Sign upLogin

ANSSI-FR/polichombr

View on GitHub
Star

Showing 1,243 of 1,244 total issues

Do not introduce global variables.
Open

      numToInj = $gdasm.normalize(tdi.instruction.args.last)
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cops looks for uses of global variables. It does not report offenses for built-in global variables. Built-in global variables are allowed by default. Additionally users can allow additional variables via the AllowedVariables option.

Note that backreferences like $1, $2, etc are not global variables.

Example:

# bad
$foo = 2
bar = $foo + 5

# good
FOO = 2
foo = 2
$stdin.read

include is used at the top level. Use inside class or module.
Open

include Metasm
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop checks that include, extend and prepend exists at the top level. Using these at the top level affects the behavior of Object. There will not be using include, extend and prepend at the top level. Let's use it inside class or module.

Example:

# bad
include M

class C
end

# bad
extend M

class C
end

# bad
prepend M

class C
end

# good
class C
  include M
end

# good
class C
  extend M
end

# good
class C
  prepend M
end

Use snake_case for variable names.
Open

    decodeType = cfunctionDecoder['args'][i]
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop makes sure that all variables use the configured style, snake_case or camelCase, for their names.

Example: EnforcedStyle: snake_case (default)

# bad
fooBar = 1

# good
foo_bar = 1

Example: EnforcedStyle: camelCase

# bad
foo_bar = 1

# good
fooBar = 1

Use snake_case for variable names.
Open

codePatterns = ["\x8b\xff",
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop makes sure that all variables use the configured style, snake_case or camelCase, for their names.

Example: EnforcedStyle: snake_case (default)

# bad
fooBar = 1

# good
foo_bar = 1

Example: EnforcedStyle: camelCase

# bad
foo_bar = 1

# good
fooBar = 1

Use snake_case for variable names.
Open

@strREG = []
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop makes sure that all variables use the configured style, snake_case or camelCase, for their names.

Example: EnforcedStyle: snake_case (default)

# bad
fooBar = 1

# good
foo_bar = 1

Example: EnforcedStyle: camelCase

# bad
foo_bar = 1

# good
fooBar = 1

Use snake_case for variable names.
Open

@strAntiVM = []
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop makes sure that all variables use the configured style, snake_case or camelCase, for their names.

Example: EnforcedStyle: snake_case (default)

# bad
fooBar = 1

# good
foo_bar = 1

Example: EnforcedStyle: camelCase

# bad
foo_bar = 1

# good
fooBar = 1

Use snake_case for variable names.
Open

    sizeMin = 0xffffff
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop makes sure that all variables use the configured style, snake_case or camelCase, for their names.

Example: EnforcedStyle: snake_case (default)

# bad
fooBar = 1

# good
foo_bar = 1

Example: EnforcedStyle: camelCase

# bad
foo_bar = 1

# good
fooBar = 1

Prefer each over for.
Open

          for y in 0..@treetbfunc.length
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop looks for uses of the for keyword, or each method. The preferred alternative is set in the EnforcedStyle configuration parameter. An each call with a block on a single line is always allowed, however.

Do not introduce global variables.
Open

      tdi = $gdasm.di_at(tdi_addr)
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cops looks for uses of global variables. It does not report offenses for built-in global variables. Built-in global variables are allowed by default. Additionally users can allow additional variables via the AllowedVariables option.

Note that backreferences like $1, $2, etc are not global variables.

Example:

# bad
$foo = 2
bar = $foo + 5

# good
FOO = 2
foo = 2
$stdin.read

Do not introduce global variables.
Open

      strArg = if $gdasm.decode_wstrz(carg)
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cops looks for uses of global variables. It does not report offenses for built-in global variables. Built-in global variables are allowed by default. Additionally users can allow additional variables via the AllowedVariables option.

Note that backreferences like $1, $2, etc are not global variables.

Example:

# bad
$foo = 2
bar = $foo + 5

# good
FOO = 2
foo = 2
$stdin.read

Do not introduce global variables.
Open

        strArg = format('{%08X-%04X-%04X-%02X%02X-%02X%02X%02X%02X%02X%02X}', $gdasm.decode_dword(carg), ($gdasm.decode_dword(carg + 4) & 0xffff), ($gdasm.decode_dword(carg + 6) & 0xffff), $gdasm.decode_byte(carg + 8), $gdasm.decode_byte(carg + 9), $gdasm.decode_byte(carg + 10), $gdasm.decode_byte(carg + 11), $gdasm.decode_byte(carg + 12), $gdasm.decode_byte(carg + 13), $gdasm.decode_byte(carg + 14), $gdasm.decode_byte(carg + 15), $gdasm.decode_byte(carg + 16))
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cops looks for uses of global variables. It does not report offenses for built-in global variables. Built-in global variables are allowed by default. Additionally users can allow additional variables via the AllowedVariables option.

Note that backreferences like $1, $2, etc are not global variables.

Example:

# bad
$foo = 2
bar = $foo + 5

# good
FOO = 2
foo = 2
$stdin.read

Do not introduce global variables.
Open

      if $gdasm.read_raw_data(carg, 0x10)
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cops looks for uses of global variables. It does not report offenses for built-in global variables. Built-in global variables are allowed by default. Additionally users can allow additional variables via the AllowedVariables option.

Note that backreferences like $1, $2, etc are not global variables.

Example:

# bad
$foo = 2
bar = $foo + 5

# good
FOO = 2
foo = 2
$stdin.read

Use snake_case for variable names.
Open

      strArg = case carg
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop makes sure that all variables use the configured style, snake_case or camelCase, for their names.

Example: EnforcedStyle: snake_case (default)

# bad
fooBar = 1

# good
foo_bar = 1

Example: EnforcedStyle: camelCase

# bad
foo_bar = 1

# good
fooBar = 1

Use snake_case for variable names.
Open

  argStr = dasm.decode_strz(di.instruction.args.last)
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop makes sure that all variables use the configured style, snake_case or camelCase, for their names.

Example: EnforcedStyle: snake_case (default)

# bad
fooBar = 1

# good
foo_bar = 1

Example: EnforcedStyle: camelCase

# bad
foo_bar = 1

# good
fooBar = 1

Use snake_case for variable names.
Open

        pattAddr = secAddr + secDatas.data[0..-1].index(pattern)
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop makes sure that all variables use the configured style, snake_case or camelCase, for their names.

Example: EnforcedStyle: snake_case (default)

# bad
fooBar = 1

# good
foo_bar = 1

Example: EnforcedStyle: camelCase

# bad
foo_bar = 1

# good
fooBar = 1

Do not introduce global variables.
Open

  opt.on('-f', '--fast', 'use fast disassemble') { $FASTDISAS = true }
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cops looks for uses of global variables. It does not report offenses for built-in global variables. Built-in global variables are allowed by default. Additionally users can allow additional variables via the AllowedVariables option.

Note that backreferences like $1, $2, etc are not global variables.

Example:

# bad
$foo = 2
bar = $foo + 5

# good
FOO = 2
foo = 2
$stdin.read

Do not introduce global variables.
Open

  funcname = $gdasm.get_label_at(addr).gsub('iat_', '') if defined?($gdasm.get_label_at(addr)) && $gdasm.get_label_at(addr) =~ /^iat_/
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cops looks for uses of global variables. It does not report offenses for built-in global variables. Built-in global variables are allowed by default. Additionally users can allow additional variables via the AllowedVariables option.

Note that backreferences like $1, $2, etc are not global variables.

Example:

# bad
$foo = 2
bar = $foo + 5

# good
FOO = 2
foo = 2
$stdin.read

Use esp.zero? instead of esp == 0.
Open

            if (di.block.list[i - 1].opcode.name == 'mov') && ((di.block.list[i - 1].instruction.args.first.to_s == "dword ptr [esp+0#{arg.to_s(16)}h]") || (((di.block.list[i - 1].instruction.args.first.to_s == 'dword ptr [esp]') && (esp == 0))))
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop checks for usage of comparison operators (==, >, <) to test numbers as zero, positive, or negative. These can be replaced by their respective predicate methods. The cop can also be configured to do the reverse.

The cop disregards #nonzero? as it its value is truthy or falsey, but not true and false, and thus not always interchangeable with != 0.

The cop ignores comparisons to global variables, since they are often populated with objects which can be compared with integers, but are not themselves Interger polymorphic.

Example: EnforcedStyle: predicate (default)

# bad

foo == 0
0 > foo
bar.baz > 0

# good

foo.zero?
foo.negative?
bar.baz.positive?

Example: EnforcedStyle: comparison

# bad

foo.zero?
foo.negative?
bar.baz.positive?

# good

foo == 0
0 > foo
bar.baz > 0

Use snake_case for variable names.
Open

          strArg += ' (CLSID_LNK)'
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop makes sure that all variables use the configured style, snake_case or camelCase, for their names.

Example: EnforcedStyle: snake_case (default)

# bad
fooBar = 1

# good
foo_bar = 1

Example: EnforcedStyle: camelCase

# bad
foo_bar = 1

# good
fooBar = 1

Use snake_case for variable names.
Open

    printString += strArg unless strArg.nil?
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb by rubocop

This cop makes sure that all variables use the configured style, snake_case or camelCase, for their names.

Example: EnforcedStyle: snake_case (default)

# bad
fooBar = 1

# good
foo_bar = 1

Example: EnforcedStyle: camelCase

# bad
foo_bar = 1

# good
fooBar = 1
Severity
Category
Status
Source
Language