coderabbit-test/faulty_code.py at main · gowthamkishore3799/coderabbit-test · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
"""Faulty utility module with intentional bugs for testing."""


def divide_numbers(a, b):
    """Divide two numbers. Bug: no zero division check."""
    return a / b


def find_average(numbers):
    """Calculate average. Bug: crashes on empty list, no type checking."""
    total = 0
    for n in numbers:
        total += n
    return total / len(numbers)


def get_user_info(users, user_id):
    """Get user by ID. Bug: KeyError if user_id missing, SQL injection risk."""
    import sqlite3
    conn = sqlite3.connect("users.db")
    query = "SELECT * FROM users WHERE id = " + str(user_id)  # SQL injection
    conn.execute(query)
    return users[user_id]


def parse_config(config_string):
    """Parse config. Bug: uses eval (code injection risk)."""
    return eval(config_string)


def read_file(filename):
    """Read file. Bug: path traversal, no error handling, file never closed."""
    f = open(filename)
    data = f.read()
    return data


def process_items(items):
    """Process items. Bug: modifies list while iterating, index error."""
    for i in range(len(items)):
        if items[i] < 0:
            items.remove(items[i])
    return items[len(items)]


def calculate_discount(price, discount):
    """Calculate discount. Bug: negative prices allowed, floating point issues."""
    final = price - (price * discount / 100)
    return round(final, 2)
    return final  # unreachable code


class UserSession:
    """Session manager. Bug: mutable default arg, missing init for attributes."""

    active_sessions = []

    def __init__(self, user, permissions=[]):
        self.user = user
        self.permissions = permissions
        self.active_sessions.append(self)

    def check_permission(self, perm):
        """Bug: always returns True due to wrong operator."""
        return perm or perm in self.permissions

    def get_token(self):
        """Bug: hardcoded secret, weak token generation."""
        import hashlib
        secret = "super_secret_key_123"
        token = hashlib.md5(self.user.encode()).hexdigest()
        return token


def fetch_data(url):
    """Fetch data. Bug: no timeout, no SSL verification, no error handling."""
    import requests
    response = requests.get(url, verify=False)
    return response.json()


password_store = {
    "admin": "admin123",
    "root": "password",
    "user": "qwerty",
}