f696ce0a0d
A very interesting edge case in the AST came up to cause this bug.
When calling a function returned from a function the AST will
wrap a call node in a call node, resulting in a completely anonymous
function call. Even more anonymous than a Lambda, since you can
detect that from its node type.
def derp():
def herp():
print "meta!"
return herp
derp()()
The fix is a try, except block since we can't do anything useful in
this situation. Tests on Nova now run to completion.
Change-Id: Ice0a165009ae7b5a72b6b6661ee24aafa7ef4075
Closes-bug: 1479625
39 lines
1.2 KiB
Python
39 lines
1.2 KiB
Python
import sqlalchemy
|
|
|
|
# bad
|
|
query = "SELECT * FROM foo WHERE id = '%s'" % identifier
|
|
query = "INSERT INTO foo VALUES ('a', 'b', '%s')" % value
|
|
query = "DELETE FROM foo WHERE id = '%s'" % identifier
|
|
query = "UPDATE foo SET value = 'b' WHERE id = '%s'" % identifier
|
|
|
|
# bad
|
|
cur.execute("SELECT * FROM foo WHERE id = '%s'" % identifier)
|
|
cur.execute("INSERT INTO foo VALUES ('a', 'b', '%s')" % value)
|
|
cur.execute("DELETE FROM foo WHERE id = '%s'" % identifier)
|
|
cur.execute("UPDATE foo SET value = 'b' WHERE id = '%s'" % identifier)
|
|
|
|
# good
|
|
cur.execute("SELECT * FROM foo WHERE id = '%s'", identifier)
|
|
cur.execute("INSERT INTO foo VALUES ('a', 'b', '%s')", value)
|
|
cur.execute("DELETE FROM foo WHERE id = '%s'", identifier)
|
|
cur.execute("UPDATE foo SET value = 'b' WHERE id = '%s'", identifier)
|
|
|
|
# bad
|
|
query = "SELECT " + val + " FROM " + val +" WHERE id = " + val
|
|
|
|
# bad
|
|
cur.execute("SELECT " + val + " FROM " + val +" WHERE id = " + val)
|
|
|
|
|
|
# bug: https://bugs.launchpad.net/bandit/+bug/1479625
|
|
def a():
|
|
def b():
|
|
pass
|
|
return b
|
|
|
|
a()("SELECT %s FROM foo" % val)
|
|
|
|
# real world false positives
|
|
choices=[('server_list', _("Select from active instances"))]
|
|
print("delete from the cache as the first argument")
|