Showing 179 of 179 total issues
Starting a process with a partial executable path Open
download = run(
["axel", "--quiet", "--no-clobber", url],
stdout=PIPE,
stderr=STDOUT,- Exclude checks
subprocess call - check for execution of untrusted input. Open
call(["mkfs.ext4", "-F", "/dev/" + device])- Exclude checks
Starting a process with a partial executable path Open
add_tor = run(["apk", "add", "tor"])- Exclude checks
Try, Except, Pass detected. Open
except Exception:- Exclude checks
Starting a process with a partial executable path Open
call(["docker", "exec", cfg.LND_MODE + "_lnd_1", "lncli", "getinfo"])- Exclude checks
subprocess call - check for execution of untrusted input. Open
call(["/opt/vc/bin/vcgencmd", "get_mem", "arm"])- Exclude checks
subprocess call - check for execution of untrusted input. Open
call(["apk", "update"])- Exclude checks
subprocess call - check for execution of untrusted input. Open
call(["mount", "-o", "remount,ro", "/dev/mmcblk0p1", "/media/mmcblk0p1"])- Exclude checks
subprocess call - check for execution of untrusted input. Open
call(["git", "pull"])- Exclude checks
Starting a process with a partial executable path Open
device_table = popen("blkid").read().splitlines()- Exclude checks
Refactor this function to reduce its Cognitive Complexity from 20 to the 15 allowed. Open
def check_for_destruction(device, path):- Read upRead up
- Exclude checks
Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Functions with high Cognitive Complexity will be difficult to maintain.
See
Either remove or fill this block of code. Open
pass- Read upRead up
- Exclude checks
Most of the time a block of code is empty when a piece of code is really missing. So such empty block must be either filled or removed.
Noncompliant Code Example
for i in range(3):
pass
Exceptions
When a block contains a comment, this block is not considered to be empty.
Consider possible security implications associated with call module. Open
from subprocess import call
# TODO: handle mountable devices without partitions!
- Exclude checks
Starting a process with a shell: Seems safe, but may be changed in the future, consider rewriting without shell Open
device_table = popen("blkid").read().splitlines()- Exclude checks
Refactor this function to reduce its Cognitive Complexity from 21 to the 15 allowed. Open
def create_swap():- Read upRead up
- Exclude checks
Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Functions with high Cognitive Complexity will be difficult to maintain.
See
subprocess call - check for execution of untrusted input. Open
call(cli_invocation)- Exclude checks
Refactor this function to reduce its Cognitive Complexity from 37 to the 15 allowed. Open
def usb_setup():- Read upRead up
- Exclude checks
Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Functions with high Cognitive Complexity will be difficult to maintain.
See
Merge this if statement with the enclosing one. Open
if swap_on() and enable_swap():- Read upRead up
- Exclude checks
Merging collapsible if statements increases the code's readability.
Noncompliant Code Example
if condition1:
if condition2:
# ...
Compliant Solution
if condition1 and condition2:
# ...
Refactor this function to reduce its Cognitive Complexity from 54 to the 15 allowed. Open
def fastsync():- Read upRead up
- Exclude checks
Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Functions with high Cognitive Complexity will be difficult to maintain.