CodeQL documentation

Modification of dictionary returned by locals()

ID: py/modification-of-locals
Kind: problem
Security severity: 
Severity: warning
Precision: very-high
Tags:
   - reliability
   - correctness
Query suites:
   - python-security-and-quality.qls

Click to see the query in the CodeQL repository

The dictionary returned by locals() is not a view of the function’s locals, but a copy. Therefore, modification of the dictionary returned from locals() will not modify the local variables of the function.

Recommendation

If the intention is to modify a local variable, then do so directly.

Example

In this example, rather than assigning to the variable z directly, the dictionary returned by locals() is modified.


def modifies_locals_sum(x, y):
    locals()['z'] = x + y
    #z will not be defined as modifications to locals() do not alter the local variables.
    return z

def fixed_sum(x, y):
    z = x + y
    return z

References

  • © GitHub, Inc.
  • Terms
  • Privacy