Home Explore Help
Sign In
sintez
/
py_task
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 609422c2ac
Branches Tags
py_task
/
venv
/
lib
/
python3.9
/
site-packages
/
bandit
/
plugins
/
request_without_timeout.py

request_without_timeout.py 2.7 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 
  1. # SPDX-License-Identifier: Apache-2.0
    2. 

  2. r"""
    3. 

  3. =======================================
    4. 

  4. B113: Test for missing requests timeout
    5. 

  5. =======================================
    6. 

  6. 

  7. This plugin test checks for ``requests`` calls without a timeout specified.
    8. 

  8. 

  9. Nearly all production code should use this parameter in nearly all requests,
    10. 

  10. Failure to do so can cause your program to hang indefinitely.
    11. 

  11. 

  12. When request methods are used without the timeout parameter set,
    13. 

  13. Bandit will return a MEDIUM severity error.
    14. 

  14. 

  15. 

  16. :Example:
    17. 

  17. 

  18. .. code-block:: none
    19. 

  19. 

  20.     >> Issue: [B113:request_without_timeout] Requests call without timeout
    21. 

  21.        Severity: Medium   Confidence: Low
    22. 

  22.        CWE: CWE-400 (https://cwe.mitre.org/data/definitions/400.html)
    23. 

  23.        More Info: https://bandit.readthedocs.io/en/latest/plugins/b113_request_without_timeout.html
    24. 

  24.        Location: examples/requests-missing-timeout.py:3:0
    25. 

  25.     2
    26. 

  26.     3	requests.get('https://gmail.com')
    27. 

  27.     4	requests.get('https://gmail.com', timeout=None)
    28. 

  28. 

  29.     --------------------------------------------------
    30. 

  30.     >> Issue: [B113:request_without_timeout] Requests call with timeout set to None
    31. 

  31.        Severity: Medium   Confidence: Low
    32. 

  32.        CWE: CWE-400 (https://cwe.mitre.org/data/definitions/400.html)
    33. 

  33.        More Info: https://bandit.readthedocs.io/en/latest/plugins/b113_request_without_timeout.html
    34. 

  34.        Location: examples/requests-missing-timeout.py:4:0
    35. 

  35.     3	requests.get('https://gmail.com')
    36. 

  36.     4	requests.get('https://gmail.com', timeout=None)
    37. 

  37.     5	requests.get('https://gmail.com', timeout=5)
    38. 

  38. 

  39. .. seealso::
    40. 

  40. 

  41.  - https://requests.readthedocs.io/en/latest/user/advanced/#timeouts
    42. 

  42. 

  43. .. versionadded:: 1.7.5
    44. 

  44. 

  45. """  # noqa: E501
    46. 

  46. import bandit
    47. 

  47. from bandit.core import issue
    48. 

  48. from bandit.core import test_properties as test
    49. 

  49. 

  50. 

  51. @test.checks("Call")
    52. 

  52. @test.test_id("B113")
    53. 

  53. def request_without_timeout(context):
    54. 

  54.     http_verbs = ("get", "options", "head", "post", "put", "patch", "delete")
    55. 

  55.     if (
    56. 

  56.         "requests" in context.call_function_name_qual
    57. 

  57.         and context.call_function_name in http_verbs
    58. 

  58.     ):
    59. 

  59.         # check for missing timeout
    60. 

  60.         if context.check_call_arg_value("timeout") is None:
    61. 

  61.             return bandit.Issue(
    62. 

  62.                 severity=bandit.MEDIUM,
    63. 

  63.                 confidence=bandit.LOW,
    64. 

  64.                 cwe=issue.Cwe.UNCONTROLLED_RESOURCE_CONSUMPTION,
    65. 

  65.                 text="Requests call without timeout",
    66. 

  66.             )
    67. 

  67.         # check for timeout=None
    68. 

  68.         if context.check_call_arg_value("timeout", "None"):
    69. 

  69.             return bandit.Issue(
    70. 

  70.                 severity=bandit.MEDIUM,
    71. 

  71.                 confidence=bandit.LOW,
    72. 

  72.                 cwe=issue.Cwe.UNCONTROLLED_RESOURCE_CONSUMPTION,
    73. 

  73.                 text="Requests call with timeout set to None",
    74. 

  74.             )
    75.