<a href="https://colab.research.google.com/github/wjtopp3/CSIT-2033/blob/main/CSIT_2033_Week_3.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# 3. Secure Coding Basics


# Coding Style
- Good coding style is essential because it promotes clear, consistent, and readable code, making it easier to spot logic errors, unintended behavior, and security flaws during development and review.

# GotoFail: A Case Study in Style-Related Vulnerabilities
The **goto fail** bug was a critical security flaw in Apple’s SSL/TLS implementation (discovered in 2014)
  - It was caused by a duplicate goto statement in the C code.
  - The defect caused a certificate validation operation to prematurely exit, allowing attackers to impersonate secure websites and intercept encrypted communications.


```
if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0)
    goto fail;
if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
    goto fail;
    goto fail;  // <- This accidental second 'goto fail;' is the bug
if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0)
    goto fail;
```


# PEP 8 and Python Style Guidelines

- A Python Enhancement Proposal (PEP) describes a new feature, process, or  guideline for the Python community.
  - PEPs provide a structured way to propose, discuss, and document changes to the language.
    - PEP 1 (https://peps.python.org/pep-0001/) was written in March 2000 and defines what PEPs are for and how they should be used.
    - PEPs 2–7 set guidelines for Python's development, including the PEP index and workflow (PEP 2), PEP guidelines for informational proposals (PEP 3), procedures for Python releases (PEP 4 and 6), deprecation policy (PEP 5), and how to submit patches (PEP 7).
    - PEP 8 (https://peps.python.org/pep-0008/) provides Python coding style guidelines for maintainable code
  - As instructors of introductory programming courses, we have the opportunity to teach the need for code style discipline and best practices early in a student's learning journey.
  - By teaching established and consistent conventions we can help students develop habits that lead to more reliable and professional software.



# Guidelines

- These guidelines emphasize code readability and foster a mindset that prioritizes security and maintainability—critical skills for aspiring developers.

1. Formatting for Readability and Maintainability
2. Naming Conventions
3. Module Imports
4. Documentation and Comments

# Formatting for Readability and Maintainability

- Consistent Indentation (https://peps.python.org/pep-0008/#indentation)
  - Use 4 spaces (not tabs) per indentation level to avoid confusion that could lead to logical errors.
- Maximum Line Length (https://peps.python.org/pep-0008/#maximum-line-length)
  - 79 characters prevents the need for horizontal scrolling, making it easier to audit code for security flaws.



# Naming Conventions
- https://peps.python.org/pep-0008/#naming-conventions
- Use meaningful names for variables, functions, and classes.
    - Good: sumTotal, TotalSum, Sum_Total, i, x, squareRoot_, automobiles, _sum_, CONSTANT_X
    - bad: sum, x-1
- Avoid **shadowing**
  - Shadowing occurs when a local variable or function name in your code overrides a built-in name, making the original built-in temporarily inaccessible.
  - Don't use names that overwrite Python built-ins (e.g., don’t name a variable **id**, **list**, or **sum**).
- Use CAPITALIZED_NAMES for constants that shouldn’t be modified.

In [None]:
# shadowing and constants

TAX_RATE = 0.07 # FL sales tax, won't change without legislation
sum = 10  # Overwrites the built-in sum function

numbers = [1, 2, 3]
total = sum(numbers)

del sum # fixes it, comment out previous line first
total = sum(numbers)
print(total)

print(total + (1 + TAX_RATE))

# Module Imports

# 🛠️ Hands-On: Demonstrating Wildcard Import Issues
- Avoid wildcard imports

```
    from module import *
```

- This can introduce unintended variables and functions into the namespace, leading to unpredictable behavior.

In [None]:
# Create two module files dynamically with conflicting function names

# First module: math_tools with an add() function
# that performs numerical addition
with open('math_tools.py', 'w') as f:
    f.write("""
def add(x, y):
    return x + y
""")

# Second module: string_tools with an add() function
# that performs string concatenation
with open('string_tools.py', 'w') as f:
    f.write("""
def add(x, y):
    return x + " " + y
""")

# Import all contents from math_tools using wildcard import
from math_tools import *
print("Imported math_tools")
# Show memory address of the current add() function
print("id(add) after math_tools import:", id(add))

# Import all contents from string_tools — this silently
# overwrites the previous add()
from string_tools import *
print("Imported string_tools")
 # Show memory address has change — function was overwritten
print("id(add) after string_tools import:", id(add))

# Test which 'add' function is currently in scope
# (hint: it's the one from string_tools).
print("\nTesting add(2, 3):")
try:
    # Will raise a TypeError because string concatenation expects strings
    result = add(2, 3)
    print("Result of add(2, 3):", result)
except Exception as e:
    # Catch error caused by conflicting function definitions
    print("Error:", e)

# Clean up: delete dynamically created module files
import os
os.remove('math_tools.py')
os.remove('string_tools.py')


# Exercise - Wildcard Imports

Use alias imports as demonstrated in to solve this wildcard import problem. Modify the CHANGEME lines as required.

In [None]:
with open('text_processor.py', 'w') as f:
    f.write("""def process(text):\n    return text.upper()\n""")

with open('number_processor.py', 'w') as f:
    f.write("""def process(num):\n    return num * num\n""")

# --- Demonstrate original behavior without wildcard conflict ---

print("=== Demonstrating correct behavior using explicit imports ===")

# CHANGEME 1. replace the following wildcard import with an alias import
from text_processor import *
print("Imported text_processor")
print("id(tp.process):", id(tp.process))

# Call process from text_processor
try:
    print("tp.process('hello') =", tp.process("hello"))
except Exception as e:
    print("Error:", e)

# CHANGEME 2. replace the following wildcard import with an alias import
from number_processor import *
print("\nImported number_processor")
print("id(np.process):", id(np.process))

# Call process from number_processor
try:
    print("np.process(5) =", np.process(5))
except Exception as e:
    print("Error:", e)

# CHANGEME 3: use an alias to call the text processor
try:
    print("process('hello') =", process("hello"))
except Exception as e:
    print("Error:", e)

# --- Cleanup ---
import os
os.remove('text_processor.py')
os.remove('number_processor.py')


In [None]:
###
###
### SOLUTION
###
###

with open('text_processor.py', 'w') as f:
    f.write("""def process(text):\n    return text.upper()\n""")

with open('number_processor.py', 'w') as f:
    f.write("""def process(num):\n    return num * num\n""")

# --- Demonstrate original behavior without wildcard conflict ---

print("=== Demonstrating correct behavior using explicit imports ===")

# CHANGEME 1. replace the following wildcard import with an alias import
import text_processor as tp
print("Imported text_processor")
print("id(tp.process):", id(tp.process))

# Call process from text_processor
try:
    print("tp.process('hello') =", tp.process("hello"))
except Exception as e:
    print("Error:", e)

# CHANGEME 2. replace the following wildcard import with an alias import
import number_processor as np
print("\nImported number_processor")
print("id(np.process):", id(np.process))

# Call process from number_processor
try:
    print("np.process(5) =", np.process(5))
except Exception as e:
    print("Error:", e)

# CHANGEME 3: use an alias to call the text processor
try:
    print("tp.process('hello') =", tp.process("hello"))
except Exception as e:
    print("Error:", e)

# --- Cleanup ---
import os
os.remove('text_processor.py')
os.remove('number_processor.py')


# Whitespace

- https://peps.python.org/pep-0008/#whitespace-in-expressions-and-statements

- Use spaces around operators and after commas to improve readability. Do this:

```
    x = a + b
```

- instead of this:

```
    x=a+b
```

- Avoid extraneous whitespace in expressions; instead of:

```
    x = (a + b ) # (trailing space inside parentheses)
```

- Do this:

```
    x = (a + b)
```

# Exception Handling
- https://peps.python.org/pep-0008/#programming-recommendations
- Don’t use "bare except" statements. Instead of:

```
    try:
        process_data()
    except:
        pass # Silently ignores errors (including critical ones)
```

- Do this:

```
    try:
        process_data()
    except (ValueError, KeyError) as e:
        logger.error(f"Processing failed: {e}")  # Log the issue
```

- Raise exceptions explicitly and use meaningful exception types with clear messages.  
  Instead of:

```
    raise Exception("Error occurred")  # Valid but non-specific
```

- Do this:

```
    raise ValueError("Invalid input")
```

# Documentation and Comments
- https://peps.python.org/pep-0008/#comments
- Use docstrings for function behavior and security emphasis

In [None]:
def sanitize_input(user_input):
    """
    Cleans user input to prevent injection attacks.

    This function removes potentially dangerous characters
    to protect against code injection vulnerabilities.

    Args:
        user_input (str): The input string provided by the user.

    Returns:
        str: A sanitized version of the input safe for further processing.
    """
    return user_input.replace("<", "").replace(">", "").replace(";", "")

print(help(sanitize_input))


- Avoid inline comments disclosing security-sensitive information. Instead of:

```
	# Hashing passwords with MD5 (insecure)
```

- Do this:

```
	# Securely hash passwords
```

# Loops, Lists, Tuples, and Dictionaries

# Loops / Secure Iteration

- Avoid Infinite Loops and Ensure Proper Termination
- Infinite loops can cause a program to become unresponsive, consume excessive system resources, or create security vulnerabilities such as denial-of-service (DoS) risks.
- To ensure proper termination of loops, follow these best practices

In [None]:
# Use explicit loop conditions: ensure loops have well-defined termination conditions

count = 0
while count < 10:  # Proper termination condition
    print(count)
    count += 1  # Ensure progress towards termination

In [None]:
# Avoid using while True without a break condition

while True:
    # processing steps ...
    #
    user_input = input("Enter 'exit' to stop: ")
    if user_input.lower() == 'exit':
        break

# Implement Timeouts/Iteration Limits
- When processing user input or external data, avoid infinite loops by implementing timeouts or iteration limits.

  ```
  import time

  start_time = time.time()
  timeout = 5  # seconds

  while time.time() - start_time < timeout:
      if some_condition():  # Replace with actual condition
          break
  ```

In [None]:
# Instead of looping through large datasets, use generators to iterate over
# data securely and avoid excessive memory usage.

# The secure_generator function below produces one value at a time
# instead of returning an entire list

def secure_generator(n):
    for i in range(n):
        yield i  # Generates values on demand

for value in secure_generator(10):
    print(value)

# Security Considerations for Lists and Tuples

| List | Tuple |
|------|-------|
| Mutable | Immutable                  |
| Dynamic collections | Fixed data structures |
| Memory overhead for dynamic resizing | More memory efficient |
| Built-in methods for modification | Fewer built-in methods |
| Slightly slower for dynamic resizing | Sightly faster for large datasets |


# Tuples for Secure Data
- Tuples are hashable (can be used as dictionary keys or set elements) as long as they only contain hashable elements
- This ensures that security-sensitive mappings (e.g., user permissions, access control lists) remain unchanged.

In [None]:
# Example: Is an admin with read permissions allowed to perform a write?

non_hashable_tuple = (["admin", "read"], "write") # contains a list
access_rights = { non_hashable_tuple: True }

hashable_tuple = (("admin", "read"), "write") # hashable
access_rights = { hashable_tuple: True }

# Copying Lists
- Prevent unintended data modifications in lists by using tuples for data that should remain unchanged
  - make copies of lists before passing them to functions if modification is not intended
- Copying lists ensures that modifications to copied objects do not unintentionally affect the original, important when dealing with mutable and nested data structures
- A Python list's copy method performs a shallow copy: it only copies the outer list and keeps references to mutable elements inside.
- The **copy** module (https://docs.python.org/3/library/copy.html) allows programmers to create both shallow and deep copies of objects.
  - The copy function in this module behaves similarly to the List's copy method.
  - A **deep copy** creates a new compound object and recursively inserts copies into it of the objects found in the original.
  - This is only relevant for compound objects (objects that contain other objects, like lists or class instances).

# Copying Lists: The Shallow Copy Problem
- Since a shallow copy only copies references to the inner lists, modifying an element inside the copy also affects the original_list.

In [None]:
import copy

original_list = [[1, 2, 3], [4, 5, 6]]
shallow_copy = copy.copy(original_list)

# Modifying an inner list

shallow_copy[0][0] = 99

print(original_list)  # Output (modified): [[99, 2, 3], [4, 5, 6]]
print(shallow_copy)   # Output (modified): [[99, 2, 3], [4, 5, 6]]

# 🛠️ Hands-On: Make a Deep Copy

- copy.deepcopy() creates a new object and recursively copies all objects within it, ensuring that nested mutable objects are fully duplicated rather than just referenced so the copied object is completely independent.

In [None]:
import copy

original_list = [[1, 2, 3], [4, 5, 6]]
deep_copy = copy.deepcopy(original_list)

# Modifying an inner list
deep_copy[0][0] = 99

print(original_list)  # Output: [[1, 2, 3], [4, 5, 6]]  (Unchanged)
print(deep_copy)      # Output: [[99, 2, 3], [4, 5, 6]]  (Modified)

# Exercise - Deep Copies

A student has naively created a copy of a dictionary using a simple assignment,
thinking that the copy will be independent of the original.

Rewrite the script so it creates a deep copy.

In [None]:
# you can overwrite this code cell or add a new one below it for your solution

original_dict = {
    "user1": {"name": "Alice", "score": 90},
    "user2": {"name": "Bob", "score": 85}
}

assigned_dict = original_dict

# Modify a nested value in the copy
assigned_dict["user1"]["score"] = 100

print(original_dict)
# Output: {'user1': {'name': 'Alice', 'score': 100}, 'user2': {'name': 'Bob', 'score': 85}} (Changed!)

print(assigned_dict)
# Output: {'user1': {'name': 'Alice', 'score': 100}, 'user2': {'name': 'Bob', 'score': 85}} (Same object)


In [None]:
###
###
### SOLUTION
###
###

import copy

original_dict = {
    "user1": {"name": "Alice", "score": 90},
    "user2": {"name": "Bob", "score": 85}
}

deep_copy = copy.deepcopy(original_dict)

# Modify a nested value in the copy
deep_copy["user1"]["score"] = 100

print(original_dict)
# Output: {'user1': {'name': 'Alice', 'score': 90}, 'user2': {'name': 'Bob', 'score': 85}} (Unchanged)

print(deep_copy)
# Output: {'user1': {'name': 'Alice', 'score': 100}, 'user2': {'name': 'Bob', 'score': 85}} (Modified)
