Insecure Use of Default Mutable Arguments
When you define a function in Python, you can specify default values for its parameters. This feature is convenient, but using a mutable object like a list or dictionary as a default value can introduce subtle bugs and even security issues. The reason is that default parameter values are evaluated only once at the time the function is defined, not each time the function is called. This means that if you use a mutable object as a default argument and then modify it, the change will persist across future calls to the function, potentially leading to unexpected and insecure behavior.
1234567def append_item(item, my_list=[]): my_list.append(item) return my_list print(append_item(1)) # Output: [1] print(append_item(2)) # Output: [1, 2] print(append_item(3)) # Output: [1, 2, 3]
In the example above, the function append_item uses a list as a default value for the my_list parameter. When you call the function without providing your own list, it uses the same list object every time. As a result, each call to the function adds to the same list, causing values to accumulate unexpectedly. This behavior can be dangerous in a security context. For instance, sensitive data could be inadvertently shared between function calls, or an attacker could exploit this persistence to manipulate data in ways you did not intend.
123456789def append_item(item, my_list=None): if my_list is None: my_list = [] my_list.append(item) return my_list print(append_item(1)) # Output: [1] print(append_item(2)) # Output: [2] print(append_item(3)) # Output: [3]
By using None as the default value for the my_list parameter and creating a new list inside the function when needed, you ensure that each call to the function gets its own independent list. This approach prevents the accidental sharing of data between calls and eliminates the security risks associated with mutable default arguments.
One of the most famous Python bugs involving mutable default arguments was discovered in early web frameworks, where user session data was stored in a default dict. This led to users seeing each other's session dataβa serious privacy and security issue.
Thanks for your feedback!
Ask AI
Ask AI
Ask anything or try one of the suggested questions to begin our chat
Can you explain why using mutable default arguments is a security risk?
What are some other common pitfalls with Python function defaults?
Can you show more examples of safe default argument patterns?
Awesome!
Completion rate improved to 5.56Insecure Use of Default Mutable Arguments
Swipe to show menu
When you define a function in Python, you can specify default values for its parameters. This feature is convenient, but using a mutable object like a list or dictionary as a default value can introduce subtle bugs and even security issues. The reason is that default parameter values are evaluated only once at the time the function is defined, not each time the function is called. This means that if you use a mutable object as a default argument and then modify it, the change will persist across future calls to the function, potentially leading to unexpected and insecure behavior.
1234567def append_item(item, my_list=[]): my_list.append(item) return my_list print(append_item(1)) # Output: [1] print(append_item(2)) # Output: [1, 2] print(append_item(3)) # Output: [1, 2, 3]
In the example above, the function append_item uses a list as a default value for the my_list parameter. When you call the function without providing your own list, it uses the same list object every time. As a result, each call to the function adds to the same list, causing values to accumulate unexpectedly. This behavior can be dangerous in a security context. For instance, sensitive data could be inadvertently shared between function calls, or an attacker could exploit this persistence to manipulate data in ways you did not intend.
123456789def append_item(item, my_list=None): if my_list is None: my_list = [] my_list.append(item) return my_list print(append_item(1)) # Output: [1] print(append_item(2)) # Output: [2] print(append_item(3)) # Output: [3]
By using None as the default value for the my_list parameter and creating a new list inside the function when needed, you ensure that each call to the function gets its own independent list. This approach prevents the accidental sharing of data between calls and eliminates the security risks associated with mutable default arguments.
One of the most famous Python bugs involving mutable default arguments was discovered in early web frameworks, where user session data was stored in a default dict. This led to users seeing each other's session dataβa serious privacy and security issue.
Thanks for your feedback!
