Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RecursionError: maximum recursion depth exceeded while calling a Python object #196

Open
maage opened this issue Mar 23, 2019 · 3 comments
Open

RecursionError: maximum recursion depth exceeded while calling a Python object #196

maage opened this issue Mar 23, 2019 · 3 comments

Comments

@maage
Copy link

maage commented Mar 23, 2019
edited

python-taint==0.42
python 3.7

File a/sys.py

from sys import path
print(path)
% python3 ./a/sys.py
['/home/user/a', '/usr/lib64/python37.zip', '/usr/lib64/python3.7', '/usr/lib64/python3.7/lib-dynload', '/usr/lib64/python3.7/site-packages', '/usr/lib/python3.7/site-packages']
% ./.tox/pyt/bin/pyt -v -v -v -v a/sys.py
[DEBUG] pyt.__main__: Discovered file: a/a.py
[INFO] pyt.__main__: Processing a/a.py
Traceback (most recent call last):
  File "./.tox/pyt/bin/pyt", line 10, in <module>
    sys.exit(main())
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/__main__.py", line 106, in main
    allow_local_directory_imports=args.allow_local_imports
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/make_cfg.py", line 42, in make_cfg
    allow_local_directory_imports
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/expr_visitor.py", line 69, in __init__
    self.init_cfg(node)
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/expr_visitor.py", line 76, in init_cfg
    module_statements = self.visit(node)
  File "/usr/lib64/python3.7/ast.py", line 262, in visit
    return visitor(node)
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 67, in visit_Module
    return self.stmt_star_handler(node.body)
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 88, in stmt_star_handler
    node = self.visit(stmt)
  File "/usr/lib64/python3.7/ast.py", line 262, in visit
    return visitor(node)
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 1057, in visit_ImportFrom
    from_from=True
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 807, in add_module
    self.visit(tree)
  File "/usr/lib64/python3.7/ast.py", line 262, in visit
    return visitor(node)
...
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 67, in visit_Module
    return self.stmt_star_handler(node.body)
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 88, in stmt_star_handler
    node = self.visit(stmt)
  File "/usr/lib64/python3.7/ast.py", line 262, in visit
    return visitor(node)
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 1057, in visit_ImportFrom
    from_from=True
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 802, in add_module
    self.local_modules = get_directory_modules(module_path) if self._allow_local_modules else []
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/core/project_handler.py", line 26, in get_directory_modules
    if _is_python_file(path):
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/core/project_handler.py", line 74, in _is_python_file
    if os.path.splitext(path)[1] == '.py':
  File "/home/user/.tox/pyt/lib64/python3.7/posixpath.py", line 129, in splitext
    return genericpath._splitext(p, sep, None, extsep)
  File "/home/user/.tox/pyt/lib64/python3.7/genericpath.py", line 124, in _splitext
    sepIndex = p.rfind(sep)
RecursionError: maximum recursion depth exceeded while calling a Python object
@najamansari
Copy link

najamansari commented Oct 30, 2019
edited

Hi,

I'm running into this same issue while running pyt against our DRF codebase. I cannot share the source since it is proprietary but would be delighted to provide any details I can.

Edit:
I am using python-taint 0.42 and Python 3.6.9

@KevinHock
Copy link
Collaborator

I apologize that I don't have time to work on this project anymore :/

For posterity, I think this is duplicate of #185.

@prabhu
Copy link

prabhu commented Aug 18, 2020

I painstakingly fixed all the recursion errors and errors such as #195 in my clone used for scan.

https://github.com/ShiftLeftSecurity/sast-scan/pull/165/files

Unfortunately, there is a small decrease in the number of findings as a tradeoff for a non-crashing version. The particular PR has other unrelated changes but the changes only to lib/pyt folder should give an idea if someone wants to back-port them to this repo.

Alternatively, I have made numerous other improvements to my pyt clone:

  • pysa based taint config to construct proper error messages based on source and sink
  • Categorized the trigger words for various sources and sinks
  • Brand new sensitive data leak detection logic
  • Tested against top 100 github repos to address defects and performance

While pysa is great new toy, I felt the need for manually creating models for every repo is a showstopper. pyt just works has decent quality and performance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@prabhu @maage @KevinHock @najamansari