Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

RecursionError: maximum recursion depth exceeded while calling a Python object #196

Open
maage opened this issue Mar 23, 2019 · 3 comments
Open

RecursionError: maximum recursion depth exceeded while calling a Python object #196

maage opened this issue Mar 23, 2019 · 3 comments

Comments

@maage
Copy link

maage commented Mar 23, 2019
edited
Loading

python-taint==0.42
python 3.7

File a/sys.py

from sys import path
print(path)
% python3 ./a/sys.py
['/home/user/a', '/usr/lib64/python37.zip', '/usr/lib64/python3.7', '/usr/lib64/python3.7/lib-dynload', '/usr/lib64/python3.7/site-packages', '/usr/lib/python3.7/site-packages']
% ./.tox/pyt/bin/pyt -v -v -v -v a/sys.py
[DEBUG] pyt.__main__: Discovered file: a/a.py
[INFO] pyt.__main__: Processing a/a.py
Traceback (most recent call last):
  File "./.tox/pyt/bin/pyt", line 10, in <module>
    sys.exit(main())
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/__main__.py", line 106, in main
    allow_local_directory_imports=args.allow_local_imports
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/make_cfg.py", line 42, in make_cfg
    allow_local_directory_imports
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/expr_visitor.py", line 69, in __init__
    self.init_cfg(node)
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/expr_visitor.py", line 76, in init_cfg
    module_statements = self.visit(node)
  File "/usr/lib64/python3.7/ast.py", line 262, in visit
    return visitor(node)
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 67, in visit_Module
    return self.stmt_star_handler(node.body)
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 88, in stmt_star_handler
    node = self.visit(stmt)
  File "/usr/lib64/python3.7/ast.py", line 262, in visit
    return visitor(node)
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 1057, in visit_ImportFrom
    from_from=True
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 807, in add_module
    self.visit(tree)
  File "/usr/lib64/python3.7/ast.py", line 262, in visit
    return visitor(node)
...
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 67, in visit_Module
    return self.stmt_star_handler(node.body)
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 88, in stmt_star_handler
    node = self.visit(stmt)
  File "/usr/lib64/python3.7/ast.py", line 262, in visit
    return visitor(node)
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 1057, in visit_ImportFrom
    from_from=True
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/cfg/stmt_visitor.py", line 802, in add_module
    self.local_modules = get_directory_modules(module_path) if self._allow_local_modules else []
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/core/project_handler.py", line 26, in get_directory_modules
    if _is_python_file(path):
  File "/home/user/.tox/pyt/lib/python3.7/site-packages/pyt/core/project_handler.py", line 74, in _is_python_file
    if os.path.splitext(path)[1] == '.py':
  File "/home/user/.tox/pyt/lib64/python3.7/posixpath.py", line 129, in splitext
    return genericpath._splitext(p, sep, None, extsep)
  File "/home/user/.tox/pyt/lib64/python3.7/genericpath.py", line 124, in _splitext
    sepIndex = p.rfind(sep)
RecursionError: maximum recursion depth exceeded while calling a Python object
@najamansari
Copy link

najamansari commented Oct 30, 2019
edited
Loading

Hi,

I'm running into this same issue while running pyt against our DRF codebase. I cannot share the source since it is proprietary but would be delighted to provide any details I can.

Edit:
I am using python-taint 0.42 and Python 3.6.9

@KevinHock
Copy link
Collaborator

I apologize that I don't have time to work on this project anymore :/

For posterity, I think this is duplicate of #185.

@prabhu
Copy link

prabhu commented Aug 18, 2020

I painstakingly fixed all the recursion errors and errors such as #195 in my clone used for scan.

https://github.com/ShiftLeftSecurity/sast-scan/pull/165/files

Unfortunately, there is a small decrease in the number of findings as a tradeoff for a non-crashing version. The particular PR has other unrelated changes but the changes only to lib/pyt folder should give an idea if someone wants to back-port them to this repo.

Alternatively, I have made numerous other improvements to my pyt clone:

  • pysa based taint config to construct proper error messages based on source and sink
  • Categorized the trigger words for various sources and sinks
  • Brand new sensitive data leak detection logic
  • Tested against top 100 github repos to address defects and performance

While pysa is great new toy, I felt the need for manually creating models for every repo is a showstopper. pyt just works has decent quality and performance.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@prabhu @maage @KevinHock @najamansari