Sign upLogin

KissPeter/APIFuzzer

View on GitHub
Star

Showing 395 of 395 total issues

Cyclomatic complexity is too high in method format_pycurl_query_param. (6)
Open

    def format_pycurl_query_param(self, url, query_params):
        """
        Prepares fuzz query string by removing parts if necessary
        :param url: url used only to provide realistic url for pycurl
        :type url: str
Severity: Minor
Found in apifuzzer/fuzzer_target/request_base_functions.py by radon

Cyclomatic Complexity

Cyclomatic Complexity corresponds to the number of decisions a block of code contains plus 1. This number (also called McCabe number) is equal to the number of linearly independent paths through the code. This number can be used as a guide when testing conditional logic in blocks.

Radon analyzes the AST tree of a Python program to compute Cyclomatic Complexity. Statements have the following effects on Cyclomatic Complexity:

Construct Effect on CC Reasoning
if +1 An if statement is a single decision.
elif +1 The elif statement adds another decision.
else +0 The else statement does not cause a new decision. The decision is at the if.
for +1 There is a decision at the start of the loop.
while +1 There is a decision at the while statement.
except +1 Each except branch adds a new conditional path of execution.
finally +0 The finally block is unconditionally executed.
with +1 The with statement roughly corresponds to a try/except block (see PEP 343 for details).
assert +1 The assert statement internally roughly equals a conditional statement.
Comprehension +1 A list/set/dict comprehension of generator expression is equivalent to a for loop.
Boolean Operator +1 Every boolean operator (and, or) adds a decision point.

Source: http://radon.readthedocs.org/en/latest/intro.html

Function format_pycurl_query_param has a Cognitive Complexity of 14 (exceeds 5 allowed). Consider refactoring.
Open

    def format_pycurl_query_param(self, url, query_params):
        """
        Prepares fuzz query string by removing parts if necessary
        :param url: url used only to provide realistic url for pycurl
        :type url: str
Severity: Minor
Found in apifuzzer/fuzzer_target/request_base_functions.py - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function format_pycurl_header has a Cognitive Complexity of 12 (exceeds 5 allowed). Consider refactoring.
Open

    def format_pycurl_header(self, headers):
        """
        Pycurl and other http clients are picky, so this function tries to put everyting into the field as it can.
        :param headers: http headers
        :return: http headers
Severity: Minor
Found in apifuzzer/fuzzer_target/request_base_functions.py - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function __init__ has 10 arguments (exceeds 4 allowed). Consider refactoring.
Open

    def __init__(
Severity: Major
Found in apifuzzer/fuzzer.py - About 1 hr to fix

    Function format_pycurl_url has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
    Open

        def format_pycurl_url(self, url):
        """
        Prepares fuzz URL for pycurl removing elements if necessary
        :param url: URL string prepared earlier
        :type url: str
    Severity: Minor
    Found in apifuzzer/fuzzer_target/request_base_functions.py - About 1 hr to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function _add_field_to_param has a Cognitive Complexity of 10 (exceeds 5 allowed). Consider refactoring.
    Open

        def _add_field_to_param(self, fuzz_type, param, param_name, parameter_place_in_request, sample_data, template):
        if parameter_place_in_request == ParamTypes.PATH:
            template.path_variables.add(
                fuzz_type(name=param_name, value=str(sample_data))
            )
    Severity: Minor
    Found in apifuzzer/openapi_template_generator.py - About 1 hr to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function _flatten_dict_entry has a Cognitive Complexity of 9 (exceeds 5 allowed). Consider refactoring.
    Open

    def _flatten_dict_entry(orig_key, v):
    """
    This function is called recursively to list the params in template
    :param orig_key: original key
    :param v: list of params
    Severity: Minor
    Found in apifuzzer/server_fuzzer.py - About 55 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function _add_field_to_param has 7 arguments (exceeds 4 allowed). Consider refactoring.
    Open

        def _add_field_to_param(self, fuzz_type, param, param_name, parameter_place_in_request, sample_data, template):
    Severity: Major
    Found in apifuzzer/openapi_template_generator.py - About 50 mins to fix

      Function __init__ has 6 arguments (exceeds 4 allowed). Consider refactoring.
      Open

          def __init__(
      Severity: Minor
      Found in apifuzzer/custom_fuzzers.py - About 45 mins to fix

        Function __init__ has 6 arguments (exceeds 4 allowed). Consider refactoring.
        Open

            def __init__(
        Severity: Minor
        Found in apifuzzer/custom_fuzzers.py - About 45 mins to fix

          Function transform_data_to_bytes has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
          Open

          def transform_data_to_bytes(data_in):
    """
    Transform data to bytes
    :param data_in: data to transform
    :type data_in: str, float, Bits
          Severity: Minor
          Found in apifuzzer/utils.py - About 45 mins to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Function __init__ has 5 arguments (exceeds 4 allowed). Consider refactoring.
          Open

              def __init__(self, name, base_url, report_dir, auth_headers, junit_report_path):
          Severity: Minor
          Found in apifuzzer/fuzzer_target/fuzz_request_sender.py - About 35 mins to fix

            Function set_logger has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
            Open

            def set_logger(level="warning", basic_output=False):
    """
    Setup logger
    :param level: log level
    :type level: log level
            Severity: Minor
            Found in apifuzzer/utils.py - About 35 mins to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function compile_headers has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
            Open

                def compile_headers(self, fuzz_header=None):
        """
        Using the fuzzer headers plus the header(s) defined at cli parameter this puts together a dict which will be
        used at the reques
        :type fuzz_header: list, dict, None
            Severity: Minor
            Found in apifuzzer/fuzzer_target/request_base_functions.py - About 35 mins to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Function _transmit has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
            Open

                def _transmit(self, node):
        """
        Where the magic happens. This function prepares the request
        :param node: Kitty template
        :type node: object
            Severity: Minor
            Found in apifuzzer/server_fuzzer.py - About 35 mins to fix

            Cognitive Complexity

            Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

            A method's cognitive complexity is based on a few simple rules:

            • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
            • Code is considered more complex for each "break in the linear flow of the code"
            • Code is considered more complex when "flow breaking structures are nested"

            Further reading

            Avoid too many return statements within this function.
            Open

                    return bytes(data_in)
            Severity: Major
            Found in apifuzzer/utils.py - About 30 mins to fix

              Function chop_fuzz_value has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
              Open

                  def chop_fuzz_value(self, original_fuzz_value, fuzz_value):
        """
        Prepares fuzz parameter for pycurl removing elements if necessary
        :param original_fuzz_value: original value of the filed
        :param fuzz_value: value modified in the previous run
              Severity: Minor
              Found in apifuzzer/fuzzer_target/request_base_functions.py - About 25 mins to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Function get_readme has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
              Open

              def get_readme():
    readme = list()
    with open(os.path.join(here, "README.md"), "r") as f:
        skip_lines = True
        for line in f.read().splitlines():
              Severity: Minor
              Found in setup.py - About 25 mins to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Function post_test has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
              Open

                  def post_test(self, test_num):
        """Called after a test is completed, perform cleanup etc."""
        if self.report.get("report") is None:
            self.report.add("reason", self.report.get_status())
        super(ServerTarget, self).post_test(test_num)  # pylint: disable=E1003
              Severity: Minor
              Found in apifuzzer/fuzzer_target/fuzz_request_sender.py - About 25 mins to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Function compile_template has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
              Open

                  def compile_template(self):
        _url = Static(name="url", value=self.url)
        _method = Static(name="method", value=self.method)
        template = Template(name=self.name, fields=[_url, _method])
        for name, field in self.field_to_param.items():
              Severity: Minor
              Found in apifuzzer/base_template.py - About 25 mins to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Severity
              Category
              Status
              Source
              Language