Asserting a tuple¶

ID: py/asserts-tuple
Kind: problem
Security severity: 
Severity: error
Precision: very-high
Tags:
   - quality
   - reliability
   - correctness
   - external/cwe/cwe-670
Query suites:
   - python-security-and-quality.qls

Click to see the query in the CodeQL repository

When you define an assert statement to test a tuple the test will either always succeed (if the tuple is non-empty) or always fail (if the tuple is empty).

This error usually occurs when the programmer writes assert (condition, message) instead of the correct formassert condition, message

Recommendation¶

Review the code and determine the purpose of the assert statement:

If the “tuple” has been created in error, then remove the parentheses and correct the statement
If validation of a tuple is intended, then you should define an assert statement for each element of the tuple.

Example¶

The statement assert (xxx, yyy) attempts to test a “tuple” (xxx, yyy). The original intention may be any of the alternatives listed below:

assert xxx and yyy   # Alternative 1a. Check both expressions are true

assert xxx, yyy      # Alternative 1b. Check 'xxx' is true, 'yyy' is the failure message.

tuple = (xxx, yyy)   # Alternative 2. Check both elements of the tuple match expectations.
assert tuple[0]==xxx
assert tuple[1]==yyy

If you want to define a validity check on the values of a tuple then these must be tested individually.

References¶

Python Language Reference: The assert statement.
Tutorials Point: Assertions in Python.
Common Weakness Enumeration: CWE-670.

© GitHub, Inc.
Terms
Privacy

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Asserting a tuple¶

Recommendation¶

Example¶

References¶

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.