-
Notifications
You must be signed in to change notification settings - Fork 881
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(rules): implement
flake8-bandit
S507
(`ssh_no_host_key_verif…
…ication`) (#7528) Part of #1646. ## Summary Implement `S507` ([`ssh_no_host_key_verification`](https://bandit.readthedocs.io/en/latest/plugins/b507_ssh_no_host_key_verification.html)) rule from `bandit`. ## Test Plan Snapshot test from https://github.com/PyCQA/bandit/blob/1.7.5/examples/no_host_key_verification.py, with several additions to test for more cases (most notably passing the parameter as a named argument).
- Loading branch information
1 parent
297ec2c
commit dcbd8ea
Showing
8 changed files
with
191 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
from paramiko import client | ||
from paramiko.client import AutoAddPolicy, WarningPolicy | ||
|
||
ssh_client = client.SSHClient() | ||
|
||
# OK | ||
ssh_client.set_missing_host_key_policy(policy=foo) | ||
ssh_client.set_missing_host_key_policy(client.MissingHostKeyPolicy) | ||
ssh_client.set_missing_host_key_policy() | ||
ssh_client.set_missing_host_key_policy(foo) | ||
|
||
# Errors | ||
ssh_client.set_missing_host_key_policy(client.AutoAddPolicy) | ||
ssh_client.set_missing_host_key_policy(client.WarningPolicy) | ||
ssh_client.set_missing_host_key_policy(AutoAddPolicy) | ||
ssh_client.set_missing_host_key_policy(policy=client.AutoAddPolicy) | ||
ssh_client.set_missing_host_key_policy(policy=client.WarningPolicy) | ||
ssh_client.set_missing_host_key_policy(policy=WarningPolicy) | ||
|
||
# Unrelated | ||
set_missing_host_key_policy(client.AutoAddPolicy) | ||
foo.set_missing_host_key_policy(client.AutoAddPolicy) | ||
ssh_client = 1 | ||
ssh_client.set_missing_host_key_policy(client.AutoAddPolicy) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
97 changes: 97 additions & 0 deletions
97
crates/ruff/src/rules/flake8_bandit/rules/ssh_no_host_key_verification.rs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
use ruff_diagnostics::{Diagnostic, Violation}; | ||
use ruff_macros::{derive_message_formats, violation}; | ||
use ruff_python_ast::{Expr, ExprAttribute, ExprCall, Stmt, StmtAssign}; | ||
use ruff_text_size::Ranged; | ||
|
||
use crate::checkers::ast::Checker; | ||
|
||
/// ## What it does | ||
/// Checks for uses of policies disabling SSH verification in Paramiko. | ||
/// | ||
/// ## Why is this bad? | ||
/// By default, Paramiko checks the identity of remote host when establishing | ||
/// an SSH connection. Disabling the verification might lead to the client | ||
/// connecting to a malicious host, without the client knowing. | ||
/// | ||
/// ## Example | ||
/// ```python | ||
/// from paramiko import client | ||
/// | ||
/// ssh_client = client.SSHClient() | ||
/// ssh_client.set_missing_host_key_policy(client.AutoAddPolicy) | ||
/// ``` | ||
/// | ||
/// Use instead: | ||
/// ```python | ||
/// from paramiko import client | ||
/// | ||
/// ssh_client = client.SSHClient() | ||
/// ssh_client.set_missing_host_key_policy() | ||
/// ``` | ||
/// | ||
/// ## References | ||
/// - [Paramiko documentation: set_missing_host_key_policy](https://docs.paramiko.org/en/latest/api/client.html#paramiko.client.SSHClient.set_missing_host_key_policy) | ||
#[violation] | ||
pub struct SSHNoHostKeyVerification; | ||
|
||
impl Violation for SSHNoHostKeyVerification { | ||
#[derive_message_formats] | ||
fn message(&self) -> String { | ||
format!("Paramiko call with policy set to automatically trust the unknown host key") | ||
} | ||
} | ||
|
||
/// S507 | ||
pub(crate) fn ssh_no_host_key_verification(checker: &mut Checker, call: &ExprCall) { | ||
let Expr::Attribute(ExprAttribute { attr, value, .. }) = call.func.as_ref() else { | ||
return; | ||
}; | ||
|
||
if attr.as_str() != "set_missing_host_key_policy" { | ||
return; | ||
} | ||
|
||
let Some(policy_argument) = call.arguments.find_argument("policy", 0) else { | ||
return; | ||
}; | ||
|
||
if !checker | ||
.semantic() | ||
.resolve_call_path(policy_argument) | ||
.is_some_and(|call_path| { | ||
matches!( | ||
call_path.as_slice(), | ||
["paramiko", "client", "AutoAddPolicy" | "WarningPolicy"] | ||
) | ||
}) | ||
{ | ||
return; | ||
} | ||
|
||
let Expr::Name(name) = value.as_ref() else { | ||
return; | ||
}; | ||
|
||
if let Some(binding_id) = checker.semantic().resolve_name(name) { | ||
if let Some(Stmt::Assign(StmtAssign { value, .. })) = checker | ||
.semantic() | ||
.binding(binding_id) | ||
.statement(checker.semantic()) | ||
{ | ||
if let Expr::Call(ExprCall { func, .. }) = value.as_ref() { | ||
if checker | ||
.semantic() | ||
.resolve_call_path(func) | ||
.is_some_and(|call_path| { | ||
matches!(call_path.as_slice(), ["paramiko", "client", "SSHClient"]) | ||
}) | ||
{ | ||
checker.diagnostics.push(Diagnostic::new( | ||
SSHNoHostKeyVerification, | ||
policy_argument.range(), | ||
)); | ||
} | ||
} | ||
} | ||
}; | ||
} |
62 changes: 62 additions & 0 deletions
62
...ff/src/rules/flake8_bandit/snapshots/ruff__rules__flake8_bandit__tests__S507_S507.py.snap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
--- | ||
source: crates/ruff/src/rules/flake8_bandit/mod.rs | ||
--- | ||
S507.py:13:40: S507 Paramiko call with policy set to automatically trust the unknown host key | ||
| | ||
12 | # Errors | ||
13 | ssh_client.set_missing_host_key_policy(client.AutoAddPolicy) | ||
| ^^^^^^^^^^^^^^^^^^^^ S507 | ||
14 | ssh_client.set_missing_host_key_policy(client.WarningPolicy) | ||
15 | ssh_client.set_missing_host_key_policy(AutoAddPolicy) | ||
| | ||
|
||
S507.py:14:40: S507 Paramiko call with policy set to automatically trust the unknown host key | ||
| | ||
12 | # Errors | ||
13 | ssh_client.set_missing_host_key_policy(client.AutoAddPolicy) | ||
14 | ssh_client.set_missing_host_key_policy(client.WarningPolicy) | ||
| ^^^^^^^^^^^^^^^^^^^^ S507 | ||
15 | ssh_client.set_missing_host_key_policy(AutoAddPolicy) | ||
16 | ssh_client.set_missing_host_key_policy(policy=client.AutoAddPolicy) | ||
| | ||
|
||
S507.py:15:40: S507 Paramiko call with policy set to automatically trust the unknown host key | ||
| | ||
13 | ssh_client.set_missing_host_key_policy(client.AutoAddPolicy) | ||
14 | ssh_client.set_missing_host_key_policy(client.WarningPolicy) | ||
15 | ssh_client.set_missing_host_key_policy(AutoAddPolicy) | ||
| ^^^^^^^^^^^^^ S507 | ||
16 | ssh_client.set_missing_host_key_policy(policy=client.AutoAddPolicy) | ||
17 | ssh_client.set_missing_host_key_policy(policy=client.WarningPolicy) | ||
| | ||
|
||
S507.py:16:47: S507 Paramiko call with policy set to automatically trust the unknown host key | ||
| | ||
14 | ssh_client.set_missing_host_key_policy(client.WarningPolicy) | ||
15 | ssh_client.set_missing_host_key_policy(AutoAddPolicy) | ||
16 | ssh_client.set_missing_host_key_policy(policy=client.AutoAddPolicy) | ||
| ^^^^^^^^^^^^^^^^^^^^ S507 | ||
17 | ssh_client.set_missing_host_key_policy(policy=client.WarningPolicy) | ||
18 | ssh_client.set_missing_host_key_policy(policy=WarningPolicy) | ||
| | ||
|
||
S507.py:17:47: S507 Paramiko call with policy set to automatically trust the unknown host key | ||
| | ||
15 | ssh_client.set_missing_host_key_policy(AutoAddPolicy) | ||
16 | ssh_client.set_missing_host_key_policy(policy=client.AutoAddPolicy) | ||
17 | ssh_client.set_missing_host_key_policy(policy=client.WarningPolicy) | ||
| ^^^^^^^^^^^^^^^^^^^^ S507 | ||
18 | ssh_client.set_missing_host_key_policy(policy=WarningPolicy) | ||
| | ||
|
||
S507.py:18:47: S507 Paramiko call with policy set to automatically trust the unknown host key | ||
| | ||
16 | ssh_client.set_missing_host_key_policy(policy=client.AutoAddPolicy) | ||
17 | ssh_client.set_missing_host_key_policy(policy=client.WarningPolicy) | ||
18 | ssh_client.set_missing_host_key_policy(policy=WarningPolicy) | ||
| ^^^^^^^^^^^^^ S507 | ||
19 | | ||
20 | # Unrelated | ||
| | ||
|
||
|
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.