Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

S324 false negative on mixed-case hash algorithm names #16525

Closed
dscorbett opened this issue Mar 5, 2025 · 2 comments
Closed

S324 false negative on mixed-case hash algorithm names #16525

dscorbett opened this issue Mar 5, 2025 · 2 comments
Assignees
@VascoSch92
Labels
bug Something isn't working good first issue Good for newcomers help wanted Contributions especially welcome

Comments

@dscorbett
Copy link

Summary

hashlib.new interprets the algorithm name case-insensitively. hashlib-insecure-hash-function (S324) recognizes lowercase and uppercase names, but not mixed-case names.

$ cat >s324.py <<'# EOF'
import hashlib
print(hashlib.new("Md5").hexdigest())
# EOF

$ python s324.py
d41d8cd98f00b204e9800998ecf8427e

$ ruff check --isolated --select S324 s324.py
All checks passed!

Version

No response
@ntBre ntBre added bug Something isn't working help wanted Contributions especially welcome labels Mar 5, 2025
@MichaReiser MichaReiser added the good first issue Good for newcomers label Mar 6, 2025
@VascoSch92
Copy link
Contributor

If no one is taking this, I can do it. It should be quick! 😉

@VascoSch92 VascoSch92 mentioned this issue Mar 7, 2025
Merged
MichaReiser pushed a commit that referenced this issue Mar 7, 2025
@VascoSch92
[flake8-bandit] Fix mixed-case hash algorithm names (S324) (#16552)
6d6e524 
The PR solves issue #16525
@ntBre
Copy link
Contributor

ntBre commented Mar 7, 2025

I think this was closed by #16552 🎉

@ntBre ntBre closed this as completed Mar 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@VascoSch92 VascoSch92

Labels
bug Something isn't working good first issue Good for newcomers help wanted Contributions especially welcome
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dscorbett @MichaReiser @ntBre @VascoSch92