fluidasserts.lang.python module

This module allows to check Python code vulnerabilities.

fluidasserts.lang.python.has_generic_exceptions(py_dest, exclude=None)

Search for generic exceptions in a Python script or package.

Parameters
  • py_dest (str) – Path to a Python script or package.

  • exclude (typing.Optional[list]) – Paths that contains any string from this list are ignored.

Return type

fluidasserts.Result

fluidasserts.lang.python.swallows_exceptions(py_dest, exclude=None)

Search for swallowed exceptions.

Identifies except blocks that are either empty or only contain comments or the pass statement.

Parameters
  • py_dest (str) – Path to a Python script or package.

  • exclude (typing.Optional[list]) – Paths that contains any string from this list are ignored.

Return type

fluidasserts.Result

fluidasserts.lang.python.uses_catch_for_memory_error(py_dest, exclude=None)

Search for the use of MemoryError “catch” in a path.

See CWE-544.

Parameters
  • py_dest (str) – Path to a Python script or package.

  • exclude (typing.Optional[list]) – Paths that contains any string from this list are ignored.

Return type

fluidasserts.Result

fluidasserts.lang.python.uses_catch_for_syntax_errors(py_dest, exclude=None)

Search for the use of SyntaxError catch and its derived classes in a path.

See CWE-544.

Parameters
  • py_dest (str) – Path to a Python script or package.

  • exclude (typing.Optional[list]) – Paths that contains any string from this list are ignored.

Return type

fluidasserts.Result

fluidasserts.lang.python.uses_insecure_functions(py_dest, exclude=None)

Search for insecure functions in code.

Powered by Bandit.

Parameters
  • py_dest (str) – Path to a Python script or package.

  • exclude (typing.Optional[list]) – Paths that contains any string from this list are ignored.

Return type

fluidasserts.Result