Solve bandit security problems in examples. (#852)

Author: janiversen

examples/common/async_asyncio_client.py

@@ -67,48 +67,48 @@ async def start_async_test(client):
     _logger.debug("Write to a Coil and read back")
     rq = await client.write_coil(0, True, unit=UNIT)
     rr = await client.read_coils(0, 1, unit=UNIT)
-    assert rq.function_code < 0x80     # test that we are not an error
-    assert rr.bits[0]          # test the expected value
+    assert rq.function_code < 0x80     #nosec test that we are not an error
+    assert rr.bits[0]          #nosec test the expected value
 
     _logger.debug("Write to multiple coils and read back- test 1")
     rq = await client.write_coils(1, [True] * 8, unit=UNIT)
-    assert rq.function_code < 0x80     # test that we are not an error
+    assert rq.function_code < 0x80     #nosec test that we are not an error
     rr = await client.read_coils(1, 21, unit=UNIT)
-    assert rr.function_code < 0x80     # test that we are not an error
+    assert rr.function_code < 0x80     #nosec test that we are not an error
     resp = [True] * 21
 
     # If the returned output quantity is not a multiple of eight,
     # the remaining bits in the final data byte will be padded with zeros
     # (toward the high order end of the byte).
 
     resp.extend([False] * 3)
-    assert rr.bits == resp         # test the expected value
+    assert rr.bits == resp         #nosec test the expected value
 
     _logger.debug("Write to multiple coils and read back - test 2")
     rq = await client.write_coils(1, [False] * 8, unit=UNIT)
     rr = await client.read_coils(1, 8, unit=UNIT)
-    assert rq.function_code < 0x80     # test that we are not an error
-    assert rr.bits == [False] * 8         # test the expected value
+    assert rq.function_code < 0x80     #nosec test that we are not an error
+    assert rr.bits == [False] * 8         #nosec test the expected value
 
     _logger.debug("Read discrete inputs")
     rr = await client.read_discrete_inputs(0, 8, unit=UNIT)
-    assert rq.function_code < 0x80     # test that we are not an error
+    assert rq.function_code < 0x80     #nosec test that we are not an error
 
     _logger.debug("Write to a holding register and read back")
     rq = await client.write_register(1, 10, unit=UNIT)
     rr = await client.read_holding_registers(1, 1, unit=UNIT)
-    assert rq.function_code < 0x80     # test that we are not an error
-    assert rr.registers[0] == 10       # test the expected value
+    assert rq.function_code < 0x80     #nosec test that we are not an error
+    assert rr.registers[0] == 10       #nosec test the expected value
 
     _logger.debug("Write to multiple holding registers and read back")
     rq = await client.write_registers(1, [10] * 8, unit=UNIT)
     rr = await client.read_holding_registers(1, 8, unit=UNIT)
-    assert rq.function_code < 0x80      # test that we are not an error
-    assert rr.registers == [10] * 8       # test the expected value
+    assert rq.function_code < 0x80      #nosec test that we are not an error
+    assert rr.registers == [10] * 8       #nosec test the expected value
 
     _logger.debug("Read input registers")
     rr = await client.read_input_registers(1, 8, unit=UNIT)
-    assert rq.function_code < 0x80      # test that we are not an error
+    assert rq.function_code < 0x80      #nosec test that we are not an error
 
     arguments = {
         'read_address': 1,
@@ -119,9 +119,9 @@ async def start_async_test(client):
     _logger.debug("Read write registers simultaneously")
     rq = await client.readwrite_registers(unit=UNIT, **arguments)
     rr = await client.read_holding_registers(1, 8, unit=UNIT)
-    assert rq.function_code < 0x80     # test that we are not an error
-    assert rq.registers == [20] * 8      # test the expected value
-    assert rr.registers == [20] * 8     # test the expected value
+    assert rq.function_code < 0x80     #nosec test that we are not an error
+    assert rq.registers == [20] * 8      #nosec test the expected value
+    assert rr.registers == [20] * 8     #nosec test the expected value
     await asyncio.sleep(1)
 
 
@@ -130,7 +130,7 @@ def run_with_not_running_loop():
     _logger.debug("Running Async client with asyncio loop not yet started")
     _logger.debug("------------------------------------------------------")
     loop = asyncio.new_event_loop()
-    assert not loop.is_running()
+    assert not loop.is_running() #nosec
     asyncio.set_event_loop(loop)
     new_loop, client = ModbusClient(schedulers.ASYNC_IO, port=5020, loop=loop) #NOSONAR pylint: disable=unpacking-non-sequence
     loop.run_until_complete(start_async_test(client.protocol))
@@ -162,7 +162,7 @@ def start_loop(loop):
     # Start the loop
     mythread.start()
     asyncio.sleep(1)
-    assert loop.is_running()
+    assert loop.is_running() #nosec
     asyncio.set_event_loop(loop)
     loop, client = ModbusClient(schedulers.ASYNC_IO, port=5020, loop=loop) #NOSONAR pylint: disable=unpacking-non-sequence
     future = asyncio.run_coroutine_threadsafe(

examples/common/async_asyncio_serial_client.py

@@ -59,49 +59,49 @@ async def start_async_test(client): # pylint: disable=redefined-outer-name
         rq = await client.write_coil(0, True, unit=UNIT)
         rr = await client.read_coils(0, 1, unit=UNIT)
 
-        assert rq.function_code < 0x80     # test that we are not an error
-        assert rr.bits[0]                  # test the expected value
+        assert rq.function_code < 0x80     #nosec test that we are not an error
+        assert rr.bits[0]                  #nosec test the expected value
 
         log.debug("Write to multiple coils and read back- test 1")
         rq = await client.write_coils(1, [True] * 8, unit=UNIT)
         rr = await client.read_coils(1, 21, unit=UNIT)
 
-        assert rq.function_code < 0x80     # test that we are not an error
-        assert rr.function_code < 0x80     # test that we are not an error
+        assert rq.function_code < 0x80     #nosec test that we are not an error
+        assert rr.function_code < 0x80     #nosec test that we are not an error
 
         # If the returned output quantity is not a multiple of eight,
         # the remaining bits in the final data byte will be padded with zeros
         # (toward the high order end of the byte).
 
         resp = [True] * 21
         resp.extend([False] * 3)
-        assert rr.bits == resp         # test the expected value
+        assert rr.bits == resp         #nosec test the expected value
 
         log.debug("Write to multiple coils and read back - test 2")
         rq = await client.write_coils(1, [False] * 8, unit=UNIT)
         rr = await client.read_coils(1, 8, unit=UNIT)
-        assert rq.function_code < 0x80     # test that we are not an error
-        assert rr.bits == [False] * 8         # test the expected value
+        assert rq.function_code < 0x80     #nosec test that we are not an error
+        assert rr.bits == [False] * 8         #nosec test the expected value
 
         log.debug("Read discrete inputs")
         rr = await client.read_discrete_inputs(0, 8, unit=UNIT)
-        assert rq.function_code < 0x80     # test that we are not an error
+        assert rq.function_code < 0x80     #nosec test that we are not an error
 
         log.debug("Write to a holding register and read back")
         rq = await client.write_register(1, 10, unit=UNIT)
         rr = await client.read_holding_registers(1, 1, unit=UNIT)
-        assert rq.function_code < 0x80     # test that we are not an error
-        assert rr.registers[0] == 10       # test the expected value
+        assert rq.function_code < 0x80     #nosec test that we are not an error
+        assert rr.registers[0] == 10       #nosec test the expected value
 
         log.debug("Write to multiple holding registers and read back")
         rq = await client.write_registers(1, [10] * 8, unit=UNIT)
         rr = await client.read_holding_registers(1, 8, unit=UNIT)
-        assert rq.function_code < 0x80     # test that we are not an error
-        assert rr.registers == [10] * 8      # test the expected value
+        assert rq.function_code < 0x80     #nosec test that we are not an error
+        assert rr.registers == [10] * 8      #nosec test the expected value
 
         log.debug("Read input registers")
         rr = await client.read_input_registers(1, 8, unit=UNIT)
-        assert rq.function_code < 0x80     # test that we are not an error
+        assert rq.function_code < 0x80     #nosec test that we are not an error
 
         arguments = {
             'read_address': 1,
@@ -112,9 +112,9 @@ async def start_async_test(client): # pylint: disable=redefined-outer-name
         log.debug("Read write registers simultaneously")
         rq = await client.readwrite_registers(unit=UNIT, **arguments)
         rr = await client.read_holding_registers(1, 8, unit=UNIT)
-        assert rq.function_code < 0x80     # test that we are not an error
-        assert rq.registers == [20] * 8      # test the expected value
-        assert rr.registers == [20] * 8      # test the expected value
+        assert rq.function_code < 0x80     #nosec test that we are not an error
+        assert rq.registers == [20] * 8      #nosec test the expected value
+        assert rr.registers == [20] * 8      #nosec test the expected value
     except Exception as exc: # pylint: disable=broad-except
         log.exception(exc)
         client.transport.close()
@@ -128,7 +128,7 @@ async def start_async_test(client): # pylint: disable=redefined-outer-name
     # ----------------------------------------------------------------------- #
     # socat -d -d PTY,link=/tmp/ptyp0,raw,echo=0,ispeed=9600 PTY,
     # link=/tmp/ttyp0,raw,echo=0,ospeed=9600
-    loop, client = ModbusClient(schedulers.ASYNC_IO, port='/tmp/ttyp0', # pylint: disable=unpacking-non-sequence
+    loop, client = ModbusClient(schedulers.ASYNC_IO, port='/tmp/ttyp0', #nosec pylint: disable=unpacking-non-sequence
                                 baudrate=9600, method="rtu")
     loop.run_until_complete(start_async_test(client.protocol))
     loop.close()

examples/common/async_tornado_client.py

@@ -34,7 +34,7 @@ def dassert(future, callback): # pylint: disable=redefined-outer-name
 
     def _assertor(value):
         # by pass assertion, an error here stops the write callbacks
-        assert value
+        assert value #nosec
 
     def on_done(f):
         if (exc := f.exception()):

examples/common/async_tornado_client_serial.py

@@ -41,7 +41,7 @@ def dassert(future, callback): # pylint: disable=redefined-outer-name
 
     def _assertor(value):
         # by pass assertion, an error here stops the write callbacks
-        assert value
+        assert value #nosec
 
     def on_done(f):
         if (exc := f.exception()):
@@ -161,7 +161,7 @@ def callback(protocol, future): # pylint: disable=redefined-outer-name
     # Rtu
     protocol, future = AsyncModbusSerialClient(schedulers.IO_LOOP, # pylint: disable=unpacking-non-sequence
                                                method="rtu",
-                                               port="/tmp/ptyp0",
+                                               port="/tmp/ptyp0", #nosec
                                                baudrate=9600,
                                                timeout=2)
 

examples/common/async_twisted_client.py

@@ -39,7 +39,7 @@ def err(*args, **kwargs):
 def dassert(deferred, callback): # pylint: disable=redefined-outer-name
     """ Dassert. """
     def _assertor(value):
-        assert value
+        assert value #nosec
     deferred.addCallback(lambda r: _assertor(callback(r)))
     deferred.addErrback(err)
 

examples/common/async_twisted_client_serial.py

@@ -19,7 +19,7 @@
 # state a few constants
 # ---------------------------------------------------------------------------#
 
-SERIAL_PORT = "/tmp/ptyp0"
+SERIAL_PORT = "/tmp/ptyp0" #nosec
 STATUS_REGS = (1, 2)
 STATUS_COILS = (1, 3)
 CLIENT_DELAY = 1

examples/common/asyncio_server.py

@@ -116,7 +116,7 @@ async def run_server():
     #                      defer_start=False)
 
     # 	deferred start:
-    server = await StartTcpServer(context, identity=identity, address=("0.0.0.0", 5020),
+    server = await StartTcpServer(context, identity=identity, address=("0.0.0.0", 5020), #nosec
                                   allow_reuse_address=True, defer_start=True)
 
     asyncio.get_event_loop().call_later(20, lambda: server.serve_forever)

examples/common/changing_framers.py

@@ -42,8 +42,8 @@
     # ----------------------------------------------------------------------- #
     rq = client.write_coil(1, True)
     rr = client.read_coils(1, 1)
-    assert not rq.isError()    # test that we are not an error
-    assert rr.bits[0]          # test the expected value
+    assert not rq.isError()    #nosec test that we are not an error
+    assert rr.bits[0]          #nosec test the expected value
 
     # ----------------------------------------------------------------------- #
     # close the client

examples/common/dbstore_update_server.py

@@ -56,8 +56,8 @@ def updating_writer(parm1):
 
     # import pdb; pdb.set_trace()
 
-    rand_value = random.randint(0, 9999) #NOSONAR
-    rand_addr = random.randint(0, 65000) #NOSONAR
+    rand_value = random.randint(0, 9999) #NOSONAR #nosec
+    rand_addr = random.randint(0, 65000) #NOSONAR #nosec
     txt = f"Writing to datastore: {rand_addr}, {rand_value}"
     log.debug(txt)
     # import pdb; pdb.set_trace()

examples/common/modbus_payload.py

@@ -163,11 +163,11 @@ def run_binary_payload_ex():
                                                      byteorder=byte_endian,
                                                      wordorder=word_endian)
 
-        assert decoder._byteorder == builder._byteorder, \
-                "Make sure byteorder is consistent between BinaryPayloadBuilder and BinaryPayloadDecoder" # pylint: disable=protected-access
+        assert decoder._byteorder == (builder._byteorder, #nosec pylint: disable=protected-access
+                "Make sure byteorder is consistent between BinaryPayloadBuilder and BinaryPayloadDecoder")
 
-        assert decoder._wordorder == builder._wordorder, \
-                "Make sure wordorder is consistent between BinaryPayloadBuilder and BinaryPayloadDecoder"  # pylint: disable=protected-access
+        assert decoder._wordorder == (builder._wordorder, #nosec pylint: disable=protected-access
+                "Make sure wordorder is consistent between BinaryPayloadBuilder and BinaryPayloadDecoder")
 
         decoded = OrderedDict([
             ('string', decoder.decode_string(len(my_string))),