Escape strings when formatting check messages (#1493)

2025-08-31 15:48:22 +00:00 · 2022-12-30 22:11:01 -05:00 · 2022-12-30 22:11:01 -05:00 · 1e3cf87f67
commit 1e3cf87f67
parent 248447e139
3 changed files with 46 additions and 8 deletions
--- a/resources/test/fixtures/flake8_bandit/S105.py
+++ b/resources/test/fixtures/flake8_bandit/S105.py
@ -51,3 +51,12 @@ secret == "s3cr3t"
 token == "s3cr3t"
 secrete == "s3cr3t"
 password == safe == "s3cr3t"
+
+if token == "1\n2":
+    pass
+
+if token == "3\t4":
+    pass
+
+if token == "5\r6":
+    pass
--- a/src/checks.rs
+++ b/src/checks.rs
@ -2850,14 +2850,13 @@ impl CheckKind {
            CheckKind::HardcodedBindAllInterfaces => {
                "Possible binding to all interfaces".to_string()
            }
-            CheckKind::HardcodedPasswordString(string) => {
-                format!("Possible hardcoded password: `\"{string}\"`")
-            }
-            CheckKind::HardcodedPasswordFuncArg(string) => {
-                format!("Possible hardcoded password: `\"{string}\"`")
-            }
-            CheckKind::HardcodedPasswordDefault(string) => {
-                format!("Possible hardcoded password: `\"{string}\"`")
+            CheckKind::HardcodedPasswordString(string)
+            | CheckKind::HardcodedPasswordFuncArg(string)
+            | CheckKind::HardcodedPasswordDefault(string) => {
+                format!(
+                    "Possible hardcoded password: `\"{}\"`",
+                    string.escape_debug()
+                )
            }
            // flake8-blind-except
            CheckKind::BlindExcept(name) => format!("Do not catch blind exception: `{name}`"),
--- a/src/flake8_bandit/snapshots/ruff__flake8_bandittestsS105_S105.py.snap
+++ b/src/flake8_bandit/snapshots/ruff__flake8_bandittestsS105_S105.py.snap
@ -342,4 +342,34 @@ expression: checks
    column: 28
  fix: ~
  parent: ~
+- kind:
+    HardcodedPasswordString: "1\n2"
+  location:
+    row: 55
+    column: 12
+  end_location:
+    row: 55
+    column: 18
+  fix: ~
+  parent: ~
+- kind:
+    HardcodedPasswordString: "3\t4"
+  location:
+    row: 58
+    column: 12
+  end_location:
+    row: 58
+    column: 18
+  fix: ~
+  parent: ~
+- kind:
+    HardcodedPasswordString: "5\r6"
+  location:
+    row: 61
+    column: 12
+  end_location:
+    row: 61
+    column: 18
+  fix: ~
+  parent: ~