Commit 853300b

authored

Merge pull request #129 from omergunal/patch-4

-r Recursive option

2 parents 01397dd + 2afc177 commit 853300bCopy full SHA for 853300b

File tree

4 files changed

+109

-68

lines changed

pyt
- __main__.py
- usage.py
tests
- main_test.py
- usage_test.py

4 files changed

+109

-68

lines changed

`‎pyt/main.py‎`

Lines changed: 75 additions & 50 deletions

Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,25 @@`
`30`	`30`	`)`
`31`	`31`
`32`	`32`
`33`		`-def main(command_line_args=sys.argv[1:]): # noqa: C901`
	`33`	`+def discover_files(targets, excluded_files, recursive=False):`
	`34`	`+ included_files = list()`
	`35`	`+ excluded_list = excluded_files.split(",")`
	`36`	`+ for target in targets:`
	`37`	`+ if os.path.isdir(target):`
	`38`	`+ for root, dirs, files in os.walk(target):`
	`39`	`+ for f in files:`
	`40`	`+ fullpath = os.path.join(root, f)`
	`41`	`+ if os.path.splitext(fullpath)[1] == '.py' and fullpath.split("/")[-1] not in excluded_list:`
	`42`	`+ included_files.append(fullpath)`
	`43`	`+ if not recursive:`
	`44`	`+ break`
	`45`	`+ else:`
	`46`	`+ if target not in excluded_list:`
	`47`	`+ included_files.append(target)`
	`48`	`+ return included_files`
	`49`	`+`
	`50`	`+`
	`51`	`+def main(command_line_args=sys.argv[1:]):`
`34`	`52`	`args = parse_args(command_line_args)`
`35`	`53`
`36`	`54`	`ui_mode = UImode.NORMAL`
`@@ -39,60 +57,67 @@ def main(command_line_args=sys.argv[1:]): # noqa: C901`
`39`	`57`	`elif args.trim_reassigned_in:`
`40`	`58`	`ui_mode = UImode.TRIM`
`41`	`59`
`42`		`- path = os.path.normpath(args.filepath)`
	`60`	`+ files = discover_files(`
	`61`	`+ args.targets,`
	`62`	`+ args.excluded_paths,`
	`63`	`+ args.recursive`
	`64`	`+ )`
	`65`	`+`
	`66`	`+ for path in files:`
	`67`	`+ vulnerabilities = list()`
	`68`	`+ if args.ignore_nosec:`
	`69`	`+ nosec_lines = set()`
	`70`	`+ else:`
	`71`	`+ file = open(path, 'r')`
	`72`	`+ lines = file.readlines()`
	`73`	`+ nosec_lines = set(`
	`74`	`+ lineno for`
	`75`	`+ (lineno, line) in enumerate(lines, start=1)`
	`76`	`+ if '#nosec' in line or '# nosec' in line`
	`77`	`+ )`
`43`	`78`
`44`		`- if args.ignore_nosec:`
`45`		`- nosec_lines = set()`
`46`		`- else:`
`47`		`- file = open(path, 'r')`
`48`		`- lines = file.readlines()`
`49`		`- nosec_lines = set(`
`50`		`- lineno for`
`51`		`- (lineno, line) in enumerate(lines, start=1)`
`52`		`- if '#nosec' in line or '# nosec' in line`
`53`		`- )`
	`79`	`+ if args.project_root:`
	`80`	`+ directory = os.path.normpath(args.project_root)`
	`81`	`+ else:`
	`82`	`+ directory = os.path.dirname(path)`
	`83`	`+ project_modules = get_modules(directory)`
	`84`	`+ local_modules = get_directory_modules(directory)`
	`85`	`+ tree = generate_ast(path)`
`54`	`86`
`55`		`- if args.project_root:`
`56`		`- directory = os.path.normpath(args.project_root)`
`57`		`- else:`
`58`		`- directory = os.path.dirname(path)`
`59`		`- project_modules = get_modules(directory)`
`60`		`- local_modules = get_directory_modules(directory)`
	`87`	`+ cfg = make_cfg(`
	`88`	`+ tree,`
	`89`	`+ project_modules,`
	`90`	`+ local_modules,`
	`91`	`+ path`
	`92`	`+ )`
	`93`	`+ cfg_list = [cfg]`
`61`	`94`
`62`		`- tree = generate_ast(path)`
`63`	`95`
`64`		`- cfg = make_cfg(`
`65`		`- tree,`
`66`		`- project_modules,`
`67`		`- local_modules,`
`68`		`- path`
`69`		`- )`
`70`		`- cfg_list = [cfg]`
`71`		`- framework_route_criteria = is_flask_route_function`
`72`		`- if args.adaptor:`
`73`		`- if args.adaptor.lower().startswith('e'):`
`74`		`- framework_route_criteria = is_function`
`75`		`- elif args.adaptor.lower().startswith('p'):`
`76`		`- framework_route_criteria = is_function_without_leading_`
`77`		`- elif args.adaptor.lower().startswith('d'):`
`78`		`- framework_route_criteria = is_django_view_function`
`79`		`- # Add all the route functions to the cfg_list`
`80`		`- FrameworkAdaptor(`
`81`		`- cfg_list,`
`82`		`- project_modules,`
`83`		`- local_modules,`
`84`		`- framework_route_criteria`
`85`		`- )`
	`96`	`+ framework_route_criteria = is_flask_route_function`
	`97`	`+ if args.adaptor:`
	`98`	`+ if args.adaptor.lower().startswith('e'):`
	`99`	`+ framework_route_criteria = is_function`
	`100`	`+ elif args.adaptor.lower().startswith('p'):`
	`101`	`+ framework_route_criteria = is_function_without_leading_`
	`102`	`+ elif args.adaptor.lower().startswith('d'):`
	`103`	`+ framework_route_criteria = is_django_view_function`
	`104`	`+ # Add all the route functions to the cfg_list`
	`105`	`+ FrameworkAdaptor(`
	`106`	`+ cfg_list,`
	`107`	`+ project_modules,`
	`108`	`+ local_modules,`
	`109`	`+ framework_route_criteria`
	`110`	`+ )`
`86`	`111`
`87`		`- initialize_constraint_table(cfg_list)`
`88`		`- analyse(cfg_list)`
`89`		`- vulnerabilities=find_vulnerabilities(`
`90`		`- cfg_list,`
`91`		`- ui_mode,`
`92`		`- args.blackbox_mapping_file,`
`93`		`- args.trigger_word_file,`
`94`		`- nosec_lines`
`95`		`- )`
	`112`	`+ initialize_constraint_table(cfg_list)`
	`113`	`+ analyse(cfg_list)`
	`114`	`+ vulnerabilities.extend(find_vulnerabilities(`
	`115`	`+ cfg_list,`
	`116`	`+ ui_mode,`
	`117`	`+ args.blackbox_mapping_file,`
	`118`	`+ args.trigger_word_file,`
	`119`	`+ nosec_lines`
	`120`	`+ ))`
`96`	`121`
`97`	`122`	`if args.baseline:`
`98`	`123`	`vulnerabilities = get_vulnerabilities_not_in_baseline(`

`‎pyt/usage.py‎`

Lines changed: 15 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -30,9 +30,8 @@ def valid_date(s):`
`30`	`30`	`def _add_required_group(parser):`
`31`	`31`	`required_group = parser.add_argument_group('required arguments')`
`32`	`32`	`required_group.add_argument(`
`33`		`- '-f', '--filepath',`
`34`		`- help='Path to the file that should be analysed.',`
`35`		`- type=str`
	`33`	`+ 'targets', metavar='targets', type=str, nargs='+',`
	`34`	`+ help='source file(s) or directory(s) to be tested'`
`36`	`35`	`)`
`37`	`36`
`38`	`37`
`@@ -91,6 +90,17 @@ def _add_optional_group(parser):`
`91`	`90`	`action='store_true',`
`92`	`91`	`help='do not skip lines with # nosec comments'`
`93`	`92`	`)`
	`93`	`+ optional_group.add_argument(`
	`94`	`+ '-r', '--recursive', dest='recursive',`
	`95`	`+ action='store_true', help='find and process files in subdirectories'`
	`96`	`+ )`
	`97`	`+ optional_group.add_argument(`
	`98`	`+ '-x', '--exclude',`
	`99`	`+ dest='excluded_paths',`
	`100`	`+ action='store',`
	`101`	`+ default='',`
	`102`	`+ help='Separate files with commas'`
	`103`	`+ )`
`94`	`104`
`95`	`105`
`96`	`106`	`def _add_print_group(parser):`
`@@ -110,8 +120,8 @@ def _add_print_group(parser):`
`110`	`120`
`111`	`121`
`112`	`122`	`def _check_required_and_mutually_exclusive_args(parser, args):`
`113`		`- if args.filepath is None:`
`114`		`- parser.error('The -f/--filepath argument is required')`
	`123`	`+ if args.targets is None:`
	`124`	`+ parser.error('The targets argument is required')`
`115`	`125`
`116`	`126`
`117`	`127`	`def parse_args(args):`

`‎tests/main_test.py‎`

Lines changed: 6 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -5,17 +5,18 @@`
`5`	`5`
`6`	`6`
`7`	`7`	`class MainTest(BaseTestCase):`
	`8`	`+ @mock.patch('pyt.__main__.discover_files')`
`8`	`9`	`@mock.patch('pyt.__main__.parse_args')`
`9`	`10`	`@mock.patch('pyt.__main__.find_vulnerabilities')`
`10`	`11`	`@mock.patch('pyt.__main__.text')`
`11`		`- def test_text_output(self, mock_text, mock_find_vulnerabilities, mock_parse_args):`
	`12`	`+ def test_text_output(self, mock_text, mock_find_vulnerabilities, mock_parse_args, mock_discover_files):`
`12`	`13`	`mock_find_vulnerabilities.return_value = 'stuff'`
`13`	`14`	`example_file = 'examples/vulnerable_code/inter_command_injection.py'`
`14`	`15`	`output_file = 'mocked_outfile'`
`15`	`16`
	`17`	`+ mock_discover_files.return_value = [example_file]`
`16`	`18`	`mock_parse_args.return_value = mock.Mock(`
`17`	`19`	`autospec=True,`
`18`		`- filepath=example_file,`
`19`	`20`	`project_root=None,`
`20`	`21`	`baseline=None,`
`21`	`22`	`json=None,`
`@@ -32,17 +33,18 @@ def test_text_output(self, mock_text, mock_find_vulnerabilities, mock_parse_args`
`32`	`33`	`mock_parse_args.return_value.output_file`
`33`	`34`	`)`
`34`	`35`
	`36`	`+ @mock.patch('pyt.__main__.discover_files')`
`35`	`37`	`@mock.patch('pyt.__main__.parse_args')`
`36`	`38`	`@mock.patch('pyt.__main__.find_vulnerabilities')`
`37`	`39`	`@mock.patch('pyt.__main__.json')`
`38`		`- def test_json_output(self, mock_json, mock_find_vulnerabilities, mock_parse_args):`
	`40`	`+ def test_json_output(self, mock_json, mock_find_vulnerabilities, mock_parse_args, mock_discover_files):`
`39`	`41`	`mock_find_vulnerabilities.return_value = 'stuff'`
`40`	`42`	`example_file = 'examples/vulnerable_code/inter_command_injection.py'`
`41`	`43`	`output_file = 'mocked_outfile'`
`42`	`44`
	`45`	`+ mock_discover_files.return_value = [example_file]`
`43`	`46`	`mock_parse_args.return_value = mock.Mock(`
`44`	`47`	`autospec=True,`
`45`		`- filepath=example_file,`
`46`	`48`	`project_root=None,`
`47`	`49`	`baseline=None,`
`48`	`50`	`json=True,`

`‎tests/usage_test.py‎`

Lines changed: 13 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -25,14 +25,14 @@ def test_no_args(self):`
`25`	`25`
`26`	`26`	`self.maxDiff = None`
`27`	`27`
`28`		`- EXPECTED = """usage: python -m pyt [-h] [-f FILEPATH] [-a ADAPTOR] [-pr PROJECT_ROOT]`
	`28`	`+ EXPECTED = """usage: python -m pyt [-h] [-a ADAPTOR] [-pr PROJECT_ROOT]`
`29`	`29`	`[-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE]`
`30`	`30`	`[-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec]`
`31`		`- [-trim] [-i]`
	`31`	`+ [-r] [-x EXCLUDED_PATHS] [-trim] [-i]`
	`32`	`+ targets [targets ...]`
`32`	`33`
`33`	`34`	`required arguments:`
`34`		`- -f FILEPATH, --filepath FILEPATH`
`35`		`- Path to the file that should be analysed.`
	`35`	`+ targets source file(s) or directory(s) to be tested`
`36`	`36`
`37`	`37`	`optional arguments:`
`38`	`38`	`-a ADAPTOR, --adaptor ADAPTOR`
`@@ -52,6 +52,9 @@ def test_no_args(self):`
`52`	`52`	`-o OUTPUT_FILE, --output OUTPUT_FILE`
`53`	`53`	`write report to filename`
`54`	`54`	`--ignore-nosec do not skip lines with # nosec comments`
	`55`	`+ -r, --recursive find and process files in subdirectories`
	`56`	`+ -x EXCLUDED_PATHS, --exclude EXCLUDED_PATHS`
	`57`	`+ Separate files with commas`
`55`	`58`
`56`	`59`	`print arguments:`
`57`	`60`	`-trim, --trim-reassigned-in`
`@@ -62,16 +65,17 @@ def test_no_args(self):`
`62`	`65`
`63`	`66`	`self.assertEqual(stdout.getvalue(), EXPECTED)`
`64`	`67`
`65`		`- def test_valid_args_but_no_filepath(self):`
	`68`	`+ def test_valid_args_but_no_targets(self):`
`66`	`69`	`with self.assertRaises(SystemExit):`
`67`	`70`	`with capture_sys_output() as (_, stderr):`
`68`	`71`	`parse_args(['-j'])`
`69`	`72`
`70`		`- EXPECTED = """usage: python -m pyt [-h] [-f FILEPATH] [-a ADAPTOR] [-pr PROJECT_ROOT]`
	`73`	`+ EXPECTED = """usage: python -m pyt [-h] [-a ADAPTOR] [-pr PROJECT_ROOT]`
`71`	`74`	`[-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE]`
`72`	`75`	`[-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec]`
`73`		`- [-trim] [-i]`
`74`		`-python -m pyt: error: The -f/--filepath argument is required\n"""`
	`76`	`+ [-r] [-x EXCLUDED_PATHS] [-trim] [-i]`
	`77`	`+ targets [targets ...]`
	`78`	`+python -m pyt: error: the following arguments are required: targets\n"""`
`75`	`79`
`76`	`80`	`self.assertEqual(stderr.getvalue(), EXPECTED)`
`77`	`81`
`@@ -89,7 +93,7 @@ def test_valid_args_but_no_filepath(self):`
`89`	`93`
`90`	`94`	`def test_normal_usage(self):`
`91`	`95`	`with capture_sys_output() as (stdout, stderr):`
`92`		`- parse_args(['-f', 'foo.py'])`
	`96`	`+ parse_args(['foo.py'])`
`93`	`97`
`94`	`98`	`self.assertEqual(stdout.getvalue(), '')`
`95`	`99`	`self.assertEqual(stderr.getvalue(), '')`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 853300b

File tree

4 files changed

4 files changed

`‎pyt/main.py‎`

`‎pyt/usage.py‎`

`‎tests/main_test.py‎`

`‎tests/usage_test.py‎`

0 commit comments

File tree

4 files changed

4 files changed

‎pyt/__main__.py‎

‎pyt/usage.py‎

‎tests/main_test.py‎

‎tests/usage_test.py‎

0 commit comments

`‎pyt/main.py‎`

`‎pyt/usage.py‎`

`‎tests/main_test.py‎`

`‎tests/usage_test.py‎`