@@ -83,45 +83,53 @@ def hardcoded_password_string(context):
8383 # looks for "candidate='some_string'"
8484 for targ in node ._bandit_parent .targets :
8585 if isinstance (targ , ast .Name ) and RE_CANDIDATES .search (targ .id ):
86- return _report (node .s )
86+ return _report (node .value )
8787 elif isinstance (targ , ast .Attribute ) and RE_CANDIDATES .search (
8888 targ .attr
8989 ):
90- return _report (node .s )
90+ return _report (node .value )
9191
9292 elif isinstance (
9393 node ._bandit_parent , ast .Subscript
94- ) and RE_CANDIDATES .search (node .s ):
94+ ) and RE_CANDIDATES .search (node .value ):
9595 # Py39+: looks for "dict[candidate]='some_string'"
9696 # subscript -> index -> string
9797 assign = node ._bandit_parent ._bandit_parent
98- if isinstance (assign , ast .Assign ) and isinstance (
99- assign .value , ast .Str
98+ if (
99+ isinstance (assign , ast .Assign )
100+ and isinstance (assign .value , ast .Constant )
101+ and isinstance (assign .value .value , str )
100102 ):
101- return _report (assign .value .s )
103+ return _report (assign .value .value )
102104
103105 elif isinstance (node ._bandit_parent , ast .Index ) and RE_CANDIDATES .search (
104- node .s
106+ node .value
105107 ):
106108 # looks for "dict[candidate]='some_string'"
107109 # assign -> subscript -> index -> string
108110 assign = node ._bandit_parent ._bandit_parent ._bandit_parent
109- if isinstance (assign , ast .Assign ) and isinstance (
110- assign .value , ast .Str
111+ if (
112+ isinstance (assign , ast .Assign )
113+ and isinstance (assign .value , ast .Constant )
114+ and isinstance (assign .value .value , str )
111115 ):
112- return _report (assign .value .s )
116+ return _report (assign .value .value )
113117
114118 elif isinstance (node ._bandit_parent , ast .Compare ):
115119 # looks for "candidate == 'some_string'"
116120 comp = node ._bandit_parent
117121 if isinstance (comp .left , ast .Name ):
118122 if RE_CANDIDATES .search (comp .left .id ):
119- if isinstance (comp .comparators [0 ], ast .Str ):
120- return _report (comp .comparators [0 ].s )
123+ if isinstance (
124+ comp .comparators [0 ], ast .Constant
125+ ) and isinstance (comp .comparators [0 ].value , str ):
126+ return _report (comp .comparators [0 ].value )
121127 elif isinstance (comp .left , ast .Attribute ):
122128 if RE_CANDIDATES .search (comp .left .attr ):
123- if isinstance (comp .comparators [0 ], ast .Str ):
124- return _report (comp .comparators [0 ].s )
129+ if isinstance (
130+ comp .comparators [0 ], ast .Constant
131+ ) and isinstance (comp .comparators [0 ].value , str ):
132+ return _report (comp .comparators [0 ].value )
125133
126134
127135@test .checks ("Call" )
@@ -176,8 +184,12 @@ def hardcoded_password_funcarg(context):
176184 """
177185 # looks for "function(candidate='some_string')"
178186 for kw in context .node .keywords :
179- if isinstance (kw .value , ast .Str ) and RE_CANDIDATES .search (kw .arg ):
180- return _report (kw .value .s )
187+ if (
188+ isinstance (kw .value , ast .Constant )
189+ and isinstance (kw .value .value , str )
190+ and RE_CANDIDATES .search (kw .arg )
191+ ):
192+ return _report (kw .value .value )
181193
182194
183195@test .checks ("FunctionDef" )
@@ -246,9 +258,12 @@ def hardcoded_password_default(context):
246258 if isinstance (key , (ast .Name , ast .arg )):
247259 # Skip if the default value is None
248260 if val is None or (
249- isinstance (val , (ast .Constant , ast .NameConstant ))
250- and val .value is None
261+ isinstance (val , ast .Constant ) and val .value is None
251262 ):
252263 continue
253- if isinstance (val , ast .Str ) and RE_CANDIDATES .search (key .arg ):
254- return _report (val .s )
264+ if (
265+ isinstance (val , ast .Constant )
266+ and isinstance (val .value , str )
267+ and RE_CANDIDATES .search (key .arg )
268+ ):
269+ return _report (val .value )
0 commit comments