46 lines
1.0 KiB
Plaintext
46 lines
1.0 KiB
Plaintext
== Why is this an issue?
|
|
|
|
Attributes of ``++None++`` values should never be accessed. Doing so will cause an ``++AttributeError++`` to be thrown. At best, such an exception will cause abrupt program termination. At worse, it could expose debugging information that would be useful to an attacker, or it could allow an attacker to bypass security measures.
|
|
|
|
=== Noncompliant code example
|
|
|
|
[source,python]
|
|
----
|
|
def myfunc(param):
|
|
if param is None:
|
|
print(param.test()) # Noncompliant
|
|
|
|
if param == None:
|
|
print(param.test()) # Noncompliant
|
|
|
|
if param is not None:
|
|
pass
|
|
else:
|
|
print(param.test()) # Noncompliant
|
|
|
|
if param != None:
|
|
pass
|
|
else:
|
|
print(param.test()) # Noncompliant
|
|
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
include::../highlighting.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|