Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Reports that contain unicode will cause Bandit to crash

See original GitHub issue

Describe the bug If bandit output contains unicode characters, and the user attempts to create a report file, then Bandit will crash.

To Reproduce Steps to reproduce the behavior:

Create the following python file, test.py:

secret = u'Don\'t👏hard👏code👏secrets'

Run a Bandit scan on the file:

bandit -f txt -o report.txt test.py

Observe the resulting crash and traceback:

[main]  INFO    profile include tests: None
[main]  INFO    profile exclude tests: None
[main]  INFO    cli include tests: None
[main]  INFO    cli exclude tests: None
[main]  INFO    running on Python 3.6.5
[node_visitor]  INFO    Unable to find qualified name for module: test.py
Traceback (most recent call last):
  File "c:\users\<username>\appdata\local\programs\python\python36\lib\site-packages\bandit\core\manager.py", line 157, in output_results
    conf_level=conf_level, lines=lines)
  File "c:\users\<username>\appdata\local\programs\python\python36\lib\site-packages\bandit\formatters\text.py", line 161, in report
    wrapped_file.write(utils.convert_file_contents(result))
  File "c:\users\<username>\appdata\local\programs\python\python36\lib\encodings\cp1252.py", line 19, in encode
    return codecs.charmap_encode(input,self.errors,encoding_table)[0]
UnicodeEncodeError: 'charmap' codec can't encode character '\U0001f44f' in position 135: character maps to <undefined>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "c:\users\<username>\appdata\local\programs\python\python36\lib\runpy.py", line 193, in _run_module_as_main
    "__main__", mod_spec)
  File "c:\users\<username>\appdata\local\programs\python\python36\lib\runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "C:\Users\w107566\AppData\Local\Programs\Python\Python36\Scripts\bandit.exe\__main__.py", line 9, in <module>
  File "c:\users\<username>\appdata\local\programs\python\python36\lib\site-packages\bandit\cli\main.py", line 345, in main
    args.output_format)
  File "c:\users\<username>\appdata\local\programs\python\python36\lib\site-packages\bandit\core\manager.py", line 161, in output_results
    "%s" % (output_format, str(e)))
RuntimeError: Unable to output report using 'txt' formatter: 'charmap' codec can't encode character '\U0001f44f' in position 135: character maps to <undefined>

Expected behavior I expect Bandit to successfully create the report, either by handing unicode encodings, or by removing the problematic unicode characters.

Bandit version

bandit 1.4.0

Issue Analytics

State:
Created 5 years ago
Reactions:1
Comments:7 (6 by maintainers)

Top GitHub Comments

1reaction

Brcrwilliamscommented, Aug 11, 2018

Ok so I whipped out the debugger and found out that for some reason, on Windows, the file opened by argparse.FileType is created with cp1252 encoding by default. Manually specifying the encoding as utf-8 fixes this.

debugger