ANSSI-FR/polichombr

View on GitHub

Showing 1,243 of 1,244 total issues

Block has too many lines. [27/25]
Open

  cryptoPatterns.each do |name, patterns|
    ok = 0
    pattAddr = 0
    for pattern in patterns
      unless secDatas.data[0..-1].index(pattern).nil?

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Function poli_request has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def poli_request(self, endpoint, data, method="POST"):
        """
            @arg : endpoint The API target endpoint
            @arg : data dictionary
            @return : dict issued from JSON
Severity: Minor
Found in skelenox_plugin/connection.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function do_diff_samples has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

def do_diff_samples(sid1, sid2):
    """
        Diff form has been submitted
    """
    sample1 = api.get_elem_by_type("sample", sid1)
Severity: Minor
Found in polichombr/views/webui_sample.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function export_detection_snort has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def export_detection_snort(family, tlp_level):
        """
            Exports the yara detection SNORT rules.
        """
        generated_output = "# SNORT ruleset for family " + family.name + "\n\n"
Severity: Minor
Found in polichombr/controllers/family.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function get_user_uncategorized_samples has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def get_user_uncategorized_samples(user, limit=15):
        """
            By user with no family.
        """
        samples = []
Severity: Minor
Found in polichombr/controllers/sample.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function machoc_diff_with_all_samples has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def machoc_diff_with_all_samples(cls, sample, level=0.8):
        """
            Diff a sample with all other samples. Class method.
        """
        if sample.functions.count() == 0:
Severity: Minor
Found in polichombr/controllers/sample.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function get_member_by_name has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def get_member_by_name(self, sid, name):
        """
            Should probably be implemented server side
        """
        endpoint = self.prepare_endpoint("structs/"+str(sid))
Severity: Minor
Found in skelenox_plugin/connection.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function export_detection_openioc has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def export_detection_openioc(family, tlp_level):
        """
            Exports the detection OPENIOC items.

            TODO: move openioc generation to a new file.
Severity: Minor
Found in polichombr/controllers/family.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function register_user has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

def register_user():
    """
    User registration, if enabled in configuration file.
    """
    if g.user.is_authenticated or not current_app.config['USERS_CAN_REGISTER']:
Severity: Minor
Found in polichombr/views/webui_user.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function send_sample has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

def send_sample(sample="", family=None, tlp=None, api_key=""):
    """
        Send a sample using the SampleModule API
    """
    sapi = SampleModule(api_key=api_key)
Severity: Minor
Found in examples/send_sample.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function export_detection_custom has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def export_detection_custom(family, tlp_level):
        """
            Exports the yara detection CUSTOM items.
        """
        generated_output = "Custom detection items for family " + \
Severity: Minor
Found in polichombr/controllers/family.py - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

repareIatLinks performs a nil-check
Open

      if $gdasm.xrefs[di.instruction.args.last.symbolic.target.bind.reduce].nil?
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by reek

A NilCheck is a type check. Failures of NilCheck violate the "tell, don't ask" principle.

Additionally, type checks often mask bigger problems in your source code like not using OOP and / or polymorphism when you should.

Example

Given

class Klass
  def nil_checker(argument)
    if argument.nil?
      puts "argument isn't nil!"
    end
  end
end

Reek would emit the following warning:

test.rb -- 1 warning:
  [3]:Klass#nil_checker performs a nil-check. (NilCheck)

MetasmUtils#self.is_linked_block performs a nil-check
Open

    return result if di.block.to_normal.nil?
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by reek

A NilCheck is a type check. Failures of NilCheck violate the "tell, don't ask" principle.

Additionally, type checks often mask bigger problems in your source code like not using OOP and / or polymorphism when you should.

Example

Given

class Klass
  def nil_checker(argument)
    if argument.nil?
      puts "argument isn't nil!"
    end
  end
end

Reek would emit the following warning:

test.rb -- 1 warning:
  [3]:Klass#nil_checker performs a nil-check. (NilCheck)

checkCall performs a nil-check
Open

  unless basefunc.nil?
    log('')
    log("Top of function : #{PoliUtils.poliLinkAddr(basefunc)} ; Top of block : #{PoliUtils.poliLinkAddr($gdasm.di_at(xrefCall).block.list[0].address)}")
    log('')
  end
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by reek

A NilCheck is a type check. Failures of NilCheck violate the "tell, don't ask" principle.

Additionally, type checks often mask bigger problems in your source code like not using OOP and / or polymorphism when you should.

Example

Given

class Klass
  def nil_checker(argument)
    if argument.nil?
      puts "argument isn't nil!"
    end
  end
end

Reek would emit the following warning:

test.rb -- 1 warning:
  [3]:Klass#nil_checker performs a nil-check. (NilCheck)

MetasmUtils#self.find_start_of_function performs a nil-check
Open

      if di.block.list[0].block.from_normal.nil? && !di.block.list[0].block.from_subfuncret.nil? && (di.block.list[0].block.from_subfuncret.length == 1)
        blocks << di.address
        di = $gdasm.di_at(di.block.list[0].block.from_subfuncret[0])
      elsif
        blocks << di.address
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by reek

A NilCheck is a type check. Failures of NilCheck violate the "tell, don't ask" principle.

Additionally, type checks often mask bigger problems in your source code like not using OOP and / or polymorphism when you should.

Example

Given

class Klass
  def nil_checker(argument)
    if argument.nil?
      puts "argument isn't nil!"
    end
  end
end

Reek would emit the following warning:

test.rb -- 1 warning:
  [3]:Klass#nil_checker performs a nil-check. (NilCheck)

parseInstr doesn't depend on instance state (maybe move it to another class?)
Open

def parseInstr(di)

A Utility Function is any instance method that has no dependency on the state of the instance.

repareIatLinks doesn't depend on instance state (maybe move it to another class?)
Open

def repareIatLinks
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by reek

A Utility Function is any instance method that has no dependency on the state of the instance.

isStartFunction performs a nil-check
Open

  return 0 if $gdasm.read_raw_data(addr, 0x10).nil?

A NilCheck is a type check. Failures of NilCheck violate the "tell, don't ask" principle.

Additionally, type checks often mask bigger problems in your source code like not using OOP and / or polymorphism when you should.

Example

Given

class Klass
  def nil_checker(argument)
    if argument.nil?
      puts "argument isn't nil!"
    end
  end
end

Reek would emit the following warning:

test.rb -- 1 warning:
  [3]:Klass#nil_checker performs a nil-check. (NilCheck)

parseInstr performs a nil-check
Open

  return di.to_s.gsub('\\', '\\\\\\').gsub('"', '\\"') if $SVG.nil?
  ret = nil
  if (di.opcode.name == 'call') && (di.instruction.args.length == 1)
    if di.instruction.args.first.to_s[0..3] == 'loc_'
      ret = di.to_s.gsub('\\', '\\\\\\').gsub('"', '\\"').gsub(di.instruction.args.first.to_s, di.instruction.args.first.to_s)

A NilCheck is a type check. Failures of NilCheck violate the "tell, don't ask" principle.

Additionally, type checks often mask bigger problems in your source code like not using OOP and / or polymorphism when you should.

Example

Given

class Klass
  def nil_checker(argument)
    if argument.nil?
      puts "argument isn't nil!"
    end
  end
end

Reek would emit the following warning:

test.rb -- 1 warning:
  [3]:Klass#nil_checker performs a nil-check. (NilCheck)

MachocHash#self.calculate_machoc_hash performs a nil-check
Open

            next if @treetbfunc[y].nil?
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by reek

A NilCheck is a type check. Failures of NilCheck violate the "tell, don't ask" principle.

Additionally, type checks often mask bigger problems in your source code like not using OOP and / or polymorphism when you should.

Example

Given

class Klass
  def nil_checker(argument)
    if argument.nil?
      puts "argument isn't nil!"
    end
  end
end

Reek would emit the following warning:

test.rb -- 1 warning:
  [3]:Klass#nil_checker performs a nil-check. (NilCheck)
Severity
Category
Status
Source
Language