Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Traceback when using passing file via stdin #1182

Open
ericwb opened this issue Oct 2, 2024 · 0 comments
Open

Traceback when using passing file via stdin #1182

ericwb opened this issue Oct 2, 2024 · 0 comments
Labels
bug Something isn't working
Milestone

Comments

@ericwb
Copy link
Member

ericwb commented Oct 2, 2024

Describe the bug

Erics-MacBook-Pro-2:precli ericwb$ cat tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_no_timeout.py | bandit -
[main]	INFO	profile include tests: None
[main]	INFO	profile exclude tests: None
[main]	INFO	cli include tests: None
[main]	INFO	cli exclude tests: None
[main]	INFO	running on Python 3.12.4
[node_visitor]	WARNING	Unable to find qualified name for module: <stdin>
[tester]	ERROR	Bandit internal error running: trojansource on file <stdin> at line 0: [Errno 2] No such file or directory: '<stdin>'Traceback (most recent call last):
  File "/Users/ericwb/.pyenv/versions/3.12.4/lib/python3.12/site-packages/bandit/core/tester.py", line 53, in run_tests
    result = test(context)
             ^^^^^^^^^^^^^
  File "/Users/ericwb/.pyenv/versions/3.12.4/lib/python3.12/site-packages/bandit/plugins/trojansource.py", line 57, in trojansource
    with open(context.filename, "rb") as src_file:
         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
FileNotFoundError: [Errno 2] No such file or directory: '<stdin>'

Reproduction steps

1. Run, cat tests/unit/rules/python/stdlib/ssl/examples/get_server_certificate_no_timeout.py | bandit -
2. Note, the filename shouldn't matter
3. Notice the traceback.

Expected behavior

Should not get a traceback when using stdin. I'd also expect unit testcases to catch this when the trojansource plugin was added.

Bandit version

1.7.9 (Default)

Python version

3.12 (Default)

Additional context

bandit 1.7.10
  python version = 3.12.4 (main, Jun 25 2024, 11:01:48) [Clang 15.0.0 (clang-1500.3.9.4)]
@ericwb ericwb added the bug Something isn't working label Oct 2, 2024
@ericwb ericwb added this to the Release 1.8.0 milestone Oct 8, 2024
@ericwb ericwb modified the milestones: Release 1.8.0, Release 1.8.1 Dec 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

1 participant