-
-
Notifications
You must be signed in to change notification settings - Fork 610
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update calls.py with additional rulesets #637
base: main
Are you sure you want to change the base?
Conversation
Common vulnerabilities that I have spotted over the years due to the presence of vulnerable python libraries.
@@ -569,4 +569,65 @@ def gen_blacklist(): | |||
'attacks. Consider using tmpfile() instead.' | |||
)) | |||
|
|||
# updated rulesets starts here | |||
|
|||
sets.append(utils.build_conf_dict( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We already have a bandit plugin to check for use of yaml.load. See https://github.com/PyCQA/bandit/blob/master/bandit/plugins/yaml_load.py
)) | ||
|
||
sets.append(utils.build_conf_dict( | ||
'Base64_encoding_used', 'B328', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are some very good use cases to use base64. In fact, some protocols require it. So there's a very low confidence this check would find a security issue. I'd rather not introduce many more false positives.
)) | ||
|
||
sets.append(utils.build_conf_dict( | ||
'response_splitting', 'B327', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This CVE was resolved already in Python 3.7, 3.8, and greater. At this point, I think it's unnecessary for Bandit to flag that module.
|
||
sets.append(utils.build_conf_dict( | ||
'Server_Side_Template_Injection', 'B329', | ||
['render_template_string', 'render_template'], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are these part of Flask? If so, they would need to be fully qualified.
Added new rule sets to detect common vulnerabilities in default libraries in python.
Some common vulnerabilities observed are -