Merge pull request #315 from tlsfuzzer/codeql

Add CodeQL fixes
tlsfuzzer · Feb 28, 2023 · 31039b4 · 31039b4
2 parents cd5ac4f + 439e452
commit 31039b4
Show file tree

Hide file tree

Showing 8 changed files with 66 additions and 324 deletions.
diff --git a/README.md b/README.md
@@ -4,8 +4,7 @@
 [![Documentation Status](https://readthedocs.org/projects/ecdsa/badge/?version=latest)](https://ecdsa.readthedocs.io/en/latest/?badge=latest)
 [![Coverage Status](https://coveralls.io/repos/github/tlsfuzzer/python-ecdsa/badge.svg?branch=master)](https://coveralls.io/github/tlsfuzzer/python-ecdsa?branch=master)
 ![condition coverage](https://img.shields.io/endpoint?url=https://gist.githubusercontent.com/tomato42/9b6ca1f3410207fbeca785a178781651/raw/python-ecdsa-condition-coverage.json)
-[![Language grade: Python](https://img.shields.io/lgtm/grade/python/g/tlsfuzzer/python-ecdsa.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/tlsfuzzer/python-ecdsa/context:python)
-[![Total alerts](https://img.shields.io/lgtm/alerts/g/tlsfuzzer/python-ecdsa.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/tlsfuzzer/python-ecdsa/alerts/)
+[![CodeQL](https://github.com/tlsfuzzer/python-ecdsa/actions/workflows/codeql.yml/badge.svg)](https://github.com/tlsfuzzer/python-ecdsa/actions/workflows/codeql.yml)
 [![Latest Version](https://img.shields.io/pypi/v/ecdsa.svg?style=flat)](https://pypi.python.org/pypi/ecdsa/)
 ![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg?style=flat)
 

diff --git a/docs/source/conf.py b/docs/source/conf.py
@@ -68,5 +68,3 @@
     "undoc-members": True,
     "inherited-members": True,
 }
-
-intersphinx_mapping = {"https://docs.python.org/": None}
diff --git a/src/ecdsa/_rwlock.py b/src/ecdsa/_rwlock.py
diff --git a/src/ecdsa/test_eddsa.py b/src/ecdsa/test_eddsa.py
@@ -500,6 +500,7 @@ def test_equal_public_points(self):
         key2 = PublicKey(generator_ed25519, b"\x01" * 32)
 
         self.assertEqual(key1, key2)
+        # verify that `__ne__` works as expected
         self.assertFalse(key1 != key2)
 
     def test_unequal_public_points(self):
@@ -519,20 +520,23 @@ def test_unequal_publickey_curves(self):
         key2 = PublicKey(generator_ed448, b"\x03" * 56 + b"\x00")
 
         self.assertNotEqual(key1, key2)
+        # verify that `__ne__` works as expected
         self.assertTrue(key1 != key2)
 
     def test_equal_private_keys(self):
         key1 = PrivateKey(generator_ed25519, b"\x01" * 32)
         key2 = PrivateKey(generator_ed25519, b"\x01" * 32)
 
         self.assertEqual(key1, key2)
+        # verify that `__ne__` works as expected
         self.assertFalse(key1 != key2)
 
     def test_unequal_private_keys(self):
         key1 = PrivateKey(generator_ed25519, b"\x01" * 32)
         key2 = PrivateKey(generator_ed25519, b"\x02" * 32)
 
         self.assertNotEqual(key1, key2)
+        # verify that `__ne__` works as expected
         self.assertTrue(key1 != key2)
 
     def test_unequal_privatekey_to_string(self):

diff --git a/src/ecdsa/test_keys.py b/src/ecdsa/test_keys.py
@@ -769,8 +769,8 @@ def test_deterministic_sign_that_rises_S_zero_error(self):
 verifiers = []
 for modifier, fun in [
     ("bytes", lambda x: x),
-    ("bytes memoryview", lambda x: buffer(x)),
-    ("bytearray", lambda x: bytearray(x)),
+    ("bytes memoryview", buffer),
+    ("bytearray", bytearray),
     ("bytearray memoryview", lambda x: buffer(bytearray(x))),
     ("array.array of bytes", lambda x: array.array("B", x)),
     ("array.array of bytes memoryview", lambda x: buffer(array.array("B", x))),

diff --git a/src/ecdsa/test_malformed_sigs.py b/src/ecdsa/test_malformed_sigs.py
@@ -111,6 +111,7 @@ def st_fuzzed_sig(draw, keys_and_sigs):
     note("Remove bytes: {0}".format(to_remove))
 
     # decide which bytes of the original signature should be changed
+    xors = None
     if sig:  # pragma: no branch
         xors = draw(
             st.dictionaries(
@@ -288,15 +289,13 @@ def st_der():
         | st_der_octet_string(max_size=1024**2)
         | st_der_null()
         | st_der_oid(),
-        lambda children: st.builds(
-            lambda x: encode_octet_string(x), st.one_of(children)
-        )
+        lambda children: st.builds(encode_octet_string, st.one_of(children))
         | st.builds(lambda x: encode_bitstring(x, 0), st.one_of(children))
         | st.builds(
             lambda x: encode_sequence(*x), st.lists(children, max_size=200)
         )
         | st.builds(
-            lambda tag, x: encode_constructed(tag, x),
+            encode_constructed,
             st.integers(min_value=0, max_value=0x3F),
             st.one_of(children),
         ),