Open
Description
Description of the false positive
Impressively, the analysis found a statically defined string in the main function which does not have certain keywords in it that the call to format in a separate function output_format has. Unfortunately, the analysis missed the fact that there is a second code path where output_format is called with user-provided strings (that may have those keywords).
Seemingly relevant bits:
def output_format(fmt, jobs):
for job in jobs:
s = fmt.format(
id=job["id"],
userid=job["userid"],
username=job_username(job),
priority=job["priority"],
state=statetostr(job, False),
state_single=statetostr(job, True),
name=job["name"],
ntasks=job["ntasks"],
t_submit=job["t_submit"],
t_depend=job["t_depend"],
t_sched=job["t_sched"],
t_run=job["t_run"],
t_cleanup=job["t_cleanup"],
t_inactive=job["t_inactive"],
runtime=runtime(job, False),
runtime_fsd=runtime_fsd(job, False),
runtime_fsd_hyphen=runtime_fsd(job, True),
runtime_hms=runtime_hms(job),
)
print(s)
def main():
args = parse_args()
jobs = fetch_jobs(args)
if args.format:
output_format(args.format, jobs)
else:
fmt = (
"{id:>18} {username:<8.8} {name:<10.10} {state:<8.8} "
"{ntasks:>6} {runtime_fsd_hyphen}"
)
if not args.suppress_header:
s = fmt.format(
id="JOBID",
username="USER",
name="NAME",
state="STATE",
ntasks="NTASKS",
runtime_fsd_hyphen="RUNTIME",
)
print(s)
output_format(fmt, jobs)Output from LGTM:
Surplus named argument for string format. An argument named 'priority' is provided, but it is not required by format "{id:>18} {username:<8.8} {name:<10.10} {state:<8.8} {ntasks:>6} {runtime_fsd_hyphen}".
This is an easy-enough error to suppress, but I figured I'd file the false positive. Really amazing tool BTW!
URL to the alert on the project page on LGTM.com