Issues - pygae/galgebra

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
Open

        assert not isinstance(A, Mv)

Found in galgebra/mv.py by bandit

Exclude checks
- Disable engine
- Disable check

subprocess call - check for execution of untrusted input.
Open

            subprocess.call(['pdfcrop', pdf_filename])

Found in galgebra/gprinter.py by bandit

Exclude checks
- Disable engine
- Disable check

subprocess call - check for execution of untrusted input.
Open

            subprocess.call(['mv', rootfilename+'-crop.pdf', pdf_filename])

Found in galgebra/gprinter.py by bandit

Exclude checks
- Disable engine
- Disable check

Starting a process with a shell, possible injection detected, security issue.
Open

            os.system(pdfprog + ' ' + filename[:-4])

Found in galgebra/printer.py by bandit

Exclude checks
- Disable engine
- Disable check

subprocess call - check for execution of untrusted input.
Open

                subprocess.call([sys_cmd['rm'], rootfilename+'.aux ', rootfilename+'.log ', rootfilename+'.tex'])

Found in galgebra/gprinter.py by bandit

Exclude checks
- Disable engine
- Disable check

subprocess call - check for execution of untrusted input.
Open

            subprocess.call(['Pdf2Png', rootfilename])

Found in galgebra/gprinter.py by bandit

Exclude checks
- Disable engine
- Disable check

Use of possibly insecure function - consider using safer ast.literal_eval.
Open

    return eval(seval, _eval_global_dict)

Found in galgebra/printer.py by bandit

Exclude checks
- Disable engine
- Disable check

subprocess call - check for execution of untrusted input.
Open

            subprocess.call(['rm', pdf_filename])

Found in galgebra/gprinter.py by bandit

Exclude checks
- Disable engine
- Disable check

Starting a process with a shell, possible injection detected, security issue.
Open

            os.system(sys_cmd['rm'] + ' ' + filename[:-4] + '.aux ' + filename[:-4] + '.log ' + filename[:-4] + '.tex')

Found in galgebra/printer.py by bandit

Exclude checks
- Disable engine
- Disable check

subprocess call - check for execution of untrusted input.
Open

                subprocess.call([pdfprog, tex_filename, sys_cmd['null']])

Found in galgebra/gprinter.py by bandit

Exclude checks
- Disable engine
- Disable check

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
Open

        assert not isinstance(A, Mv)

Found in galgebra/mv.py by bandit

Exclude checks
- Disable engine
- Disable check

subprocess call - check for execution of untrusted input.
Open

            subprocess.call([sys_cmd['evince'], pdf_filename])

Found in galgebra/gprinter.py by bandit

Exclude checks
- Disable engine
- Disable check

Starting a process with a shell, possible injection detected, security issue.
Open

            os.system('Pdf2Png ' + filename[:-4])

Found in galgebra/printer.py by bandit

Exclude checks
- Disable engine
- Disable check

Use of possibly insecure function - consider using safer ast.literal_eval.
Open

                kwargs[name] = eval(value)

Found in galgebra/ga.py by bandit

Exclude checks
- Disable engine
- Disable check

Consider possible security implications associated with subprocess module.
Open

import subprocess

Found in galgebra/gprinter.py by bandit

Exclude checks
- Disable engine
- Disable check

subprocess call - check for execution of untrusted input.
Open

                subprocess.call([sys_cmd['rm'], rootfilename+'.aux ', rootfilename+'.log'])

Found in galgebra/gprinter.py by bandit

Exclude checks
- Disable engine
- Disable check

Starting a process with a partial executable path
Open

            subprocess.call(['rm', pdf_filename])

Found in galgebra/gprinter.py by bandit

Exclude checks
- Disable engine
- Disable check

Use of possibly insecure function - consider using safer ast.literal_eval.
Open

        simps = eval(set_lst[2])

Found in galgebra/ga.py by bandit

Exclude checks
- Disable engine
- Disable check

The input method in Python 2 will read from standard input, evaluate and run the resulting string as python source code. This is similar, though in many ways worse, then using eval. On Python 2, use raw_input instead, input is safe in Python 3.
Open

        eval(input('!!!!Return to continue!!!!\n'))

Found in galgebra/printer.py by bandit

Exclude checks
- Disable engine
- Disable check

Starting a process with a shell, possible injection detected, security issue.
Open

            os.system('pdfcrop ' + filename[:-4] + '.pdf')

Found in galgebra/printer.py by bandit

Exclude checks
- Disable engine
- Disable check

pygae/galgebra

Showing 899 of 899 total issues

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
Open

subprocess call - check for execution of untrusted input.
Open

subprocess call - check for execution of untrusted input.
Open

Starting a process with a shell, possible injection detected, security issue.
Open

subprocess call - check for execution of untrusted input.
Open

subprocess call - check for execution of untrusted input.
Open

Use of possibly insecure function - consider using safer ast.literal_eval.
Open

subprocess call - check for execution of untrusted input.
Open

Starting a process with a shell, possible injection detected, security issue.
Open

subprocess call - check for execution of untrusted input.
Open

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
Open

subprocess call - check for execution of untrusted input.
Open

Starting a process with a shell, possible injection detected, security issue.
Open

Use of possibly insecure function - consider using safer ast.literal_eval.
Open

Consider possible security implications associated with subprocess module.
Open

subprocess call - check for execution of untrusted input.
Open

Starting a process with a partial executable path
Open

Use of possibly insecure function - consider using safer ast.literal_eval.
Open

The input method in Python 2 will read from standard input, evaluate and run the resulting string as python source code. This is similar, though in many ways worse, then using eval. On Python 2, use raw_input instead, input is safe in Python 3.
Open

Starting a process with a shell, possible injection detected, security issue.
Open

Severity

Category

Status

Source

Language

pygae/galgebra

Showing 899 of 899 total issues

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. Open

subprocess call - check for execution of untrusted input. Open

subprocess call - check for execution of untrusted input. Open

Starting a process with a shell, possible injection detected, security issue. Open

subprocess call - check for execution of untrusted input. Open

subprocess call - check for execution of untrusted input. Open

Use of possibly insecure function - consider using safer ast.literal_eval. Open

subprocess call - check for execution of untrusted input. Open

Starting a process with a shell, possible injection detected, security issue. Open

subprocess call - check for execution of untrusted input. Open

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code. Open

subprocess call - check for execution of untrusted input. Open

Starting a process with a shell, possible injection detected, security issue. Open

Use of possibly insecure function - consider using safer ast.literal_eval. Open

Consider possible security implications associated with subprocess module. Open

subprocess call - check for execution of untrusted input. Open

Starting a process with a partial executable path Open

Use of possibly insecure function - consider using safer ast.literal_eval. Open

The input method in Python 2 will read from standard input, evaluate and run the resulting string as python source code. This is similar, though in many ways worse, then using eval. On Python 2, use raw_input instead, input is safe in Python 3. Open

Starting a process with a shell, possible injection detected, security issue. Open

Severity

Category

Status

Source

Language

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
Open

subprocess call - check for execution of untrusted input.
Open

subprocess call - check for execution of untrusted input.
Open

Starting a process with a shell, possible injection detected, security issue.
Open

subprocess call - check for execution of untrusted input.
Open

subprocess call - check for execution of untrusted input.
Open

Use of possibly insecure function - consider using safer ast.literal_eval.
Open

subprocess call - check for execution of untrusted input.
Open

Starting a process with a shell, possible injection detected, security issue.
Open

subprocess call - check for execution of untrusted input.
Open

Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
Open

subprocess call - check for execution of untrusted input.
Open

Starting a process with a shell, possible injection detected, security issue.
Open

Use of possibly insecure function - consider using safer ast.literal_eval.
Open

Consider possible security implications associated with subprocess module.
Open

subprocess call - check for execution of untrusted input.
Open

Starting a process with a partial executable path
Open

Use of possibly insecure function - consider using safer ast.literal_eval.
Open

The input method in Python 2 will read from standard input, evaluate and run the resulting string as python source code. This is similar, though in many ways worse, then using eval. On Python 2, use raw_input instead, input is safe in Python 3.
Open

Starting a process with a shell, possible injection detected, security issue.
Open