• Home
• org.sonarsource.python
• python-checks
• 1.10.0.2131
• source code
• S1313.html

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.sonar.l10n.py.rules.python.S1313.html Maven / Gradle / Ivy

Hardcoding an IP address into source code is a bad idea for several reasons:

  
 a recompile is required if the address changes 
  
 it forces the same address to be used in every environment (dev, sys, qa, prod) 
  
 it places the responsibility of setting the value to use in production on the shoulders of the developer 
  
 it allows attackers to decompile the code and thereby discover a potentially sensitive address 

Noncompliant Code Example
ip = '127.0.0.1'
sock = socket.socket()
sock.bind((ip, 9090))

Compliant Solution
ip = config.get(section, ipAddress)
sock = socket.socket()
sock.bind((ip, 9090))

See

  
 CERT, MSC03-J. - Never hard code sensitive information