fluidasserts.lang.python module

This module allows to check Python code vulnerabilities.

fluidasserts.lang.python.execute_query(query, object_)

Execute one or more queries in a dictionary.

The queries must have the jmespath format.

Parameters
  • queries – List of Queries to execute.

  • object – Object on which queries are executed.

fluidasserts.lang.python.has_generic_exceptions(py_dest, exclude=None)

Search for generic exceptions in a Python script or package.

Parameters
  • py_dest (str) – Path to a Python script or package.

  • exclude (typing.Optional[list]) – Paths that contains any string from this list are ignored.

Return type

fluidasserts.Result

fluidasserts.lang.python.is_primitive(object_)

Check if an object is of primitive type.

fluidasserts.lang.python.iterate_dict_nodes(object_)

Iterate nodes of an dictionary recursively.

fluidasserts.lang.python.object_to_dict(object_)

Convert an object into a nested dictionary.

fluidasserts.lang.python.swallows_exceptions(py_dest, exclude=None)

Search for swallowed exceptions.

Identifies except blocks that are either empty or only contain comments or the pass statement.

Parameters
  • py_dest (str) – Path to a Python script or package.

  • exclude (typing.Optional[list]) – Paths that contains any string from this list are ignored.

Return type

fluidasserts.Result

fluidasserts.lang.python.uses_catch_for_memory_error(py_dest, exclude=None)

Search for the use of MemoryError “catch” in a path.

See CWE-544.

Parameters
  • py_dest (str) – Path to a Python script or package.

  • exclude (typing.Optional[list]) – Paths that contains any string from this list are ignored.

Return type

fluidasserts.Result

fluidasserts.lang.python.uses_catch_for_syntax_errors(py_dest, exclude=None)

Search for the use of SyntaxError catch and its derived classes in a path.

See CWE-544.

Parameters
  • py_dest (str) – Path to a Python script or package.

  • exclude (typing.Optional[list]) – Paths that contains any string from this list are ignored.

Return type

fluidasserts.Result

fluidasserts.lang.python.uses_insecure_functions(py_dest, exclude=None)

Search for insecure functions in code.

Powered by Bandit.

Parameters
  • py_dest (str) – Path to a Python script or package.

  • exclude (typing.Optional[list]) – Paths that contains any string from this list are ignored.

Return type

fluidasserts.Result