CodeAlpha-Tasks/Task-3 scanner.py at main · VikasOffical/CodeAlpha-Tasks · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
import ast
from fpdf import FPDF

class SecurityScanner(ast.NodeVisitor):
    def __init__(self):
        self.issues = []

    def visit_Call(self, node):
        if isinstance(node.func, ast.Name):
            if node.func.id in ["eval", "exec", "compile"]:
                self.issues.append((node.lineno, f"Use of dangerous function: {node.func.id}()"))
        elif isinstance(node.func, ast.Attribute):
            if node.func.attr in ["load", "loads"]:
                if hasattr(node.func.value, 'id') and node.func.value.id == "pickle":
                    self.issues.append((node.lineno, f"Insecure deserialization with: pickle.{node.func.attr}()"))
        self.generic_visit(node)

def scan_code(filepath):
    with open(filepath, "r") as f:
        code = f.read()
    tree = ast.parse(code, filename=filepath)
    scanner = SecurityScanner()
    scanner.visit(tree)
    return scanner.issues, code

def generate_pdf(issues, output_path, filename):
    pdf = FPDF()
    pdf.add_page()
    pdf.set_font("Arial", size=12)
    pdf.cell(200, 10, txt=f"Security Scan Report: {filename}", ln=True, align="L")
    if not issues:
        pdf.cell(200, 10, txt="No security issues found.", ln=True, align="L")
    else:
        for lineno, issue in issues:
            pdf.cell(200, 10, txt=f"Line {lineno}: {issue}", ln=True, align="L")
    pdf.output(output_path)