Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Python > How to detect typos in Python programs

Reply
Thread Tools

How to detect typos in Python programs

 
 
Manish Jethani
Guest
Posts: n/a
 
      07-25-2003
Hi all,

Is there a way to detect typos in a Python program, before
actually having to run it. Let's say I have a function like this:

def server_closed_connection():
session.abost()

Here, abort() is actually misspelt. The only time my program
follows this path is when the server disconnects from its
end--and that's like once in 100 sessions. So sometimes I
release the program, people start using it, and then someone
reports this typo after 4-5 days of the release (though it's
trivial to fix manually at the user's end, or I can give a patch).

How can we detect these kinds of errors at development time?
It's not practical for me to have a test script that can make
the program go through all (most) the possible code paths.

-Manish

--
Manish Jethani (manish.j at gmx.net)
phone (work) +91-80-51073488


 
Reply With Quote
 
 
 
 
Peter Hansen
Guest
Posts: n/a
 
      07-25-2003
Manish Jethani wrote:
>
> Is there a way to detect typos in a Python program, before
> actually having to run it. Let's say I have a function like this:
>
> def server_closed_connection():
> session.abost()
>
> Here, abort() is actually misspelt. The only time my program
> follows this path is when the server disconnects from its
> end--and that's like once in 100 sessions. So sometimes I
> release the program, people start using it, and then someone
> reports this typo after 4-5 days of the release (though it's
> trivial to fix manually at the user's end, or I can give a patch).
>
> How can we detect these kinds of errors at development time?
> It's not practical for me to have a test script that can make
> the program go through all (most) the possible code paths.


You have no good alternative. Why do you say it's impractical
to actually test your software before it's shipped? Isn't it
more impractical to rely on your users to test the software,
thinking it should work?

Unit testing in Python is *really* easy. I can't think of any
reason not to do it as the best way of catching problems like you
show above. If you resist , however, you might find PyChecker
will help. I'm not sure if it can do anything in the above case
yet, however.

-Peter
 
Reply With Quote
 
 
 
 
Alexandre Fayolle
Guest
Posts: n/a
 
      07-25-2003
Manish Jethani a écrit :
> Hi all,
>
> Is there a way to detect typos in a Python program, before
> actually having to run it.


You may want to give a look at pylint (http://www.logilab.org/pylint/)

--
Alexandre Fayolle
LOGILAB, Paris (France).
http://www.logilab.com http://www.logilab.fr http://www.logilab.org
Développement logiciel avancé - Intelligence Artificielle - Formations
 
Reply With Quote
 
aj coon
Guest
Posts: n/a
 
      07-25-2003
Manish Jethani <(E-Mail Removed)> wrote in message news:<ZPaUa.6$(E-Mail Removed)>...
> Hi all,
>
> Is there a way to detect typos in a Python program, before
> actually having to run it. Let's say I have a function like this:
>
> def server_closed_connection():
> session.abost()
>
> Here, abort() is actually misspelt. The only time my program
> follows this path is when the server disconnects from its
> end--and that's like once in 100 sessions. So sometimes I
> release the program, people start using it, and then someone
> reports this typo after 4-5 days of the release (though it's
> trivial to fix manually at the user's end, or I can give a patch).
>
> How can we detect these kinds of errors at development time?
> It's not practical for me to have a test script that can make
> the program go through all (most) the possible code paths.
>
> -Manish



This is one of the things about interpreted languages that I detest-
lack of compile-time errors and warnings. With python, you can
always open an interactive session with the interpreter and 'import
<filename>', but that only catches syntax errors.

For things like unreferenced variables and undefined names (typos, as
you like to nicely put it , theres a program we use for testing our
code:

http://pychecker.sourceforge.net/

Have a look. Admittedly, the information it outputs can be
overwhelming. Take some time to just examine its behaviors and
options. What you'll probably end up doing is customizing its output,
either by modifying the source, or running it through
grep/awk/sed/python afterwards. But, it's definitely a starting
point.


-AJ
 
Reply With Quote
 
Richard
Guest
Posts: n/a
 
      07-25-2003
Manish Jethani <(E-Mail Removed)> wrote in message news:<ZPaUa.6$(E-Mail Removed)>...
> Hi all,
>
> Is there a way to detect typos in a Python program, before
> actually having to run it. Let's say I have a function like this:
>
> def server_closed_connection():
> session.abost()
>
> Here, abort() is actually misspelt. The only time my program
> follows this path is when the server disconnects from its
> end--and that's like once in 100 sessions. So sometimes I
> release the program, people start using it, and then someone
> reports this typo after 4-5 days of the release (though it's
> trivial to fix manually at the user's end, or I can give a patch).
>
> How can we detect these kinds of errors at development time?
> It's not practical for me to have a test script that can make
> the program go through all (most) the possible code paths.
>
> -Manish


Two words! Unit Testing!

Just do a google search on "Python unit testing" and I'm sure you'll
get more information than you ever wanted to know.

Richard
 
Reply With Quote
 
Ed Phillips
Guest
Posts: n/a
 
      07-25-2003
From looking at Modules/socketmodule.c in 2.2.2 and 2.2.3, it appears that
only a tiny bit of support for SSL has been added. Specifically, unless
I'm misunderstanding the operation of the code, there's no way to verify
the certificate presented by a server. The code necessary to cause such
verification is pretty straightforward for simple "verify the server
certificate" purposes so I hacked together some changes to 2.2.2
socketmodule.c to verify the certificates (see below).

So now, I can do something like this:

from socket import *

s = socket(AF_INET, SOCK_STREAM)
a = ('www.mycompany.net', 443)
s.connect(a)
v = ssl(s, '', 'mycacerts.pem')

....and the server certificate is verified according to the CA certs stored
in the file. I'm not sure of the intent of the
SSL_CTX_use_PrivateKey_file() and SSL_CTX_use_certificate_chain_file()
calls in the original socketmodule.c ... they don't seem to do much that
is useful at the Python level AFAICT. I guess if you were going to use
client certs, and your server requested peer authentication, then it would
somehow use private key file (which I guess would contain the client cert
and the client private key?) to initiate a client-auth process, but in the
normal "I just want to verify the server I'm connecting to has the correct
certificate" context, my version seems to be a sufficient starting point.
I also, I don't understand the motivation behind requiring both the
key_file and cert_file parms.

I'm not very good with Python extension modules yet (or OpenSSL for that
matter), so I have a printf() stuck in there just to get a meaningful
error about the verification process. This could probably be changed to
mimic what PySSL_SetError(..) does and return an actual error code and
error string tuple, but that's just icing.

Also, I noticed that at line 2736 of socketmodule.c (original 2.2.2
version; line 2741 in the 2.2.3 version) there is a "return NULL;"
statement missing that may need to be fixed. I don't know what to do with
this info. other than post it to this list... maybe someone reading this
list will run with it...?

Do others beside me find SSL features lacking in Python? Do you use some
other module to provide SSL features rather than the basic socket module?

Thanks,

Ed

Ed Phillips <(E-Mail Removed)> University of Delaware (302) 831-6082
Systems Programmer III, Network and Systems Services
finger -l http://www.velocityreviews.com/forums/(E-Mail Removed) for PGP public key

*** Modules/socketmodule.c_orig Thu Jul 24 12:26:16 2003
--- Modules/socketmodule.c Thu Jul 24 17:08:36 2003
***************
*** 2760,2769 ****
--- 2760,2771 ----
self->ctx = NULL;
self->Socket = NULL;

+ /*
if ((key_file && !cert_file) || (!key_file && cert_file)) {
errstr = "Both the key & certificate files must be
specified";
goto fail;
}
+ */

self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
if (self->ctx == NULL) {
***************
*** 2771,2788 ****
goto fail;
}

! if (key_file) {
if (SSL_CTX_use_PrivateKey_file(self->ctx, key_file,
SSL_FILETYPE_PEM) < 1) {
errstr = "SSL_CTX_use_PrivateKey_file error";
goto fail;
}

if (SSL_CTX_use_certificate_chain_file(self->ctx,
cert_file) < 1) {
errstr = "SSL_CTX_use_certificate_chain_file
error";
goto fail;
}
}

SSL_CTX_set_verify(self->ctx,
--- 2773,2799 ----
goto fail;
}

! if (key_file && *key_file) {
if (SSL_CTX_use_PrivateKey_file(self->ctx, key_file,
SSL_FILETYPE_PEM) < 1) {
errstr = "SSL_CTX_use_PrivateKey_file error";
goto fail;
}
+ }

+ if (cert_file && *cert_file) {
+ if (SSL_CTX_load_verify_locations(self->ctx, cert_file,
NULL)
+ < 1) {
+ errstr = "SSL_CTX_load_verify_locations error";
+ goto fail;
+ }
+ /*
if (SSL_CTX_use_certificate_chain_file(self->ctx,
cert_file) < 1) {
errstr = "SSL_CTX_use_certificate_chain_file
error";
goto fail;
}
+ */
}

SSL_CTX_set_verify(self->ctx,
***************
*** 2805,2810 ****
--- 2816,2828 ----
self->server, X509_NAME_MAXLEN);
X509_NAME_oneline(X509_get_issuer_name(self->server_cert),
self->issuer, X509_NAME_MAXLEN);
+ ret = SSL_get_verify_result(self->ssl);
+ if (ret != X509_V_OK) {
+ /* errstr = "SSL_get_verify_result error"; */
+ printf("SSL_get_verify_result returned %d\n",
ret);
+ PySSL_SetError(self->ssl, ret);
+ goto fail;
+ }
}
self->Socket = Sock;
Py_INCREF(self->Socket);

 
Reply With Quote
 
Skip Montanaro
Guest
Posts: n/a
 
      07-25-2003

Ed> From looking at Modules/socketmodule.c in 2.2.2 and 2.2.3, it
Ed> appears that only a tiny bit of support for SSL has been added.
Ed> Specifically, unless I'm misunderstanding the operation of the code,
Ed> there's no way to verify the certificate presented by a server.

Note that since 2.2.3 is just a bugfix release, you shouldn't expect any
increase in functionality. I'm mildly surprised that you noticed any
functional changes between 2.2.2 and 2.2.3.

I suggest you take 2.3c2 out for a spin and see if it has more of the
features you're after. (2.3final is due out by the end of the month.) In
any case, if you have patches to submit, please use SourceForge and note
that any functional improvements will be targetted at 2.4 at this point.
You can find more about patch submission at the Patch Submission Guidelines
page:

http://www.python.org/patches/

Thx,

Skip

 
Reply With Quote
 
Manish Jethani
Guest
Posts: n/a
 
      07-25-2003
Mel Wilson wrote:

> In article <(E-Mail Removed)>,
> Peter Hansen <(E-Mail Removed)> wrote:
>
>>Manish Jethani wrote:
>>
>>>Is there a way to detect typos in a Python program, before
>>>actually having to run it. Let's say I have a function like this:
>>>
>>> def server_closed_connection():
>>> session.abost()
>>>
>>>Here, abort() is actually misspelt. The only time my program
>>>follows this path is when the server disconnects from its
>>>end--and that's like once in 100 sessions. [ ... ]

>>
>>You have no good alternative. Why do you say it's impractical
>>to actually test your software before it's shipped? Isn't it
>>more impractical to rely on your users to test the software,
>>thinking it should work?

>
>
> The proposed typo catcher would probably catch a typo like
>
> sys.edit (5) # finger didn't get off home row
>
> but it probably would *NOT* catch
>
> sys.exit (56) # wide finger mashed two keys


1) That's in a different class of typos. Such things can't be
auto-detected in any language. It will probably require close
examination by the human who wrote it in the first place, or
someone who has been debugging it.

2) No on calls sys.exit() like that. 5, or 56, is probably a
constant defined somewhere (where such typos are easier to spot).

-Manish

--
Manish Jethani (manish.j at gmx.net)
phone (work) +91-80-51073488

 
Reply With Quote
 
Ed Phillips
Guest
Posts: n/a
 
      07-25-2003
On Fri, 25 Jul 2003, Skip Montanaro wrote:

> Ed> From looking at Modules/socketmodule.c in 2.2.2 and 2.2.3, it
> Ed> appears that only a tiny bit of support for SSL has been added.
> Ed> Specifically, unless I'm misunderstanding the operation of the code,
> Ed> there's no way to verify the certificate presented by a server.
>
> Note that since 2.2.3 is just a bugfix release, you shouldn't expect any
> increase in functionality. I'm mildly surprised that you noticed any
> functional changes between 2.2.2 and 2.2.3.


Sorry, I didn't mean to imply they were different... I just meant that I
looked at them both (not realizing they should be the same except for bug
fixes). By "only a tiny bit of support for SSL has been added", I meant
"... to Python in general as of 2.2.2 and 2.2.3".

> I suggest you take 2.3c2 out for a spin and see if it has more of the
> features you're after. (2.3final is due out by the end of the month.)


Hmmmm... well, I guess I can take a look at socketmodule.c in 2.3c2 and
see if it's any different than previous versions as far as the amount of
SSL functionality goes.

> In any case, if you have patches to submit, please use SourceForge and
> note that any functional improvements will be targetted at 2.4 at this
> point. You can find more about patch submission at the Patch Submission
> Guidelines page:
>
> http://www.python.org/patches/


I'm not sure whether this "functional change" would be considered a "bug
fix" or "feature addition". The SSL support in socketmodule.c seems to be
lacking almost to the point of being "unusable"... I can't imagine anyone
actually using it for anything "real" in it's current state, and in that
sense, it may be legitimate to call my changes a "bug fix".

I guess I could attack it either way. I could modify the existing
socket.ssl() pieces to work "better" (at least in the normal "act like a
web browser and verify server certs" sense), or I could add new
"features". It might be nice to have a socket.sslclient() method that
would verify the server cert and optionally authenticate with a client
certificate (although the client auth part is probably out of my league at
this point), along with a socket.sslserver() method which would perform
the normal server-side SSL duties.

Or I could just hack on socketmodule.c with every new Python release and
hope that someone eventually adds better SSL support. Anyone working on
that already?

Thanks,

Ed

Ed Phillips <(E-Mail Removed)> University of Delaware (302) 831-6082
Systems Programmer III, Network and Systems Services
finger -l (E-Mail Removed) for PGP public key

 
Reply With Quote
 
Skip Montanaro
Guest
Posts: n/a
 
      07-25-2003

>> http://www.python.org/patches/


Ed> I'm not sure whether this "functional change" would be considered a
Ed> "bug fix" or "feature addition". The SSL support in socketmodule.c
Ed> seems to be lacking almost to the point of being "unusable"... I
Ed> can't imagine anyone actually using it for anything "real" in it's
Ed> current state, and in that sense, it may be legitimate to call my
Ed> changes a "bug fix".

This is open source. If you don't submit the code, who will?

Also, note that the SSL code has been factored out into Modules/_ssl.c.

Ed> Or I could just hack on socketmodule.c with every new Python release
Ed> and hope that someone eventually adds better SSL support.

If nobody ever submits such code it will never get into Python. Essentially
all functionality that's there today is because writing it scratched an itch
for the author.

Skip


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: How include a large array? Edward A. Falk C Programming 1 04-04-2013 08:07 PM
Parsing text acounting for typos? dagoodyear Java 1 06-12-2005 09:19 PM
Typos os Bugs(70-315 self paced)? john hansen MCSD 4 10-30-2003 06:43 PM
Re: How to detect typos in Python programs Bob Gailer Python 2 07-26-2003 03:00 AM
Typos in the Exam Davin Mickelson MCSE 3 07-21-2003 11:31 PM



Advertisments