Uploaded image for project: 'SonarPython'
  1. SonarPython
  2. SONARPY-825

Rule S2257: Using non-standard cryptographic algorithms is security-sensitive

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.3
    • Component/s: Rules
    • Labels:

      Description

      This rule should detect classes that inherit from django.contrib.auth.hashers.BasePasswordHasher. To avoid false-positives in case someone scans Django itself it should not raise an issue if the implementing class itself it also from the namespace django.contrib.auth.hashers.

      At the moment this is already implemented by RSPEC-4790 but SONARPY-704 will remove it from that rule.

      Code sample: https://github.com/SonarSource/security-expected-issues/tree/master/python/vulnerable-apps/django-vulnerable/djangovulnerable/customhash

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              andrea.guarino Andrea Guarino
              Reporter:
              hendrik.buchwald Hendrik Buchwald
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: