From 2ebe5951a7ed940cb38b16035ce55ba2c0ab7bee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Thu, 10 May 2018 16:43:15 +0300 Subject: [PATCH 01/27] new args --- pyt/__main__.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index b81e6f03..90b8ad7d 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -93,7 +93,9 @@ def parse_args(args): help='Will ask you about each vulnerability chain and blackbox nodes.', action='store_true', default=False) - + parser.add_argument('-r', '--recursive', dest='recursive', + action='store_true', help='find and process files in subdirectories') + parser.add_argument('-t', '--trigger-word-file', help='Input trigger word file.', type=str, @@ -238,6 +240,9 @@ def main(command_line_args=sys.argv[1:]): elif args.trim_reassigned_in: ui_mode = UImode.TRIM + recursivePath = os.path.normpath(args.recursive) + print(recursivePath) + path = os.path.normpath(args.filepath) cfg_list = list() if args.ignore_nosec: From ef3a21d4b9b8b67bfa48869f09bb09b72f3b12c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Fri, 11 May 2018 22:22:34 +0300 Subject: [PATCH 02/27] added recursive args --- pyt/__main__.py | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 90b8ad7d..903fd158 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -59,6 +59,9 @@ def parse_args(args): subparsers = parser.add_subparsers() + entry_group.add_argument('-r', '--recursive', + help='find and process files in subdirectories', + type=str) entry_group = parser.add_mutually_exclusive_group(required=True) entry_group.add_argument('-f', '--filepath', help='Path to the file that should be analysed.', @@ -240,10 +243,17 @@ def main(command_line_args=sys.argv[1:]): elif args.trim_reassigned_in: ui_mode = UImode.TRIM - recursivePath = os.path.normpath(args.recursive) - print(recursivePath) - - path = os.path.normpath(args.filepath) + if args.recursive: + file_list = [] + for root, dirs, files in os.walk(args.recursive): + for f in files: + fullpath = os.path.join(root, f) + if os.path.splitext(fullpath)[1] == '.py': + file_list.append(fullpath) + print(file_list) + + if args.filepath: + path = os.path.normpath(args.filepath) cfg_list = list() if args.ignore_nosec: nosec_lines = set() From 38be6e2855861e7e6f5d7934af0dc52ff24f1059 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Fri, 11 May 2018 22:33:18 +0300 Subject: [PATCH 03/27] Update __main__.py --- pyt/__main__.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 903fd158..8655080a 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -250,11 +250,8 @@ def main(command_line_args=sys.argv[1:]): fullpath = os.path.join(root, f) if os.path.splitext(fullpath)[1] == '.py': file_list.append(fullpath) - print(file_list) - - if args.filepath: - path = os.path.normpath(args.filepath) - cfg_list = list() + path = fullpath + cfg_list = list() if args.ignore_nosec: nosec_lines = set() else: @@ -336,6 +333,10 @@ def main(command_line_args=sys.argv[1:]): nosec_lines ) + if args.filepath: + path = os.path.normpath(args.filepath) + + if args.baseline: vulnerabilities = get_vulnerabilities_not_in_baseline(vulnerabilities, args.baseline) From 759f632f823005b9ea6c21ff629b1197e73c8745 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Fri, 11 May 2018 22:35:25 +0300 Subject: [PATCH 04/27] Update __main__.py --- pyt/__main__.py | 160 ++++++++++++++++++++++++------------------------ 1 file changed, 80 insertions(+), 80 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 8655080a..1cd4f204 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -251,87 +251,87 @@ def main(command_line_args=sys.argv[1:]): if os.path.splitext(fullpath)[1] == '.py': file_list.append(fullpath) path = fullpath - cfg_list = list() - if args.ignore_nosec: - nosec_lines = set() - else: - file = open(path, "r") - lines = file.readlines() - nosec_lines = set( - lineno for - (lineno, line) in enumerate(lines, start=1) - if '#nosec' in line or '# nosec' in line) - - if args.git_repos: - repos = get_repos(args.git_repos) - for repo in repos: - repo.clone() - vulnerabilities = analyse_repo(args, repo, analysis, ui_mode, nosec_lines) - if args.json: - json.report(vulnerabilities, sys.stdout) - else: - text.report(vulnerabilities, sys.stdout) - if not vulnerabilities: - repo.clean_up() - exit() - - - if args.which == 'search': - set_github_api_token() - scan_github( - args.search_string, - args.start_date, - analysis, - analyse_repo, - args.csv_path, - ui_mode, - args - ) - exit() - - directory = None - if args.project_root: - directory = os.path.normpath(args.project_root) - else: - directory = os.path.dirname(path) - project_modules = get_modules(directory) - local_modules = get_directory_modules(directory) - - tree = generate_ast(path, python_2=args.python_2) - - cfg_list = list() - cfg = make_cfg( - tree, - project_modules, - local_modules, - path - ) - cfg_list.append(cfg) - framework_route_criteria = is_flask_route_function - if args.adaptor: - if args.adaptor.lower().startswith('e'): - framework_route_criteria = is_function - elif args.adaptor.lower().startswith('p'): - framework_route_criteria = is_function_without_leading_ - elif args.adaptor.lower().startswith('d'): - framework_route_criteria = is_django_view_function - # Add all the route functions to the cfg_list - FrameworkAdaptor(cfg_list, project_modules, local_modules, framework_route_criteria) + + if args.ignore_nosec: + nosec_lines = set() + else: + file = open(path, "r") + lines = file.readlines() + nosec_lines = set( + lineno for + (lineno, line) in enumerate(lines, start=1) + if '#nosec' in line or '# nosec' in line) + + if args.git_repos: + repos = get_repos(args.git_repos) + for repo in repos: + repo.clone() + vulnerabilities = analyse_repo(args, repo, analysis, ui_mode, nosec_lines) + if args.json: + json.report(vulnerabilities, sys.stdout) + else: + text.report(vulnerabilities, sys.stdout) + if not vulnerabilities: + repo.clean_up() + exit() + + + if args.which == 'search': + set_github_api_token() + scan_github( + args.search_string, + args.start_date, + analysis, + analyse_repo, + args.csv_path, + ui_mode, + args + ) + exit() + + directory = None + if args.project_root: + directory = os.path.normpath(args.project_root) + else: + directory = os.path.dirname(path) + project_modules = get_modules(directory) + local_modules = get_directory_modules(directory) + + tree = generate_ast(path, python_2=args.python_2) - initialize_constraint_table(cfg_list) - - analyse(cfg_list, analysis_type=analysis) - - vulnerabilities = find_vulnerabilities( - cfg_list, - analysis, - ui_mode, - VulnerabilityFiles( - args.blackbox_mapping_file, - args.trigger_word_file - ), - nosec_lines - ) + cfg_list = list() + cfg = make_cfg( + tree, + project_modules, + local_modules, + path + ) + cfg_list.append(cfg) + framework_route_criteria = is_flask_route_function + if args.adaptor: + if args.adaptor.lower().startswith('e'): + framework_route_criteria = is_function + elif args.adaptor.lower().startswith('p'): + framework_route_criteria = is_function_without_leading_ + elif args.adaptor.lower().startswith('d'): + framework_route_criteria = is_django_view_function + # Add all the route functions to the cfg_list + FrameworkAdaptor(cfg_list, project_modules, local_modules, framework_route_criteria) + + initialize_constraint_table(cfg_list) + + analyse(cfg_list, analysis_type=analysis) + + vulnerabilities = find_vulnerabilities( + cfg_list, + analysis, + ui_mode, + VulnerabilityFiles( + args.blackbox_mapping_file, + args.trigger_word_file + ), + nosec_lines + ) if args.filepath: path = os.path.normpath(args.filepath) From ed38dbb136a8842b83bfa57cb92545d33804f659 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Sun, 13 May 2018 00:21:23 +0300 Subject: [PATCH 05/27] Created discover_files() function --- pyt/__main__.py | 204 +++++++++++++++++++++++++----------------------- 1 file changed, 106 insertions(+), 98 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 1cd4f204..aa17a887 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -59,10 +59,10 @@ def parse_args(args): subparsers = parser.add_subparsers() - entry_group.add_argument('-r', '--recursive', - help='find and process files in subdirectories', - type=str) entry_group = parser.add_mutually_exclusive_group(required=True) + entry_group.add_argument('-r', '--recursive', + help='Output filename.', + type=str) entry_group.add_argument('-f', '--filepath', help='Path to the file that should be analysed.', type=str) @@ -96,9 +96,7 @@ def parse_args(args): help='Will ask you about each vulnerability chain and blackbox nodes.', action='store_true', default=False) - parser.add_argument('-r', '--recursive', dest='recursive', - action='store_true', help='find and process files in subdirectories') - + parser.add_argument('-t', '--trigger-word-file', help='Input trigger word file.', type=str, @@ -125,6 +123,9 @@ def parse_args(args): help='Prints JSON instead of report.', action='store_true', default=False) + parser.add_argument('-x', '--exclude', dest='excluded_paths', + action='store', + default='', help='Separate files with commas') analysis_group = parser.add_mutually_exclusive_group() analysis_group.add_argument('-li', '--liveness', @@ -227,6 +228,18 @@ def analyse_repo(args, github_repo, analysis_type, ui_mode, nosec_lines): ) return vulnerabilities +def discover_files(directory_path, excluded_files): + file_list = [] + excluded_list = excluded_files.split(",") + + for root, dirs, files in os.walk(directory_path): + for f in files: + fullpath = os.path.join(root, f) + if os.path.splitext(fullpath)[1] == '.py' and fullpath.split("/")[-1] not in excluded_list: + file_list.append(fullpath) + + return(file_list) + def main(command_line_args=sys.argv[1:]): args = parse_args(command_line_args) @@ -243,99 +256,94 @@ def main(command_line_args=sys.argv[1:]): elif args.trim_reassigned_in: ui_mode = UImode.TRIM - if args.recursive: - file_list = [] - for root, dirs, files in os.walk(args.recursive): - for f in files: - fullpath = os.path.join(root, f) - if os.path.splitext(fullpath)[1] == '.py': - file_list.append(fullpath) - path = fullpath - - if args.ignore_nosec: - nosec_lines = set() - else: - file = open(path, "r") - lines = file.readlines() - nosec_lines = set( - lineno for - (lineno, line) in enumerate(lines, start=1) - if '#nosec' in line or '# nosec' in line) - - if args.git_repos: - repos = get_repos(args.git_repos) - for repo in repos: - repo.clone() - vulnerabilities = analyse_repo(args, repo, analysis, ui_mode, nosec_lines) - if args.json: - json.report(vulnerabilities, sys.stdout) - else: - text.report(vulnerabilities, sys.stdout) - if not vulnerabilities: - repo.clean_up() - exit() - - - if args.which == 'search': - set_github_api_token() - scan_github( - args.search_string, - args.start_date, - analysis, - analyse_repo, - args.csv_path, - ui_mode, - args - ) - exit() - - directory = None - if args.project_root: - directory = os.path.normpath(args.project_root) - else: - directory = os.path.dirname(path) - project_modules = get_modules(directory) - local_modules = get_directory_modules(directory) - - tree = generate_ast(path, python_2=args.python_2) - - cfg_list = list() - cfg = make_cfg( - tree, - project_modules, - local_modules, - path - ) - cfg_list.append(cfg) - framework_route_criteria = is_flask_route_function - if args.adaptor: - if args.adaptor.lower().startswith('e'): - framework_route_criteria = is_function - elif args.adaptor.lower().startswith('p'): - framework_route_criteria = is_function_without_leading_ - elif args.adaptor.lower().startswith('d'): - framework_route_criteria = is_django_view_function - # Add all the route functions to the cfg_list - FrameworkAdaptor(cfg_list, project_modules, local_modules, framework_route_criteria) - - initialize_constraint_table(cfg_list) - - analyse(cfg_list, analysis_type=analysis) - - vulnerabilities = find_vulnerabilities( - cfg_list, - analysis, - ui_mode, - VulnerabilityFiles( - args.blackbox_mapping_file, - args.trigger_word_file - ), - nosec_lines - ) - - if args.filepath: - path = os.path.normpath(args.filepath) + directory_path = os.path.normpath(args.recursive) + excluded_files = args.excluded_paths + test = discover_files(directory_path, excluded_files) + + print(test) + + path = os.path.normpath(args.filepath) + cfg_list = list() + if args.ignore_nosec: + nosec_lines = set() + else: + file = open(path, "r") + lines = file.readlines() + nosec_lines = set( + lineno for + (lineno, line) in enumerate(lines, start=1) + if '#nosec' in line or '# nosec' in line) + + if args.git_repos: + repos = get_repos(args.git_repos) + for repo in repos: + repo.clone() + vulnerabilities = analyse_repo(args, repo, analysis, ui_mode, nosec_lines) + if args.json: + json.report(vulnerabilities, sys.stdout) + else: + text.report(vulnerabilities, sys.stdout) + if not vulnerabilities: + repo.clean_up() + exit() + + + if args.which == 'search': + set_github_api_token() + scan_github( + args.search_string, + args.start_date, + analysis, + analyse_repo, + args.csv_path, + ui_mode, + args + ) + exit() + + directory = None + if args.project_root: + directory = os.path.normpath(args.project_root) + else: + directory = os.path.dirname(path) + project_modules = get_modules(directory) + local_modules = get_directory_modules(directory) + tree = generate_ast(path, python_2=args.python_2) + + cfg_list = list() + cfg = make_cfg( + tree, + project_modules, + local_modules, + path + ) + cfg_list.append(cfg) + framework_route_criteria = is_flask_route_function + if args.adaptor: + if args.adaptor.lower().startswith('e'): + framework_route_criteria = is_function + elif args.adaptor.lower().startswith('p'): + framework_route_criteria = is_function_without_leading_ + elif args.adaptor.lower().startswith('d'): + framework_route_criteria = is_django_view_function + # Add all the route functions to the cfg_list + FrameworkAdaptor(cfg_list, project_modules, local_modules, framework_route_criteria) + + initialize_constraint_table(cfg_list) + + analyse(cfg_list, analysis_type=analysis) + + vulnerabilities = find_vulnerabilities( + cfg_list, + analysis, + ui_mode, + VulnerabilityFiles( + args.blackbox_mapping_file, + args.trigger_word_file + ), + nosec_lines + ) if args.baseline: vulnerabilities = get_vulnerabilities_not_in_baseline(vulnerabilities, args.baseline) From 3ac883c71eb46387804a31726c643843604bdc72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Wed, 6 Jun 2018 14:55:01 +0300 Subject: [PATCH 06/27] added recursive option --- pyt/usage.py | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/pyt/usage.py b/pyt/usage.py index 4930eb02..e768d38a 100644 --- a/pyt/usage.py +++ b/pyt/usage.py @@ -91,7 +91,18 @@ def _add_optional_group(parser): action='store_true', help='do not skip lines with # nosec comments' ) - + optional_group.add_argument( + '-r', '--recursive', + help='Output filename.', + type=str + ) + optional_group.add_argument( + '-x', '--exclude', + dest='excluded_paths', + action='store', + default='', + help='Separate files with commas' + ) def _add_print_group(parser): print_group = parser.add_argument_group('print arguments') From e246104334f9a824557b989859554126d1de041f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Wed, 6 Jun 2018 14:56:11 +0300 Subject: [PATCH 07/27] discover_files --- pyt/__main__.py | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/pyt/__main__.py b/pyt/__main__.py index b2302113..ce9e0355 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -30,6 +30,19 @@ ) +def discover_files(directory_path, excluded_files): + file_list = [] + excluded_list = excluded_files.split(",") + + for root, dirs, files in os.walk(directory_path): + for f in files: + fullpath = os.path.join(root, f) + if os.path.splitext(fullpath)[1] == '.py' and fullpath.split("/")[-1] not in excluded_list: + file_list.append(fullpath) + + return(file_list) + + def main(command_line_args=sys.argv[1:]): args = parse_args(command_line_args) @@ -40,6 +53,10 @@ def main(command_line_args=sys.argv[1:]): ui_mode = UImode.TRIM path = os.path.normpath(args.filepath) + directory_path = os.path.normpath(args.recursive) + excluded_files = args.excluded_paths + test = discover_files(directory_path, excluded_files) #just for see files in directory + print(test) if args.ignore_nosec: nosec_lines = set() From 2cbac72055bb6c18c7ee5160fabd4d54d40db3a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Thu, 7 Jun 2018 14:50:58 +0300 Subject: [PATCH 08/27] added recursive, targets --- pyt/usage.py | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/pyt/usage.py b/pyt/usage.py index e768d38a..a92f42a4 100644 --- a/pyt/usage.py +++ b/pyt/usage.py @@ -29,11 +29,11 @@ def valid_date(s): def _add_required_group(parser): required_group = parser.add_argument_group('required arguments') - required_group.add_argument( + '''required_group.add_argument( '-f', '--filepath', help='Path to the file that should be analysed.', type=str - ) + )''' def _add_optional_group(parser): @@ -92,9 +92,8 @@ def _add_optional_group(parser): help='do not skip lines with # nosec comments' ) optional_group.add_argument( - '-r', '--recursive', - help='Output filename.', - type=str + '-r', '--recursive', dest='recursive', + action='store_true', help='find and process files in subdirectories' ) optional_group.add_argument( '-x', '--exclude', @@ -102,7 +101,11 @@ def _add_optional_group(parser): action='store', default='', help='Separate files with commas' - ) + ) + optional_group.add_argument( + 'targets', metavar='targets', type=str, nargs='*', + help='source file(s) or directory(s) to be tested' + ) def _add_print_group(parser): print_group = parser.add_argument_group('print arguments') @@ -121,8 +124,8 @@ def _add_print_group(parser): def _check_required_and_mutually_exclusive_args(parser, args): - if args.filepath is None: - parser.error('The -f/--filepath argument is required') + if args.targets is None: + parser.error('The target argument is required') def parse_args(args): From 7875c8256a7f729dc52f13c9ed819a512d863c3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Thu, 7 Jun 2018 14:51:33 +0300 Subject: [PATCH 09/27] update discover_files() --- pyt/__main__.py | 34 ++++++++++++++++++++++------------ 1 file changed, 22 insertions(+), 12 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index ce9e0355..839d7758 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -30,17 +30,23 @@ ) -def discover_files(directory_path, excluded_files): - file_list = [] +def discover_files(targets, excluded_files, recursive=False): + file_list = list() + included_files = list() excluded_list = excluded_files.split(",") - for root, dirs, files in os.walk(directory_path): - for f in files: - fullpath = os.path.join(root, f) - if os.path.splitext(fullpath)[1] == '.py' and fullpath.split("/")[-1] not in excluded_list: - file_list.append(fullpath) - - return(file_list) + for target in targets: + if os.path.isdir(target): + if recursive: + for root, dirs, files in os.walk(target): + for f in files: + fullpath = os.path.join(root, f) + if os.path.splitext(fullpath)[1] == '.py' and fullpath.split("/")[-1] not in excluded_list: + included_files.append(fullpath) + else: + if targets not in excluded_list: + included_files.append(targets[0]) + return(included_files) def main(command_line_args=sys.argv[1:]): @@ -52,12 +58,16 @@ def main(command_line_args=sys.argv[1:]): elif args.trim_reassigned_in: ui_mode = UImode.TRIM - path = os.path.normpath(args.filepath) - directory_path = os.path.normpath(args.recursive) + + + targets = args.targets excluded_files = args.excluded_paths - test = discover_files(directory_path, excluded_files) #just for see files in directory + recursive = args.recursive + test = discover_files(targets, excluded_files, recursive) #just for see files in directory print(test) + path = os.path.normpath(args.filepath) + if args.ignore_nosec: nosec_lines = set() else: From ca0b2d764cdaab13ec2e1f98253b122bc0cf5819 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Thu, 7 Jun 2018 14:53:04 +0300 Subject: [PATCH 10/27] removed file_list --- pyt/__main__.py | 1 - 1 file changed, 1 deletion(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 839d7758..61319bb1 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -31,7 +31,6 @@ def discover_files(targets, excluded_files, recursive=False): - file_list = list() included_files = list() excluded_list = excluded_files.split(",") From d9db9dda1046438c91154e0bd3a88231e73334f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Sun, 10 Jun 2018 15:06:05 +0300 Subject: [PATCH 11/27] "targets" must be required --- pyt/usage.py | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/pyt/usage.py b/pyt/usage.py index a92f42a4..0892536e 100644 --- a/pyt/usage.py +++ b/pyt/usage.py @@ -29,11 +29,10 @@ def valid_date(s): def _add_required_group(parser): required_group = parser.add_argument_group('required arguments') - '''required_group.add_argument( - '-f', '--filepath', - help='Path to the file that should be analysed.', - type=str - )''' + required_group.add_argument( + 'targets', metavar='targets', type=str, nargs='*', + help='source file(s) or directory(s) to be tested' + ) def _add_optional_group(parser): @@ -102,10 +101,7 @@ def _add_optional_group(parser): default='', help='Separate files with commas' ) - optional_group.add_argument( - 'targets', metavar='targets', type=str, nargs='*', - help='source file(s) or directory(s) to be tested' - ) + def _add_print_group(parser): print_group = parser.add_argument_group('print arguments') @@ -125,7 +121,7 @@ def _add_print_group(parser): def _check_required_and_mutually_exclusive_args(parser, args): if args.targets is None: - parser.error('The target argument is required') + parser.error('The targets argument is required') def parse_args(args): From c35ae8179f7e1d22e9b96b0040895b6c85a4bad3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Sun, 10 Jun 2018 15:30:27 +0300 Subject: [PATCH 12/27] created loop for discover_files() --- pyt/__main__.py | 124 ++++++++++++++++++++++++------------------------ 1 file changed, 61 insertions(+), 63 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 61319bb1..8c6b4cb4 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -43,7 +43,7 @@ def discover_files(targets, excluded_files, recursive=False): if os.path.splitext(fullpath)[1] == '.py' and fullpath.split("/")[-1] not in excluded_list: included_files.append(fullpath) else: - if targets not in excluded_list: + if target not in excluded_list: included_files.append(targets[0]) return(included_files) @@ -57,75 +57,73 @@ def main(command_line_args=sys.argv[1:]): elif args.trim_reassigned_in: ui_mode = UImode.TRIM + files = discover_files( + args.targets, + args.excluded_paths, + args.recursive + ) + for path in files: + print(path) + if args.ignore_nosec: + nosec_lines = set() + else: + file = open(path, 'r') + lines = file.readlines() + nosec_lines = set( + lineno for + (lineno, line) in enumerate(lines, start=1) + if '#nosec' in line or '# nosec' in line + ) + + if args.project_root: + directory = os.path.normpath(args.project_root) + else: + directory = os.path.dirname(path) + project_modules = get_modules(directory) + local_modules = get_directory_modules(directory) - targets = args.targets - excluded_files = args.excluded_paths - recursive = args.recursive - test = discover_files(targets, excluded_files, recursive) #just for see files in directory - print(test) - - path = os.path.normpath(args.filepath) + tree = generate_ast(path) - if args.ignore_nosec: - nosec_lines = set() - else: - file = open(path, 'r') - lines = file.readlines() - nosec_lines = set( - lineno for - (lineno, line) in enumerate(lines, start=1) - if '#nosec' in line or '# nosec' in line + cfg = make_cfg( + tree, + project_modules, + local_modules, + path + ) + cfg_list = [cfg] + framework_route_criteria = is_flask_route_function + if args.adaptor: + if args.adaptor.lower().startswith('e'): + framework_route_criteria = is_function + elif args.adaptor.lower().startswith('p'): + framework_route_criteria = is_function_without_leading_ + elif args.adaptor.lower().startswith('d'): + framework_route_criteria = is_django_view_function + # Add all the route functions to the cfg_list + FrameworkAdaptor( + cfg_list, + project_modules, + local_modules, + framework_route_criteria ) - if args.project_root: - directory = os.path.normpath(args.project_root) - else: - directory = os.path.dirname(path) - project_modules = get_modules(directory) - local_modules = get_directory_modules(directory) - - tree = generate_ast(path) - - cfg = make_cfg( - tree, - project_modules, - local_modules, - path - ) - cfg_list = [cfg] - framework_route_criteria = is_flask_route_function - if args.adaptor: - if args.adaptor.lower().startswith('e'): - framework_route_criteria = is_function - elif args.adaptor.lower().startswith('p'): - framework_route_criteria = is_function_without_leading_ - elif args.adaptor.lower().startswith('d'): - framework_route_criteria = is_django_view_function - # Add all the route functions to the cfg_list - FrameworkAdaptor( - cfg_list, - project_modules, - local_modules, - framework_route_criteria - ) - - initialize_constraint_table(cfg_list) - analyse(cfg_list) - vulnerabilities = find_vulnerabilities( - cfg_list, - ui_mode, - args.blackbox_mapping_file, - args.trigger_word_file, - nosec_lines - ) - - if args.baseline: - vulnerabilities = get_vulnerabilities_not_in_baseline( - vulnerabilities, - args.baseline + initialize_constraint_table(cfg_list) + analyse(cfg_list) + vulnerabilities = find_vulnerabilities( + cfg_list, + ui_mode, + args.blackbox_mapping_file, + args.trigger_word_file, + nosec_lines ) + if args.baseline: + vulnerabilities = get_vulnerabilities_not_in_baseline( + vulnerabilities, + args.baseline + ) + if args.json: json.report(vulnerabilities, args.output_file) else: From 9c54d8ccbd1f5f1332836a91482faf31ee2b2a7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Sun, 10 Jun 2018 15:33:38 +0300 Subject: [PATCH 13/27] new params --- tests/usage_test.py | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/tests/usage_test.py b/tests/usage_test.py index cae390e5..4883c31d 100644 --- a/tests/usage_test.py +++ b/tests/usage_test.py @@ -25,14 +25,14 @@ def test_no_args(self): self.maxDiff = None - EXPECTED = """usage: python -m pyt [-h] [-f FILEPATH] [-a ADAPTOR] [-pr PROJECT_ROOT] + EXPECTED = """usage: python -m pyt [-h] [-a ADAPTOR] [-pr PROJECT_ROOT] [-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE] [-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec] - [-trim] [-i] + [-r] [-x EXCLUDED_PATHS] [-trim] [-i] + [targets [targets ...]] required arguments: - -f FILEPATH, --filepath FILEPATH - Path to the file that should be analysed. + targets source file(s) or directory(s) to be tested optional arguments: -a ADAPTOR, --adaptor ADAPTOR @@ -52,6 +52,9 @@ def test_no_args(self): -o OUTPUT_FILE, --output OUTPUT_FILE write report to filename --ignore-nosec do not skip lines with # nosec comments + -r, --recursive find and process files in subdirectories + -x EXCLUDED_PATHS, --exclude EXCLUDED_PATHS + Separate files with commas print arguments: -trim, --trim-reassigned-in @@ -62,7 +65,7 @@ def test_no_args(self): self.assertEqual(stdout.getvalue(), EXPECTED) - def test_valid_args_but_no_filepath(self): + '''def test_valid_args_but_no_filepath(self): with self.assertRaises(SystemExit): with capture_sys_output() as (_, stderr): parse_args(['-j']) @@ -73,7 +76,7 @@ def test_valid_args_but_no_filepath(self): [-trim] [-i] python -m pyt: error: The -f/--filepath argument is required\n""" - self.assertEqual(stderr.getvalue(), EXPECTED) + self.assertEqual(stderr.getvalue(), EXPECTED)''' # def test_using_both_mutually_exclusive_args(self): # with self.assertRaises(SystemExit): @@ -89,7 +92,7 @@ def test_valid_args_but_no_filepath(self): def test_normal_usage(self): with capture_sys_output() as (stdout, stderr): - parse_args(['-f', 'foo.py']) + parse_args(['foo.py']) self.assertEqual(stdout.getvalue(), '') self.assertEqual(stderr.getvalue(), '') From 40c0f8f2864b72e88444d9a5aab35b84ce98ac07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Sat, 16 Jun 2018 18:05:42 +0300 Subject: [PATCH 14/27] Update __main__.py --- pyt/__main__.py | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 8c6b4cb4..4b629b28 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -45,7 +45,7 @@ def discover_files(targets, excluded_files, recursive=False): else: if target not in excluded_list: included_files.append(targets[0]) - return(included_files) + return included_files def main(command_line_args=sys.argv[1:]): @@ -62,7 +62,7 @@ def main(command_line_args=sys.argv[1:]): args.excluded_paths, args.recursive ) - + vulnerabilities = list() for path in files: print(path) if args.ignore_nosec: @@ -82,7 +82,6 @@ def main(command_line_args=sys.argv[1:]): directory = os.path.dirname(path) project_modules = get_modules(directory) local_modules = get_directory_modules(directory) - tree = generate_ast(path) cfg = make_cfg( @@ -110,19 +109,14 @@ def main(command_line_args=sys.argv[1:]): initialize_constraint_table(cfg_list) analyse(cfg_list) - vulnerabilities = find_vulnerabilities( + vulnerabilities.append(find_vulnerabilities( cfg_list, ui_mode, args.blackbox_mapping_file, args.trigger_word_file, nosec_lines - ) + )) - if args.baseline: - vulnerabilities = get_vulnerabilities_not_in_baseline( - vulnerabilities, - args.baseline - ) if args.json: json.report(vulnerabilities, args.output_file) From 42759f0dfebe0d12c490d8bad17743578fe66608 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Sat, 16 Jun 2018 18:07:58 +0300 Subject: [PATCH 15/27] Update __main__.py --- pyt/__main__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 4b629b28..ad0cce7b 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -48,7 +48,7 @@ def discover_files(targets, excluded_files, recursive=False): return included_files -def main(command_line_args=sys.argv[1:]): +def main(command_line_args=sys.argv[1:]): # noqa: C901 args = parse_args(command_line_args) ui_mode = UImode.NORMAL From 5546c3dc74a24ada1e9f5ea8a63779e2fd538ea5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Tue, 19 Jun 2018 13:43:15 +0300 Subject: [PATCH 16/27] changed func. and added baseline --- pyt/__main__.py | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index ad0cce7b..643eeb19 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -48,7 +48,7 @@ def discover_files(targets, excluded_files, recursive=False): return included_files -def main(command_line_args=sys.argv[1:]): # noqa: C901 +def main(command_line_args=sys.argv[1:]): args = parse_args(command_line_args) ui_mode = UImode.NORMAL @@ -91,6 +91,8 @@ def main(command_line_args=sys.argv[1:]): # noqa: C901 path ) cfg_list = [cfg] + + framework_route_criteria = is_flask_route_function if args.adaptor: if args.adaptor.lower().startswith('e'): @@ -109,7 +111,7 @@ def main(command_line_args=sys.argv[1:]): # noqa: C901 initialize_constraint_table(cfg_list) analyse(cfg_list) - vulnerabilities.append(find_vulnerabilities( + vulnerabilities.extend(find_vulnerabilities( cfg_list, ui_mode, args.blackbox_mapping_file, @@ -117,6 +119,12 @@ def main(command_line_args=sys.argv[1:]): # noqa: C901 nosec_lines )) + if args.baseline: + vulnerabilities = get_vulnerabilities_not_in_baseline( + vulnerabilities, + args.baseline + ) + if args.json: json.report(vulnerabilities, args.output_file) From 8d1d80569d0c5f2af8eeae1b88cc8a9ef4b26043 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Tue, 19 Jun 2018 13:47:51 +0300 Subject: [PATCH 17/27] new parameters for discover_files --- tests/main_test.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tests/main_test.py b/tests/main_test.py index eea6ff47..aee80c68 100644 --- a/tests/main_test.py +++ b/tests/main_test.py @@ -5,17 +5,18 @@ class MainTest(BaseTestCase): + @mock.patch('pyt.__main__.discover_files') @mock.patch('pyt.__main__.parse_args') @mock.patch('pyt.__main__.find_vulnerabilities') @mock.patch('pyt.__main__.text') - def test_text_output(self, mock_text, mock_find_vulnerabilities, mock_parse_args): + def test_text_output(self, mock_text, mock_find_vulnerabilities, mock_parse_args, mock_discover_files): mock_find_vulnerabilities.return_value = 'stuff' example_file = 'examples/vulnerable_code/inter_command_injection.py' output_file = 'mocked_outfile' + mock_discover_files.return_value = [example_file] mock_parse_args.return_value = mock.Mock( autospec=True, - filepath=example_file, project_root=None, baseline=None, json=None, @@ -32,17 +33,18 @@ def test_text_output(self, mock_text, mock_find_vulnerabilities, mock_parse_args mock_parse_args.return_value.output_file ) + @mock.patch('pyt.__main__.discover_files') @mock.patch('pyt.__main__.parse_args') @mock.patch('pyt.__main__.find_vulnerabilities') @mock.patch('pyt.__main__.json') - def test_json_output(self, mock_json, mock_find_vulnerabilities, mock_parse_args): + def test_json_output(self, mock_json, mock_find_vulnerabilities, mock_parse_args, mock_discover_files): mock_find_vulnerabilities.return_value = 'stuff' example_file = 'examples/vulnerable_code/inter_command_injection.py' output_file = 'mocked_outfile' + mock_discover_files.return_value = [example_file] mock_parse_args.return_value = mock.Mock( autospec=True, - filepath=example_file, project_root=None, baseline=None, json=True, From 35b800195882f503e4030c2267b1422059bfd82b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Wed, 20 Jun 2018 03:18:36 +0300 Subject: [PATCH 18/27] test_valid_args_but_no_targets() --- tests/usage_test.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/tests/usage_test.py b/tests/usage_test.py index 4883c31d..d923e5ac 100644 --- a/tests/usage_test.py +++ b/tests/usage_test.py @@ -65,18 +65,19 @@ def test_no_args(self): self.assertEqual(stdout.getvalue(), EXPECTED) - '''def test_valid_args_but_no_filepath(self): + def test_valid_args_but_no_targets(self): with self.assertRaises(SystemExit): with capture_sys_output() as (_, stderr): parse_args(['-j']) - EXPECTED = """usage: python -m pyt [-h] [-f FILEPATH] [-a ADAPTOR] [-pr PROJECT_ROOT] + EXPECTED = """usage: python -m pyt [-h] [-a ADAPTOR] [-pr PROJECT_ROOT] [-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE] [-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec] - [-trim] [-i] -python -m pyt: error: The -f/--filepath argument is required\n""" + [-r] [-x EXCLUDED_PATHS] [-trim] [-i] + [targets [targets ...]] +python -m pyt: error: The targets argument is required\n""" - self.assertEqual(stderr.getvalue(), EXPECTED)''' + self.assertEqual(stderr.getvalue(), EXPECTED) # def test_using_both_mutually_exclusive_args(self): # with self.assertRaises(SystemExit): From 2e4d07a0c3110be77c6caf6bf40e7667d85355d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Wed, 20 Jun 2018 03:37:00 +0300 Subject: [PATCH 19/27] edited expected values --- tests/usage_test.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/usage_test.py b/tests/usage_test.py index d923e5ac..d9ed7cec 100644 --- a/tests/usage_test.py +++ b/tests/usage_test.py @@ -29,7 +29,7 @@ def test_no_args(self): [-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE] [-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec] [-r] [-x EXCLUDED_PATHS] [-trim] [-i] - [targets [targets ...]] + targets [targets ...] required arguments: targets source file(s) or directory(s) to be tested @@ -74,8 +74,8 @@ def test_valid_args_but_no_targets(self): [-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE] [-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec] [-r] [-x EXCLUDED_PATHS] [-trim] [-i] - [targets [targets ...]] -python -m pyt: error: The targets argument is required\n""" + targets [targets ...] +python -m pyt: error: the following arguments are required: targets\n""" self.assertEqual(stderr.getvalue(), EXPECTED) From 0c6b08296e16a33ccc429966faedca2fdaf829dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Wed, 20 Jun 2018 15:17:59 +0300 Subject: [PATCH 20/27] changed vulnerabilities list location --- pyt/__main__.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 643eeb19..aee51be6 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -33,18 +33,20 @@ def discover_files(targets, excluded_files, recursive=False): included_files = list() excluded_list = excluded_files.split(",") - + + for target in targets: if os.path.isdir(target): - if recursive: for root, dirs, files in os.walk(target): for f in files: + if not recursive: + break fullpath = os.path.join(root, f) if os.path.splitext(fullpath)[1] == '.py' and fullpath.split("/")[-1] not in excluded_list: included_files.append(fullpath) else: if target not in excluded_list: - included_files.append(targets[0]) + included_files.append(target) return included_files @@ -62,9 +64,8 @@ def main(command_line_args=sys.argv[1:]): args.excluded_paths, args.recursive ) - vulnerabilities = list() for path in files: - print(path) + vulnerabilities = list() if args.ignore_nosec: nosec_lines = set() else: From ae84a442925f976ffca6416ac9619e799e7fb86c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Wed, 20 Jun 2018 15:26:12 +0300 Subject: [PATCH 21/27] Update usage_test.py --- tests/usage_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/usage_test.py b/tests/usage_test.py index d9ed7cec..44c60166 100644 --- a/tests/usage_test.py +++ b/tests/usage_test.py @@ -74,7 +74,7 @@ def test_valid_args_but_no_targets(self): [-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE] [-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec] [-r] [-x EXCLUDED_PATHS] [-trim] [-i] - targets [targets ...] + [targets [targets ...]] python -m pyt: error: the following arguments are required: targets\n""" self.assertEqual(stderr.getvalue(), EXPECTED) From 1944b4ade9a08d34f83fb42037f9af63327f0ec6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Wed, 20 Jun 2018 15:29:30 +0300 Subject: [PATCH 22/27] Update usage_test.py --- tests/usage_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/usage_test.py b/tests/usage_test.py index 44c60166..d9ed7cec 100644 --- a/tests/usage_test.py +++ b/tests/usage_test.py @@ -74,7 +74,7 @@ def test_valid_args_but_no_targets(self): [-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE] [-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec] [-r] [-x EXCLUDED_PATHS] [-trim] [-i] - [targets [targets ...]] + targets [targets ...] python -m pyt: error: the following arguments are required: targets\n""" self.assertEqual(stderr.getvalue(), EXPECTED) From ba3d4383ecafce755fdb3ec785430f1ebd4c5577 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Thu, 21 Jun 2018 15:42:53 +0300 Subject: [PATCH 23/27] changed location of "recursive control" --- pyt/__main__.py | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index aee51be6..1e8c2640 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -33,17 +33,15 @@ def discover_files(targets, excluded_files, recursive=False): included_files = list() excluded_list = excluded_files.split(",") - - for target in targets: if os.path.isdir(target): for root, dirs, files in os.walk(target): for f in files: - if not recursive: - break fullpath = os.path.join(root, f) if os.path.splitext(fullpath)[1] == '.py' and fullpath.split("/")[-1] not in excluded_list: included_files.append(fullpath) + if not recursive: + break else: if target not in excluded_list: included_files.append(target) @@ -64,6 +62,7 @@ def main(command_line_args=sys.argv[1:]): args.excluded_paths, args.recursive ) + for path in files: vulnerabilities = list() if args.ignore_nosec: @@ -121,10 +120,10 @@ def main(command_line_args=sys.argv[1:]): )) if args.baseline: - vulnerabilities = get_vulnerabilities_not_in_baseline( - vulnerabilities, - args.baseline - ) + vulnerabilities = get_vulnerabilities_not_in_baseline( + vulnerabilities, + args.baseline + ) if args.json: From 6a25e25ce0e01dd434b320d48106f0127b2adb8b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Fri, 22 Jun 2018 22:54:53 +0300 Subject: [PATCH 24/27] Update usage.py --- pyt/usage.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyt/usage.py b/pyt/usage.py index 0892536e..30286215 100644 --- a/pyt/usage.py +++ b/pyt/usage.py @@ -30,7 +30,7 @@ def valid_date(s): def _add_required_group(parser): required_group = parser.add_argument_group('required arguments') required_group.add_argument( - 'targets', metavar='targets', type=str, nargs='*', + 'targets', metavar='targets', type=str, nargs='+', help='source file(s) or directory(s) to be tested' ) From f42d283bb7195165d82e1994e5965d2ee547e666 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Fri, 22 Jun 2018 22:56:05 +0300 Subject: [PATCH 25/27] de-dent some lines --- pyt/__main__.py | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 1e8c2640..062fea8b 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -35,13 +35,13 @@ def discover_files(targets, excluded_files, recursive=False): excluded_list = excluded_files.split(",") for target in targets: if os.path.isdir(target): - for root, dirs, files in os.walk(target): - for f in files: - fullpath = os.path.join(root, f) - if os.path.splitext(fullpath)[1] == '.py' and fullpath.split("/")[-1] not in excluded_list: - included_files.append(fullpath) - if not recursive: - break + for root, dirs, files in os.walk(target): + for f in files: + fullpath = os.path.join(root, f) + if os.path.splitext(fullpath)[1] == '.py' and fullpath.split("/")[-1] not in excluded_list: + included_files.append(fullpath) + if not recursive: + break else: if target not in excluded_list: included_files.append(target) @@ -62,7 +62,7 @@ def main(command_line_args=sys.argv[1:]): args.excluded_paths, args.recursive ) - + for path in files: vulnerabilities = list() if args.ignore_nosec: @@ -125,7 +125,6 @@ def main(command_line_args=sys.argv[1:]): args.baseline ) - if args.json: json.report(vulnerabilities, args.output_file) else: From c7b2f73d9817a6363e8ac4fe0862cefebd8a7ffa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Fri, 22 Jun 2018 22:57:38 +0300 Subject: [PATCH 26/27] test_no_args --- tests/usage_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/usage_test.py b/tests/usage_test.py index d9ed7cec..ff8459e6 100644 --- a/tests/usage_test.py +++ b/tests/usage_test.py @@ -29,7 +29,7 @@ def test_no_args(self): [-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE] [-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec] [-r] [-x EXCLUDED_PATHS] [-trim] [-i] - targets [targets ...] + [targets [targets ...]] required arguments: targets source file(s) or directory(s) to be tested From 2afc177d0eea61767f11f8daa4f3f2faf13d7e55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Fri, 22 Jun 2018 22:59:52 +0300 Subject: [PATCH 27/27] test_no_args passed --- tests/usage_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/usage_test.py b/tests/usage_test.py index ff8459e6..d9ed7cec 100644 --- a/tests/usage_test.py +++ b/tests/usage_test.py @@ -29,7 +29,7 @@ def test_no_args(self): [-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE] [-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec] [-r] [-x EXCLUDED_PATHS] [-trim] [-i] - [targets [targets ...]] + targets [targets ...] required arguments: targets source file(s) or directory(s) to be tested