You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
% ./.tox/pyt/bin/pyt -v -v -v -v a/sys.py
[DEBUG] pyt.__main__: Discovered file: a/a.py
[INFO] pyt.__main__: Processing a/a.py
Traceback (most recent call last):
File "./.tox/pyt/bin/pyt", line 10, in<module>sys.exit(main())
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/__main__.py", line 106, in main
allow_local_directory_imports=args.allow_local_imports
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/make_cfg.py", line 42, in make_cfg
allow_local_directory_imports
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/expr_visitor.py", line 69, in __init__
self.init_cfg(node)
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/expr_visitor.py", line 76, in init_cfg
module_statements = self.visit(node)
File "/usr/lib64/python3.7/ast.py", line 262, in visit
return visitor(node)
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 67, in visit_Module
return self.stmt_star_handler(node.body)
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 88, in stmt_star_handler
node = self.visit(stmt)
File "/usr/lib64/python3.7/ast.py", line 262, in visit
return visitor(node)
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 1057, in visit_ImportFrom
from_from=True
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 807, in add_module
self.visit(tree)
File "/usr/lib64/python3.7/ast.py", line 262, in visit
return visitor(node)
...
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 67, in visit_Module
return self.stmt_star_handler(node.body)
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 88, in stmt_star_handler
node = self.visit(stmt)
File "/usr/lib64/python3.7/ast.py", line 262, in visit
return visitor(node)
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 1057, in visit_ImportFrom
from_from=True
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 802, in add_module
self.local_modules = get_directory_modules(module_path) if self._allow_local_modules else []
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/core/project_handler.py", line 26, in get_directory_modules
if _is_python_file(path):
File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/core/project_handler.py", line 74, in _is_python_file
if os.path.splitext(path)[1] == '.py':
File "/home/user/.tox/pyt/lib64/python3.7/posixpath.py", line 129, in splitext
return genericpath._splitext(p, sep, None, extsep)
File "/home/user/.tox/pyt/lib64/python3.7/genericpath.py", line 124, in _splitext
sepIndex = p.rfind(sep)
RecursionError: maximum recursion depth exceeded while calling a Python object
The text was updated successfully, but these errors were encountered:
I'm running into this same issue while running pyt against our DRF codebase. I cannot share the source since it is proprietary but would be delighted to provide any details I can.
Edit:
I am using python-taint 0.42 and Python 3.6.9
Unfortunately, there is a small decrease in the number of findings as a tradeoff for a non-crashing version. The particular PR has other unrelated changes but the changes only to lib/pyt folder should give an idea if someone wants to back-port them to this repo.
Alternatively, I have made numerous other improvements to my pyt clone:
pysa based taint config to construct proper error messages based on source and sink
Categorized the trigger words for various sources and sinks
Brand new sensitive data leak detection logic
Tested against top 100 github repos to address defects and performance
While pysa is great new toy, I felt the need for manually creating models for every repo is a showstopper. pyt just works has decent quality and performance.
python-taint==0.42
python 3.7
File a/sys.py
The text was updated successfully, but these errors were encountered: