Add options to control extension loading in astroid.

author: Torsten Marek <shlomme@gmail.com> 2014-11-22 14:11:27 +0100
committer: Torsten Marek <shlomme@gmail.com> 2014-11-22 14:11:27 +0100
commit: e014222127af3ada8999eb0f9763103e0c9f40d8 (patch)
tree: 1d9f4dfb8b5550e42f1c38f9cc0277a3bf957313
parent: 798948837f5a49ea6f4ee1302c7417ee24790882 (diff)
download: pylint-e014222127af3ada8999eb0f9763103e0c9f40d8.tar.gz
2 files changed, 24 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index d2e9789..f590d1d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,13 @@ ChangeLog for Pylint
 ====================
 
 --
+    * Added new options for controlling the loading of C extensions.
+      By default, only C extensions from the stdlib will be loaded
+      into the active Python interpreter for inspection, because they
+      can run arbitrary code on import. The option 
+      `--extension-pkg-whitelist` can be used to specify modules
+      or packages that are safe to load.
+
     * Change default max-line-length to 100 rather than 80
 
     * Drop BaseRawChecker class which were only there for backward
diff --git a/lint.py b/lint.py
index df25e43..f5d4eaf 100644
--- a/lint.py
+++ b/lint.py
@@ -377,7 +377,21 @@ class PyLinter(OptionsManagerMixIn, MessagesHandlerMixIn, ReportsHandlerMixIn,
                   'short': 'j',
                   'default': 1,
                   'help' : '''Use multiple processes to speed up Pylint.''',
-                 }), # jobs
+                 }),
+
+                ('unsafe-load-any-extension',
+                 {'type': 'yn', 'metavar': '<yn>', 'default': False, 'hide': True,
+                  'help': ('Allow loading of arbitrary C extensions. Extensions'
+                           ' are imported into the active Python interpreter and'
+                           ' may run arbitrary code.')}),
+
+                ('extension-pkg-whitelist',
+                  {'type': 'csv', 'metavar': '<pkg[,pkg]>', 'default': [],
+                   'help': ('A comma-separated list of package or module names'
+                            ' from where C extensions may be loaded. Extensions are'
+                            ' loading into the active Python interpreter and may run'
+                            ' arbitrary code')}
+                  ),
                )
 
     option_groups = (
@@ -894,6 +908,8 @@ class PyLinter(OptionsManagerMixIn, MessagesHandlerMixIn, ReportsHandlerMixIn,
         self.stats = {'by_module' : {},
                       'by_msg' : {},
                      }
+        MANAGER.always_load_extensions = self.config.unsafe_load_any_extension
+        MANAGER.extension_package_whitelist.update(self.config.extension_pkg_whitelist)
         for msg_cat in six.itervalues(MSG_TYPES):
             self.stats[msg_cat] = 0
author	Torsten Marek <shlomme@gmail.com>	2014-11-22 14:11:27 +0100
committer	Torsten Marek <shlomme@gmail.com>	2014-11-22 14:11:27 +0100
commit	e014222127af3ada8999eb0f9763103e0c9f40d8 (patch)
tree	1d9f4dfb8b5550e42f1c38f9cc0277a3bf957313
parent	798948837f5a49ea6f4ee1302c7417ee24790882 (diff)
download	pylint-e014222127af3ada8999eb0f9763103e0c9f40d8.tar.gz