Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

suspicious-eval-usage doesn't trigger when expected #5505

Closed
tjkuson opened this issue Jul 4, 2023 · 1 comment · Fixed by #5506
Closed

suspicious-eval-usage doesn't trigger when expected #5505

tjkuson opened this issue Jul 4, 2023 · 1 comment · Fixed by #5506
Assignees
Labels
bug Something isn't working

Comments

@tjkuson
Copy link
Contributor

tjkuson commented Jul 4, 2023

Using ruff 0.0.276, running ruff check --select S307 scratch.py where scratch.py is

import os

print(eval("1+1"))
print(eval("os.getcwd()"))
print(eval("os.chmod('%s', 0777)" % 'test.txt'))


# A user-defined method named "eval" should not get flagged.
class Test(object):
    def eval(self):
        print("hi")
    def foo(self):
        self.eval()

Test().eval()

flags zero violations. The above Python code is from the Bandit source.

Running bandit flags three violations (as expected).

@charliermarsh charliermarsh self-assigned this Jul 4, 2023
@charliermarsh
Copy link
Member

I'll take a look.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants