risk when not used correctly. 
    do_some_stuff()
  except ZeroDivisionError:
    continue  #bad security practice - strange things can happen without catching and logging
73 hashlib.md5 High Use of insecure hashing algorithms detected. 
  # Create an MD5 hash object
  md5_hash_object = hashlib.md5()
  sha1_hash_object = hashlib.sha1()
74 hashlib.sha1 High Use of insecure hashing algorithms detected. 
  md5_hash_object = hashlib.md5()
  sha1_hash_object = hashlib.sha1()
102 hashlib.sha1 High Use of insecure hashing algorithms detected. 
  # Create an MD5 hash object
  sha1_hash_object = tooweak()
116 os.access High Operating System calls can have a security impact and should be inspected in detail. 
def nogood():
    if check_access("file.txt", os.R_OK):
        print("Accessible")
119 eval High This function can executes arbitrary code. 

    eval("2 + 2")
    exec("4*23")
120 exec High This built-in function can execute code you do not want and/or aware of. So check and validate if it is used correct. 
    eval("2 + 2")
    exec("4*23")
123 os.access High Operating System calls can have a security impact and should be inspected in detail. 

    if os.access("myfile", os.R_OK):
        with open("myfile") as fp:
126 os.chmod High Operating System calls can have a security impact and should be inspected in detail. 
            return fp.read()
    os.chmod("myfile", 0o644) # The 0o prefix denotes an octal number
    print(f"Permissions for '{myfile}' set to 644 (octal).")
141 pass Low Too broad exception handling risk when not used correctly. 
        result = None                        # handle and recover
    except Exception as exc:                 # catches *any* other error
        # In real code, consider logging exc instead of pass
154 os.system High Operating System calls can have a security impact and should be inspected in detail. 
from os import system as clown
clown('ls -la')
158 os.popen High Operating System calls can have a security impact and should be inspected in detail. 
import os
os.popen('malware -all')
bytes_written = os.write(fd, data_to_write)
159 os.write Low os.write can cause availability issues if not done correct. 
os.popen('malware -all')
bytes_written = os.write(fd, data_to_write)
bytes_written2 = os.writev(fd, buffers)
160 os.writev Low os.writev can cause availability issues if not done correct. 
bytes_written = os.write(fd, data_to_write)
bytes_written2 = os.writev(fd, buffers)
163 logging.config Low Potential security issues can arise with parsing objects and incorrect sanitizing. 
import logging.config 
logging.config.listen(port=DEFAULT_LOGGING_CONFIG_PORT, verify=None)
166 logging.config Low Potential security issues can arise with parsing objects and incorrect sanitizing. 

logging.config.fileConfig(fname, defaults=None, disable_existing_loggers=True, encoding=None)
#
174 tarfile.TarFile High Extracting files within a program should never be trusted by default. This issue is detected when the zipfile and/or tarfile module with an extraction method is used. 
    with tarfile.open(file_path, 'r:gz') as tar:
        tar.extractall(path=extract_path)
178 tarfile.TarFile High Extracting files within a program should never be trusted by default. This issue is detected when the zipfile and/or tarfile module with an extraction method is used. 
    with tarfile.open(file_path, 'r:gz') as donot:
        donot.extractall(path=extract_path)
185 tarfile.TarFile High Extracting files within a program should never be trusted by default. This issue is detected when the zipfile and/or tarfile module with an extraction method is used. 
extractor = MyExtractor()
extractor.extractall("/some/directory")
202 xmlrpc.server
SimpleXMLRPCServer		 High xmlrpc.server is vulnerable to the “decompression bomb” attack. 

server = SimpleXMLRPCServer(("localhost", 8000))
print("Listening on port 8000...")
209 xmlrpc.client High xmlrpc is vulnerable to the “decompression bomb” attack. 

with xmlrpc.client.ServerProxy("http://localhost:8000/") as proxy:
    print("3 is even: %s" % str(proxy.is_even(3)))
215 os.fork Low On macOS use of this function is unsafe when mixed with using higher-level system APIs, and that includes using urllib.request. 

pid = os.fork()
217 os.forkpty Low Use of forkpty can be unsafe when used on MacOS. 

pid_zero = os.forkpty() 
pid = os.fork()
218 os.fork Low On macOS use of this function is unsafe when mixed with using higher-level system APIs, and that includes using urllib.request. 
pid_zero = os.forkpty() 
pid = os.fork()
224 os.fork Low On macOS use of this function is unsafe when mixed with using higher-level system APIs, and that includes using urllib.request. 
while True and nobreak:
    cannothurt()  # Creates a new child process
227 compile High It is possible to crash the Python interpreter when using this function. 

compile('nasty-string' ,'malware.bin',mode=single, flags=0, dont_inherit=False, optimize=-1)
230 base64 Low Base encoding visually hides otherwise easily recognized information such as passwords, but does not provide any computational confidentiality. 
import base64
encoded = base64.b64encode(b'data to be encoded')
data = base64.b64decode(encoded)
231 base64 Low Base encoding visually hides otherwise easily recognized information such as passwords, but does not provide any computational confidentiality. 
encoded = base64.b64encode(b'data to be encoded')
data = base64.b64decode(encoded)
236 http.server
BaseHTTPRequestHandler		 High Insecure for production use. 
# Define a custom request handler
class SimpleHTTPRequestHandler(BaseHTTPRequestHandler):
    """
255 http.server
HTTPServer		 High Insecure for production use. 
# The function to run the HTTP server
def run(server_class=HTTPServer, handler_class=BaseHTTPRequestHandler):
    """
255 http.server
BaseHTTPRequestHandler		 High Insecure for production use. 
# The function to run the HTTP server
def run(server_class=HTTPServer, handler_class=BaseHTTPRequestHandler):
    """
291 connection.recv High Connection.recv() uses pickle 
    # This call blocks until data is available.
    received_data = connection.recv()
    print(f"Receiver process: Received '{received_data}'")
304 pickle.loads High unpickling will import any class or function that it finds in the pickle data 
import pickle
pickle.loads(b"cos\nsystem\n(S'echo hello world'\ntR.")
308 pickle.load High unpickling will import any class or function that it finds in the pickle data 
    with open('data.pickle', 'rb') as f:
        data = pickle.load(f)
312 pickle.loads High unpickling will import any class or function that it finds in the pickle data 

importmalware('mysafefile.txt')
326 random.seed Low The pseudo-random generators of this module should not be used for security purposes. 
  """
  random.seed(23)
  random_number = random.random()
327 random.random Low The pseudo-random generators of this module should not be used for security purposes. 
  random.seed(23)
  random_number = random.random()
  return random_number
331 shelve.open High Only loading a shelve from a trusted source is secure. So check if this is the case. 
import shelve
with shelve.open('spam') as db:
    db['eggs'] = 'eggs'
343 os.makedirs Low Operating System calls can have a security impact and should be inspected in detail. 
    print(f"--- INSECURE EXTRACTION of {zip_path} to {extract_to_dir} ---")
    os.makedirs(extract_to_dir, exist_ok=True)
    with zipfile.ZipFile(zip_path, 'r') as zip_ref:
344 zipfile.ZipFile High Extracting files within a program should never be trusted by default. This issue is detected when the zipfile and/or tarfile module with an extraction method is used. 
    os.makedirs(extract_to_dir, exist_ok=True)
    with zipfile.ZipFile(zip_path, 'r') as zip_ref:
        # This line is the vulnerability: it extracts directly without path validation.
346 tarfile.TarFile High Extracting files within a program should never be trusted by default. This issue is detected when the zipfile and/or tarfile module with an extraction method is used. 
        # This line is the vulnerability: it extracts directly without path validation.
        zip_ref.extractall(extract_to_dir)
    print("Extraction attempted (might be insecure).")
355 shutil.unpack_archive Medium Extracting files within a program should not be trusted by default. 
import shutil
shutil.unpack_archive("example.zip", "extracted_files", format="zip", filter="data")
358 shutil.copy Medium Information can be transfered without permission. 
from shutil import copy as stealmydata 
stealmydata("source_file.txt", "backup/source_file.txt", follow_symlinks=True)
373 marshal.loads High The marshal module is not intended to be secure against erroneous or maliciously constructed data. 
     
    nastyobjects = marshal.loads('/tmp/plantedmalware.obj', allow_code=True)
    print(nastyobjects)
379 marshal.load High The marshal module is not intended to be secure against erroneous or maliciously constructed data. 
            # The allow_code parameter is passed directly to marshal.load()
            loaded_object = marshal.load(f, allow_code=allow_code)
        return loaded_object

Click to see details for file /home/maikel/projects/pythondev/codeaudit/tests/validationfiles/allshit.py
FileName FilePath Number_Of_Lines AST_Nodes Modules Functions Classes Comment_Lines Complexity_Score warnings
allshit.py /home/maikel/projects/pythondev/codeaudit/tests/validationfiles/allshit.py 390 205 28 19 3 78 34 0

Disclaimer:This SAST tool 'codeaudit' provides a powerful automatic security analysis for Python source code. However it's not a substitute for human review in combination with business knowledge. Undetected vulnerabilities may still exist. There is and will never be a single security tool that gives 100% automatic guarantees. By reporting any issues you find, you contribute to a better tool for everyone.