Catch general exception on per-file basis

This modifies the Bandit manager to catch a general Exception on a per-file basis. When an exception does occur, the name of the file is emitted and the file is logged as a 'skipped file' for inclusion in the end-of-run output. When run in debug mode, a traceback will also be printed. The change also adds a new test targeting this case, along with a new example file (nonsense2.py is gzipped nonsense.py) to trigger the test. Change-Id: I86e648890dddcc5c2fff7dd9844678e990b0cd63 Closes-Bug: #1498258
2016-04-11 11:26:58 -07:00 · 2016-04-11 11:26:58 -07:00 · b6c8b9f01b
parent e93032f1dc
commit b6c8b9f01b
3 changed files with 34 additions and 4 deletions
--- a/bandit/core/manager.py
+++ b/bandit/core/manager.py
@ -20,6 +20,7 @@ import json
 import logging
 import os
 import sys
+import traceback

 from bandit.core import constants as b_constants
 from bandit.core import extension_loader
@ -240,13 +241,31 @@ class BanditManager():
                        self.metrics.count_issues([score, ])
                    except KeyboardInterrupt as e:
                        sys.exit(2)
+                    except SyntaxError as e:
+                        self.skipped.append((
+                            fname,
+                            "syntax error while parsing AST from file"
+                        ))
+                        new_files_list.remove(fname)
+                    except Exception as e:
+                        logger.error(
+                            "Exception occurred when executing tests against "
+                            "{0}. Run \"bandit --debug {0}\" to see the full "
+                            "traceback.".format(fname)
+                        )
+                        self.skipped.append(
+                            (fname, 'exception while scanning file')
+                        )
+                        new_files_list.remove(fname)
+                        logger.debug("  Exception string: %s", e)
+                        logger.debug(
+                            "  Exception traceback: %s",
+                            traceback.format_exc()
+                        )
+                        continue
            except IOError as e:
                self.skipped.append((fname, e.strerror))
                new_files_list.remove(fname)
-            except SyntaxError as e:
-                self.skipped.append(
-                    (fname, "syntax error while parsing AST from file"))
-                new_files_list.remove(fname)

        if len(self.files_list) > self.progress:
            sys.stderr.write("]\n")
--- a/examples/nonsense2.py
+++ b/examples/nonsense2.py
--- a/tests/functional/test_runtime.py
+++ b/tests/functional/test_runtime.py
@ -99,6 +99,17 @@ class RuntimeTests(testtools.TestCase):
        self.assertIn("Files skipped (1):", output)
        self.assertIn("nonsense.py (syntax error while parsing AST", output)

+    def test_example_nonsense2(self):
+        (retcode, output) = self._test_example(
+            ['bandit', ], ['nonsense2.py', ]
+        )
+        self.assertEqual(0, retcode)
+        self.assertIn(
+            "Exception occurred when executing tests against", output
+        )
+        self.assertIn("Files skipped (1):", output)
+        self.assertIn("nonsense2.py (exception while scanning file)", output)
+
    def test_example_imports(self):
        (retcode, output) = self._test_example(['bandit', ], ['imports.py', ])
        self.assertEqual(1, retcode)