ANSSI-FR/polichombr

View on GitHub

Showing 1,243 of 1,244 total issues

Similar blocks of code found in 2 locations. Consider refactoring.
Open

    @staticmethod
    def get_by_name(name):
        """
            Gets an user by its nickname.
        """
Severity: Major
Found in polichombr/controllers/user.py and 1 other location - About 1 hr to fix
polichombr/controllers/yara_rule.py on lines 199..207

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 46.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Block has too many lines. [41/25]
Open

dasm.xrefs.each do |addr, _info|
  funcname = addr.to_s
  funcname = $gdasm.get_label_at(addr).gsub('iat_', '') if defined?($gdasm.get_label_at(addr)) && $gdasm.get_label_at(addr) =~ /^iat_/

  if funcname =~ /^[0-9]+$/

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [41/25]
Open

tmpstrings.each do |addr, str|
  if (str.length < 5) || str =~ /([\x7f-\xff]|[\x01-\x08]|[\x0b-\x1f])/n
    strings.delete([addr, str])
    next
  end

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Similar blocks of code found in 2 locations. Consider refactoring.
Open

sampletoyara = db.Table('sampletoyara',
                        db.Column('yara_id',
                                  db.Integer,
                                  db.ForeignKey('yararule.id')),
                        db.Column('sample_id',
Severity: Major
Found in polichombr/models/sample.py and 1 other location - About 1 hr to fix
polichombr/models/sample.py on lines 189..195

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 45.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

sampletochecklist = db.Table('sampletochecklist',
                             db.Column('checklist_id',
                                       db.Integer,
                                       db.ForeignKey('checklist.id')),
                             db.Column('sample_id',
Severity: Major
Found in polichombr/models/sample.py and 1 other location - About 1 hr to fix
polichombr/models/sample.py on lines 200..206

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 45.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Function disassemble_sample_get_svg has a Cognitive Complexity of 13 (exceeds 5 allowed). Consider refactoring.
Open

def disassemble_sample_get_svg(sample_id, address):
    """
        Gets SVG file data, with functions names.
    """
    graph = disassemble_sample(sample_id, address)
Severity: Minor
Found in polichombr/controllers/sample.py - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function view_user has a Cognitive Complexity of 13 (exceeds 5 allowed). Consider refactoring.
Open

def view_user(user_id):
    """
        View a single user activity
        Useful for executive report
    """
Severity: Minor
Found in polichombr/views/webui_user.py - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function ui_sample_upload has a Cognitive Complexity of 13 (exceeds 5 allowed). Consider refactoring.
Open

def ui_sample_upload():
    """
    Sample creation from binary file.
    """
    upload_form = UploadSampleForm()
Severity: Minor
Found in polichombr/views/webui_sample.py - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Block has too many lines. [40/25]
Open

    tbdi.each do |addr|
      di = dasm.di_at(addr)
      curblock = di.block.address if curblock.nil?

      if (di.block.list.first.address == di.address) && (!di.block.from_normal.nil? && (di.block.from_normal.length > 1))

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Method calculate_machoc_hash has 38 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def self.calculate_machoc_hash(dasm)
    @fullFuncSign = ''
    @fullHashSign = ''
    @listoffunct = []
    dasm.function.each do |addr, _symb|
Severity: Minor
Found in polichombr/analysis_tools/AnalyzeIt.rb - About 1 hr to fix

    Function generate_family_row has 38 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

    function generate_family_row(family){
        row = $("<div></div>");
        row.attr("id", "family_" + family["id"]);
        row.attr("class", "row panel panel-default families");
        row.attr("style", "padding: 5px;");
    Severity: Minor
    Found in polichombr/static/js/families.js - About 1 hr to fix

      Similar blocks of code found in 2 locations. Consider refactoring.
      Open

              if self.sid:
                  s = Sample.query.get(self.sid)
                  if s:
                      s.analysis_status = AnalysisStatus.RUNNING
                      db.session.commit()
      Severity: Major
      Found in polichombr/controllers/analysis.py and 1 other location - About 1 hr to fix
      polichombr/controllers/analysis.py on lines 187..192

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 43.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 2 locations. Consider refactoring.
      Open

              with app.app_context():
                  if self.sid:
                      sample = Sample.query.get(self.sid)
                      if sample:
                          sample.analysis_status = AnalysisStatus.FINISHED
      Severity: Major
      Found in polichombr/controllers/analysis.py and 1 other location - About 1 hr to fix
      polichombr/controllers/analysis.py on lines 175..179

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 43.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 2 locations. Consider refactoring.
      Open

      @webuiview.errorhandler(404)
      def not_found(error):
          """
              404 management
          """
      Severity: Major
      Found in polichombr/views/webui.py and 1 other location - About 1 hr to fix
      polichombr/views/webui.py on lines 53..59

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 42.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Similar blocks of code found in 2 locations. Consider refactoring.
      Open

      @webuiview.errorhandler(401)
      def api_401_handler(error):
          """
              module wide error handler, returned when there is an argument problem
          """
      Severity: Major
      Found in polichombr/views/webui.py and 1 other location - About 1 hr to fix
      polichombr/views/webui.py on lines 44..50

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 42.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Identical blocks of code found in 3 locations. Consider refactoring.
      Open

                  app.logger.debug(self.tmessage + "END - TIME %i" %
                                   (int(time.time()) - self.tstart))
      Severity: Major
      Found in polichombr/controllers/tasks/task_strings.py and 2 other locations - About 1 hr to fix
      polichombr/controllers/tasks/task_peinfo.py on lines 75..76
      polichombr/controllers/tasks/task_yara.py on lines 67..68

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 41.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Identical blocks of code found in 3 locations. Consider refactoring.
      Open

              app.logger.debug(self.tmessage + "END - TIME %i" %
                               (int(time.time()) - self.tstart))
      Severity: Major
      Found in polichombr/controllers/tasks/task_yara.py and 2 other locations - About 1 hr to fix
      polichombr/controllers/tasks/task_peinfo.py on lines 75..76
      polichombr/controllers/tasks/task_strings.py on lines 64..65

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 41.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Function generate_samples_zip_file has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
      Open

          def generate_samples_zip_file(family, tlp_level):
              """
                  Generates a sample ZIP file.
                  We actually store it in the storage under a
                  unique filename : family-tlp_level-sha256(samples sha256).
      Severity: Minor
      Found in polichombr/controllers/family.py - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Identical blocks of code found in 3 locations. Consider refactoring.
      Open

              app.logger.debug(self.tmessage + "END - TIME %i" %
                               (int(time.time()) - self.tstart))
      Severity: Major
      Found in polichombr/controllers/tasks/task_peinfo.py and 2 other locations - About 1 hr to fix
      polichombr/controllers/tasks/task_strings.py on lines 64..65
      polichombr/controllers/tasks/task_yara.py on lines 67..68

      Duplicated Code

      Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

      Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

      When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

      Tuning

      This issue has a mass of 41.

      We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

      The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

      If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

      See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

      Refactorings

      Further Reading

      Method repareIatLinks has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
      Open

      def repareIatLinks
        $gdasm.decoded.each do |_addr, di|
          next unless (di.opcode.name == 'mov') && defined?(di.instruction.args.last.symbolic.target)
          label = $gdasm.get_label_at(di.instruction.args.last.symbolic.target.bind.reduce)
          if label =~ /^iat_/
      Severity: Minor
      Found in polichombr/analysis_tools/AnalyzeIt.rb - About 1 hr to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      Severity
      Category
      Status
      Source
      Language