Remove/merge duplicate hash entries found by pylint

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
This commit is contained in:
David A. Wheeler 2017-07-30 20:22:11 -04:00
parent 6c49d39c61
commit c4b28d916f
1 changed files with 2 additions and 17 deletions

View File

@ -1030,12 +1030,6 @@ c_ruleset = {
"Check implementation on installation, or limit the size of all string inputs", "Check implementation on installation, or limit the size of all string inputs",
"buffer", "dangers-c", {'input': 1}), "buffer", "dangers-c", {'input': 1}),
"getpass":
(normal, 3,
"Some implementations may overflow buffers (CWE-120, CWE-20)",
"",
"buffer", "dangers-c", {'input': 1}),
"getwd": "getwd":
(normal, 3, (normal, 3,
"This does not protect against buffer overflows " "This does not protect against buffer overflows "
@ -1147,14 +1141,6 @@ c_ruleset = {
"if available", "if available",
"shell", "", {}), "shell", "", {}),
# TODO: Need to detect varying levels of danger.
"execl|execlp|execle|execv|execvp|system|popen|WinExec|ShellExecute":
(normal, 4,
"This causes a new program to execute and is difficult to use safely (CWE-78)",
"try using a library call that implements the same functionality " +
"if available",
"shell", "", {}),
# TODO: Be more specific. The biggest problem involves "first" param NULL, # TODO: Be more specific. The biggest problem involves "first" param NULL,
# second param with embedded space. Windows. # second param with embedded space. Windows.
"CreateProcessAsUser|CreateProcessWithLogon": "CreateProcessAsUser|CreateProcessWithLogon":
@ -1305,9 +1291,9 @@ c_ruleset = {
"getpass": "getpass":
(normal, 4, (normal, 4,
"This function is obsolete and not portable. It was in SUSv2 but removed by POSIX.2. What it does exactly varies considerably between systems, particularly in where its prompt is displayed and where it gets its data (e.g., /dev/tty, stdin, stderr, etc.) (CWE-676)", "This function is obsolete and not portable. It was in SUSv2 but removed by POSIX.2. What it does exactly varies considerably between systems, particularly in where its prompt is displayed and where it gets its data (e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations overflow buffers. (CWE-676, CWE-120, CWE-20)",
"Make the specific calls to do exactly what you want. If you continue to use it, or write your own, be sure to zero the password as soon as possible to avoid leaving the cleartext password visible in the process' address space", "Make the specific calls to do exactly what you want. If you continue to use it, or write your own, be sure to zero the password as soon as possible to avoid leaving the cleartext password visible in the process' address space",
"misc", "", {}), "misc", "", {'input': 1}),
"gsignal|ssignal": "gsignal|ssignal":
(normal, 2, (normal, 2,
@ -1333,7 +1319,6 @@ c_ruleset = {
"Use nanosleep(2) or setitimer(2) instead", "Use nanosleep(2) or setitimer(2) instead",
"obsolete", "", {}), "obsolete", "", {}),
# Input functions, useful for -I # Input functions, useful for -I
"recv|recvfrom|recvmsg|fread|readv": "recv|recvfrom|recvmsg|fread|readv":
(normal, 0, "Function accepts input from outside program (CWE-20)", (normal, 0, "Function accepts input from outside program (CWE-20)",