Tag: availability

Spawning a process without main module

Using the spawn or forkserver start method without importing the main module might lead to unexpected behavior (for example, it might cause a RuntimeError).

Incorrect use of Process.terminate API

The Process.terminate API might cause data corruption of shared resources.

Socket connection timeout

Not setting the connection timeout parameter can cause a blocking socket connection.

AWS client not reused in a Lambda function

Recreating AWS clients in each Lambda function invocation is expensive.

Leaky subprocess timeout

Failure to end a child process that doesn't terminate before its timeout expires can result in leaked resources.

Risky use of dict get method

Using the get method from the dict class without default values can cause runtime exceptions.

Use of a deprecated method

This code uses deprecated methods, which suggests that it has not been recently reviewed or maintained.

Missing none check on response metadata

Response metadata was not checked to verify that it is not None.

Override of reserved variable names in a Lambda function

Overriding environment variables that are reserved by AWS Lambda might lead to unexpected behavior.

Resource leak

Allocated resources are not released properly.

Improper error handling

Improper error handling can enable attacks and lead to unwanted behavior.

Time zone aware datetimes

Using naive datetime objects might cause time zone related issues.

Deadlocks caused by improper multiprocessing API usage

Improper multiprocessing API usage with wrong parameters might lead to deadlocks.

Error prone sequence modification

Sequence modification while iterating over it might cause unexpected bugs.

Insecure temporary file or directory

Insecure ways of creating temporary files and directories can lead to race conditions, privilege escalation, and other security vulnerabilities.

Socket close platform compatibility

The os.close() does not work on some platforms.

Hardcoded interface binding

Binding to all network interfaces can open a service up to traffic on interfaces that are not properly documented or secured.

Incorrect binding of SNS publish operations

Incorrect binding of SNS publish operations with the subscribe or create_topic operations might lead to latency issues.