Merge pull request #236 from intel-innersource/bandit_check

rdementi · web-flow · commit 5e365a16ec0f · 2022-07-20T08:48:16.000+02:00
Updated pmu-query.py script with Bandit security tool requirements
diff --git a/scripts/pmu-query.py b/scripts/pmu-query.py
@@ -4,7 +4,8 @@
 import urllib.parse
 import json
 import csv
-import subprocess
+# subprocess is used as multiplatform approach, usage is verified (20-07-2022)
+import subprocess  # nosec
 import sys
 import platform
 import getopt
@@ -31,7 +32,8 @@
     sys.exit(-2)
 
 if filename is None:
-    map_file_raw = urllib.request.urlopen("https://download.01.org/perfmon/mapfile.csv").read().decode('utf-8')
+    # vefified that link to mapfile.csv is safe and correct (20-07-2022)
+    map_file_raw = urllib.request.urlopen("https://download.01.org/perfmon/mapfile.csv").read().decode('utf-8')  # nosec
     map_dict = csv.DictReader(io.StringIO(map_file_raw), delimiter=',')
     map_file = []
     core_path = ""
@@ -67,7 +69,8 @@
             print(model)
 
     if core_path:
-        json_core_data = urllib.request.urlopen(
+        # vefified that links, created on base of map_file are correct (20-07-2022)
+        json_core_data = urllib.request.urlopen(  # nosec
             "https://download.01.org/perfmon" + core_path
         )
         core_events = json.load(json_core_data)
@@ -79,7 +82,8 @@
         sys.exit(-1)
 
     if offcore_path:
-        json_offcore_data = urllib.request.urlopen(
+        # vefified that links, created on base of map_file are correct (20-07-2022)
+        json_offcore_data = urllib.request.urlopen(  # nosec
             "https://download.01.org/perfmon" + offcore_path
         )
         offcore_events = json.load(json_offcore_data)
