Avoid reusing names of variables, functions, classes, built-in functions, packages, or standard Python modules
Redefining identifiers from The Python Standard Library [Python 2025], any internals str and os or other parts of the project can result in unexpected behavior and errors. Issues can multiply when identifiers are made global in a project.
The redefined built-in function len() in noncompliant01.py is incorrectly adding each element to a “sum” instead of calculating the length of an object.
# SPDX-FileCopyrightText: OpenSSF project contributors
# SPDX-License-Identifier: MIT
"""Non-compliant Code Example"""
number_list = [1, 2, 3, 4, 5, 6, 7, 8, 9]
print(f"len({number_list}) == {len(number_list)}")
def len(numbers: list[int]) -> int:
"""implementing a custom version of len"""
result = 0
for number in numbers:
result += number
return result
#####################
# Trying to exploit above code example
#####################
print(f"len({number_list}) == {len(number_list)}")
The first print(f"len({number_list}) == {len(number_list)}") using the original len() is listing the correct number of 9 entries.
The second print statement using the redefined len() is listing 45.
Example output:
len([1, 2, 3, 4, 5, 6, 7, 8, 9]) == 9
len([1, 2, 3, 4, 5, 6, 7, 8, 9]) == 45
Redefining len() can break its usage for other data types such as strings causing crashes. The redefined len() will cause a print(len("Hello World!")) to throw a TypeError as we combine int with char.
Ensure that all functions do not reuse the names as defined in Built-in Functions [Python built-in 2025] and do not reuse the identifiers as defined in The The Python Standard Library [Python 2025].
# SPDX-FileCopyrightText: OpenSSF project contributors
# SPDX-License-Identifier: MIT
"""Compliant Code Example"""
number_list = [1, 2, 3, 4, 5, 6, 7, 8, 9]
print(f"len({number_list}) == {len(number_list)}")
def custom_len(numbers: list[int]) -> int:
"""implementing a custom version of len"""
result = 0
for number in numbers:
result += number
return result
#####################
# Trying to exploit above code example
#####################
print(f"len({number_list}) == {len(number_list)}")
The standard module os and function getpid() are being redefined in noncompliant02.py.
# SPDX-FileCopyrightText: OpenSSF project contributors
# SPDX-License-Identifier: MIT
"""Non-compliant Code Example"""
import os
print(f"Process id='{os.getpid()}'")
class os:
"""redefining standard class"""
@staticmethod
def getpid():
"""redefining standard class method"""
return "Not implemented"
#####################
# Trying to exploit above code example
#####################
print(f"Process id='{os.getpid()}'")
The os.getpid() method from the standard module is no longer called after redefining it and prints “Not implemented” instead of the process ID.
Example output:
Process id='19354'
Process id='Not implemented'
Ensure that all packages, classes and functions do not reuse the identifiers as defined in The Python Standard Library [Python 2025].
# SPDX-FileCopyrightText: OpenSSF project contributors
# SPDX-License-Identifier: MIT
"""Compliant Code Example"""
import os
print(f"Process id='{os.getpid()}'")
class custom_os:
"""redefining standard class"""
@staticmethod
def getpid():
"""redefining standard class method"""
return "Not implemented"
#####################
# Trying to exploit above code example
#####################
print(f"Process id='{os.getpid()}'")
On the ‘class’ example we have C0103 complains about missing PascalCase naming style, R0801: Similar lines in 2 files, and R0903 we do not list as their detection is not in relation to the actual issue.
| Tool | Version | Checker | Description |
|---|---|---|---|
| pylint | 2.9.6 | W0622 | Redefining built-in ‘len’ (redefined-builtin) |
| pylint | 2.9.6 | E0102 | class already defined line 5 (function-redefined), detecting class os: |
| [Python 2025]. | The Python Standard Library [online]. Available from: https://docs.python.org/3/library/index.html [accessed 24 June 2025] |
| [Python built-in 2025]. | Built-in Functions [online]. Available from: https://docs.python.org/3.9/library/functions.html [accessed 24 June 2025] |