Python Secure Coding
Secure coding practices for Python applications.
SQL Injection Prevention
1# β Vulnerable
2user_input = request.GET['username']
3query = f"SELECT * FROM users WHERE username = '{user_input}'"
4cursor.execute(query)
5
6# β
Secure: Parameterized queries
7user_input = request.GET['username']
8query = "SELECT * FROM users WHERE username = %s"
9cursor.execute(query, (user_input,))
Command Injection Prevention
1# β Vulnerable
2filename = request.GET['file']
3os.system(f'cat {filename}')
4
5# β
Secure: Use subprocess with list
6import subprocess
7filename = request.GET['file']
8if not re.match(r'^[a-zA-Z0-9_.-]+$', filename):
9 raise ValueError("Invalid filename")
10subprocess.run(['cat', filename], check=True)
XSS Prevention
1# β Vulnerable
2from flask import Flask, request
3@app.route('/search')
4def search():
5 query = request.args.get('q')
6 return f'<h1>Results for: {query}</h1>'
7
8# β
Secure: Escape output
9from markupsafe import escape
10@app.route('/search')
11def search():
12 query = request.args.get('q')
13 return f'<h1>Results for: {escape(query)}</h1>'
Secure Password Hashing
1# β Insecure
2import hashlib
3password_hash = hashlib.md5(password.encode()).hexdigest()
4
5# β
Secure: Use bcrypt
6import bcrypt
7password = "user_password"
8salt = bcrypt.gensalt(rounds=12)
9hashed = bcrypt.hashpw(password.encode('utf-8'), salt)
Secure Random Generation
1# β Insecure
2import random
3token = ''.join(random.choices(string.ascii_letters, k=32))
4
5# β
Secure
6import secrets
7token = secrets.token_urlsafe(32)
Related Snippets
- C/C++ Code Smells
Common code smells in C/C++ and how to fix them. Memory Leaks 1// β Bad 2void β¦ - C/C++ Secure Coding
Secure coding practices for C/C++ applications. Buffer Overflow Prevention 1// β β¦ - C/C++ Vulnerability Checks
Tools for checking vulnerabilities in C/C++ code. Valgrind 1# Install 2sudo apt β¦ - Common Antipatterns
Common software antipatterns to avoid across all languages and architectures. β¦ - Common Code Smells
Common code smells to watch for during code reviews with examples and fixes. β¦ - Developer Pre-Submission Checklist
Comprehensive checklist for developers before submitting a pull request. Code β¦ - Go Code Smells
Common code smells in Go and how to fix them. Ignoring Errors 1// β Bad 2result, β¦ - Go Secure Coding
Secure coding practices for Go applications. SQL Injection Prevention 1// β β¦ - Go Vulnerability Checks
Tools for checking vulnerabilities in Go code. Govulncheck 1# Install 2go β¦ - Haskell Code Smells
Common code smells in Haskell and how to fix them. Partial Functions 1-- β Bad: β¦ - Haskell Secure Coding
Secure coding practices for Haskell applications. SQL Injection Prevention 1-- β β¦ - Haskell Vulnerability Checks
Tools for checking vulnerabilities in Haskell code. Cabal Outdated 1# Check β¦ - Python Code Smells
Common code smells in Python and how to fix them. Mutable Default Arguments 1# β β¦ - Python Vulnerability Checks
Tools for checking vulnerabilities in Python code. Safety - Dependency Scanner β¦ - Reviewer Checklist
Comprehensive checklist for code reviewers to ensure thorough and constructive β¦ - Rust Code Smells
Common code smells in Rust and how to fix them. Unwrap/Expect Abuse 1// β Bad β¦ - Rust Secure Coding
Secure coding practices for Rust applications. SQL Injection Prevention 1// β β¦ - Rust Vulnerability Checks
Tools for checking vulnerabilities in Rust code. Cargo Audit 1# Install 2cargo β¦ - TypeScript Code Smells
Common code smells in TypeScript and how to fix them. Using any 1// β Bad β¦ - TypeScript Secure Coding
Secure coding practices for TypeScript applications. XSS Prevention 1// β β¦ - TypeScript Vulnerability Checks
Tools for checking vulnerabilities in TypeScript/JavaScript code. npm audit 1# β¦