Skip to content

CWE-476 #946

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

CWE-476 #946

wants to merge 1 commit into from

Conversation

BartKaras1128
Copy link
Contributor

No description provided.

@BartKaras1128
CWE-476
1b5c269 
Signed-off-by: Bartlomiej Karas <[email protected]>
s19110
s19110 suggested changes Jul 22, 2025
View reviewed changes
Copy link
Contributor

@s19110 s19110 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left a couple small cosmetic suggestions. The rule looks good. Remember to also add the README link to the table in the main readme of the Secure Coding project.

docs/Secure-Coding-Guide-for-Python/CWE-703/CWE-476/README.md

## Compliant Code Example - Verify that the object is not None before accessing or modifying its fields

The `compliant solution` includes the same implementation as the previous `non-compliant example` but now checks if the string is `None`.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think some backticks are unnecessary here:

Suggested change
The `compliant solution` includes the same implementation as the previous `non-compliant example` but now checks if the string is `None`.
The `compliant solution` includes the same implementation as the previous non-compliant example but now checks if the string is `None`.
Suggested change
The `compliant solution` includes the same implementation as the previous `non-compliant example` but now checks if the string is `None`.
The compliant solution includes the same implementation as the previous `non-compliant example` but now checks if the string is `None`.

docs/Secure-Coding-Guide-for-Python/CWE-703/CWE-476/README.md

```

The code example attempts to directly calling `len()` on a non-array value, but rather on `None`, which will raise a `TypeError`. Such unchecked dereferencing of a `None` value could result in an application crash or denial of service, impacting system availability.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This sentence sounds a bit odd. How about something like that?

Suggested change
The code example attempts to directly calling `len()` on a non-array value, but rather on `None`, which will raise a `TypeError`. Such unchecked dereferencing of a `None` value could result in an application crash or denial of service, impacting system availability.
The code example attempts to directly call `len()` on a non-array value, in this case on `None`, which will raise a `TypeError`. Such unchecked dereferencing of a `None` value could result in an application crash or denial of service, impacting system availability.

@andrew-costello
Copy link
Contributor

The rule looks good to me, I agree with @s19110 's rewording suggestion, I was going to put it in myself. When it is reworded, I will review again and give +1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@s19110 s19110 s19110 requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@BartKaras1128 @andrew-costello @s19110