run black formatter on codebase

Signed-off-by: Aryan Rajoria <[email protected]>

blint/cli.py

@@ -40,7 +40,7 @@ def build_parser():
         stdout_mode=False,
         exports_prefix=[],
         src_dir_boms=[],
-        sbom_mode=False
+        sbom_mode=False,
     )
     parser.add_argument(
         "-i",
@@ -49,7 +49,7 @@ def build_parser():
         action="extend",
         nargs="+",
         help="Source directories, container images or binary files. Defaults "
-             "to current directory.",
+        "to current directory.",
     )
     parser.add_argument(
         "-o",
@@ -131,7 +131,7 @@ def build_parser():
         default=False,
         dest="deep_mode",
         help="Enable deep mode to collect more used symbols and modules "
-             "aggressively. Slow operation.",
+        "aggressively. Slow operation.",
     )
     sbom_parser.add_argument(
         "--stdout",
@@ -155,7 +155,7 @@ def build_parser():
         nargs="+",
         help="Directories containing pre-build and build BOMs. Use to improve the precision.",
     )
-    
+
     return parser
 
 
@@ -202,7 +202,7 @@ def handle_args():
         src_dir_boms=args.src_dir_boms,
         src_dir_image=args.src_dir_image,
         stdout_mode=args.stdout_mode,
-        use_blintdb=args.use_blintdb
+        use_blintdb=args.use_blintdb,
     )
     return blint_options
 

blint/config.py

@@ -63,7 +63,7 @@
     ".nib",
     ".nupkg",
     ".pak",
-    ".xml"
+    ".xml",
 ]
 strings_allowlist = {
     "()",
@@ -1173,9 +1173,7 @@
     "aws": [
         re.compile(r"(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}"),
         re.compile(r"""(?i)aws(.{0,20})?['"][0-9a-zA-Z/+]{40}['"]"""),
-        re.compile(
-            r"""amzn.mws.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"""
-        ),
+        re.compile(r"""amzn.mws.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"""),
         re.compile(r"da2-[a-z0-9]{26}"),
         re.compile(r"s3.amazonaws.com"),
         re.compile(r"ec2-[0-9a-z.-_]+.compute(-1)?.amazonaws.com"),
@@ -1185,8 +1183,7 @@
         re.compile(r"[0-9a-z.-_]+.s3-website[0-9a-z.-_]+.amazonaws.com"),
         re.compile(r"[0-9a-z]+.execute-api.[0-9a-z.\-_]+.amazonaws.com"),
     ],
-    "github": [
-        re.compile(r"""(?i)github.{0,3}(token|api|key).{0,10}?([0-9a-zA-Z]{35,40})""")],
+    "github": [re.compile(r"""(?i)github.{0,3}(token|api|key).{0,10}?([0-9a-zA-Z]{35,40})""")],
     "slack": [re.compile(r"""xox[baprs]-([0-9a-zA-Z]{10,48})?""")],
     "EC": [re.compile(r"""-----BEGIN EC PRIVATE KEY-----""")],
     "DSA": [re.compile(r"""-----BEGIN DSA PRIVATE KEY-----""")],
@@ -1223,9 +1220,7 @@
     "url": [
         re.compile(r"""(http(s)?|s3)://"""),
         re.compile(r"""[a-zA-Z]{3,10}://[^/\s:@]{3,20}:[^/\s:@]{3,20}@.{1,100}["'\s]"""),
-        re.compile(
-            r"(ftp|jdbc:mysql)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]"
-        ),
+        re.compile(r"(ftp|jdbc:mysql)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]"),
     ],
     "authorization": [
         re.compile(r"(authorization)\s*:\s*(bearer|token|basic)\s+[0-9a-z.\-_]{6,}"),
@@ -1293,6 +1288,7 @@ class BlintOptions:
         use_blintdb (bool): Flag indicating whether or not to utilize blint-db
         blintdb_home (str): User supplied location for where to install and use blintdb
     """
+
     deep_mode: bool = False
     exports_prefix: List = field(default_factory=list)
     fuzzy: bool = False
@@ -1307,7 +1303,7 @@ class BlintOptions:
     stdout_mode: bool = False
     use_blintdb: bool = False
     blintdb_home: str = None
-    
+
     def __post_init__(self):
         if not self.src_dir_image and not (self.sbom_mode and self.src_dir_boms):
             self.sources = [os.getcwd()]
@@ -1324,7 +1320,7 @@ def __post_init__(self):
                 self.sbom_output = os.path.join(self.sbom_output, "bom-post-build.cdx.json")
             else:
                 self.sbom_output_dir = os.path.dirname(self.sbom_output)
-        
+
 
 # PII related symbols
 PII_WORDS = (
@@ -1352,7 +1348,7 @@ def __post_init__(self):
     "Calendar",
     "AgentStatus",
     "LastLoginTime",
-    "BankAccount"
+    "BankAccount",
 )
 
 # Some symbols to look for in a first-stage payload
@@ -1394,5 +1390,5 @@ def __post_init__(self):
     "loaderx86.dll",
     "ZwProtectVirtualMemory",
     "shlwapi.dll",
-    "DeleteCriticalSection"
+    "DeleteCriticalSection",
 )

blint/db.py

@@ -131,8 +131,9 @@ def get_bname(bid):
 #     LOG.debug(f"Output for binary_detected: {binary_detected}")
 #     return binary_detected
 
+
 def detect_binaries_utilized(sybmols_list) -> set:
-    """ Simple Voting algorithm
+    """Simple Voting algorithm
     for a given symbols. e.g. XRenderAddGlyphs
     we count the number of binaries associated to this function
     e.g. which is one in this example XRenderAddGlyphs
@@ -151,9 +152,9 @@ def detect_binaries_utilized(sybmols_list) -> set:
     # for eid in eid_list:
     with concurrent.futures.ProcessPoolExecutor() as executor:
         futures_bin_detected = {
-            executor.submit(return_batch_binaries_detected, it_eid_list): it_eid_list 
+            executor.submit(return_batch_binaries_detected, it_eid_list): it_eid_list
             for it_eid_list in eid_2d_list
-            }
+        }
         for future in concurrent.futures.as_completed(futures_bin_detected):
             single_binaries_detected_dict = future.result()
             for fname, score in single_binaries_detected_dict.items():
@@ -167,6 +168,7 @@ def detect_binaries_utilized(sybmols_list) -> set:
     LOG.debug(f"Output for binary_detected: {len(binary_detected)}")
     return binary_detected
 
+
 def return_binaries_detected(eid):
     """
     Current scoring algorithm. Unbatched
@@ -188,7 +190,7 @@ def return_binaries_detected(eid):
 
 # Non batching
 def detect_binaries_utilized_unbatched(sybmols_list) -> set:
-    """ Simple Voting algorithm
+    """Simple Voting algorithm
     for a given symbols. e.g. XRenderAddGlyphs
     we count the number of binaries associated to this function
     e.g. which is one in this example XRenderAddGlyphs

blint/lib/analysis.py

@@ -33,7 +33,7 @@
     create_findings_table,
     is_fuzzable_name,
     print_findings_table,
-    export_metadata
+    export_metadata,
 )
 
 try:
@@ -342,12 +342,18 @@ def report(blint_options, exe_files, findings, reviews, fuzzables):
     }
     if findings:
         print_findings_table(findings, exe_files)
-        export_metadata(blint_options.reports_dir, {**common_metadata, "findings": findings}, "Findings")
+        export_metadata(
+            blint_options.reports_dir, {**common_metadata, "findings": findings}, "Findings"
+        )
     if reviews:
         print_reviews_table(reviews, exe_files)
-        export_metadata(blint_options.reports_dir, {**common_metadata, "reviews": reviews}, "Reviews")
+        export_metadata(
+            blint_options.reports_dir, {**common_metadata, "reviews": reviews}, "Reviews"
+        )
     if fuzzables:
-        export_metadata(blint_options.reports_dir, {**common_metadata, "fuzzables": fuzzables}, "Fuzzables")
+        export_metadata(
+            blint_options.reports_dir, {**common_metadata, "fuzzables": fuzzables}, "Fuzzables"
+        )
     else:
         LOG.debug("No suggestion available for fuzzing")
     # Try console output as html

blint/lib/android.py

@@ -22,7 +22,11 @@
 
 ANDROID_HOME = os.getenv("ANDROID_HOME")
 APKANALYZER_CMD = os.getenv("APKANALYZER_CMD")
-if not APKANALYZER_CMD and ANDROID_HOME and os.path.exists(os.path.join(ANDROID_HOME, "cmdline-tools", "latest", "bin", "apkanalyzer")):
+if (
+    not APKANALYZER_CMD
+    and ANDROID_HOME
+    and os.path.exists(os.path.join(ANDROID_HOME, "cmdline-tools", "latest", "bin", "apkanalyzer"))
+):
     APKANALYZER_CMD = os.path.join(ANDROID_HOME, "cmdline-tools", "latest", "bin", "apkanalyzer")
 elif check_command("apkanalyzer"):
     APKANALYZER_CMD = "apkanalyzer"

blint/lib/binary.py

@@ -1340,7 +1340,11 @@ def add_rdata_symbols(metadata, rdata_section, text_section, sections):
             else ""
         )
         for block in str_content.split(" "):
-            if "runtime." in block or "internal/" in block or re.match(file_extns_from_rdata, block):
+            if (
+                "runtime." in block
+                or "internal/" in block
+                or re.match(file_extns_from_rdata, block)
+            ):
                 if ".go" in block:
                     metadata["exe_type"] = "gobinary"
                 for asym in block.split("\x00"):

blint/lib/runners.py

@@ -8,10 +8,14 @@
 from blint.lib.analysis import (
     EVIDENCE_LIMIT,
     report,
-    review_entries_dict, review_exe_dict,
-    review_imports_dict, review_methods_dict,
-    review_rules_cache, review_symbols_dict, run_checks,
-    run_prefuzz
+    review_entries_dict,
+    review_exe_dict,
+    review_imports_dict,
+    review_methods_dict,
+    review_rules_cache,
+    review_symbols_dict,
+    run_checks,
+    run_prefuzz,
 )
 from blint.lib.binary import parse
 from blint.logger import LOG
@@ -38,10 +42,10 @@ def run_default_mode(blint_options):
     analyzer = AnalysisRunner()
     findings, reviews, fuzzables = analyzer.start(blint_options, exe_files)
     report(blint_options, exe_files, findings, reviews, fuzzables)
-    
+
     if os.getenv("CI") and not blint_options.no_error:
         for f in findings:
-            if f['severity'] == 'critical':
+            if f["severity"] == "critical":
                 sys.exit(1)
 
 
@@ -102,7 +106,9 @@ def _process_files(self, f, blint_options):
         metadata = parse(f)
         exe_name = metadata.get("name", "")
         # Store raw metadata
-        export_metadata(blint_options.reports_dir, metadata, f"{os.path.basename(exe_name)}-metadata")
+        export_metadata(
+            blint_options.reports_dir, metadata, f"{os.path.basename(exe_name)}-metadata"
+        )
         self.progress.update(self.task, description=f"Checking [bold]{f}[/bold] against rules")
         if finding := run_checks(f, metadata):
             self.findings += finding