Merge remote-tracking branch 'origin/master'

tonybaloney · Feb 3, 2020 · 06ccf4b · 06ccf4b
2 parents 3be4398 + 233a7da
commit 06ccf4b
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 2 deletions.
diff --git a/src/main/java/security/validators/BindAllInterfacesInspection.kt b/src/main/java/security/validators/BindAllInterfacesInspection.kt
@@ -33,6 +33,7 @@ class BindAllInterfacesInspection : PyInspection() {
             if (node == null) return
             val calleeName = node.callee?.name ?: return
             if (calleeName != "bind") return
+            if (node.arguments.isNullOrEmpty()) return
             val firstArg = node.arguments.first() ?: return
 
             // Takes single argument (IP)

diff --git a/src/main/java/security/validators/BuiltinExecInspection.kt b/src/main/java/security/validators/BuiltinExecInspection.kt
@@ -30,7 +30,7 @@ class BuiltinExecInspection : PyInspection() {
             if (!qualifiedName.equals("exec")) return
 
             // First argument as a string literal is ok
-            if (node.arguments.isEmpty()) return
+            if (node.arguments.isNullOrEmpty()) return
             if (node.arguments.first() is PyStringLiteralExpression) return
 
             holder?.registerProblem(node, Checks.BuiltinExecCheck.getDescription())

diff --git a/src/main/java/security/validators/DjangoRawSqlInspection.kt b/src/main/java/security/validators/DjangoRawSqlInspection.kt
@@ -32,6 +32,7 @@ class DjangoRawSqlInspection : PyInspection() {
             if (node.containingFile !is PyFile) return
             if (!hasImportedNamespace(node.containingFile as PyFile, "django")) return
 
+            if (node.arguments.isNullOrEmpty()) return
             val sqlStatement = node.arguments.first() ?: return
             if (sqlStatement !is PyStringLiteralExpression) return
             val param = Regex("%s")

diff --git a/src/main/java/security/validators/SubprocessShellModeInspection.kt b/src/main/java/security/validators/SubprocessShellModeInspection.kt
@@ -32,7 +32,7 @@ class SubprocessShellModeInspection : PyInspection() {
             // Check this is an import from the subprocess module
             if (qualifiedName.startsWith("subprocess.").not()) return
             val calleeName = node.callee?.name ?: return
-            if (node.arguments.isEmpty()) return
+            if (node.arguments.isNullOrEmpty()) return
 
             // Match the method name against one of shellMethodNames
             if (!listOf(*shellMethodNames).contains(calleeName)) return