Showing 179 of 179 total issues
Starting a process with a partial executable path Open
download = run(
["axel", "--quiet", "--no-clobber", url],
stdout=PIPE,
stderr=STDOUT,
- Exclude checks
subprocess call - check for execution of untrusted input. Open
call(["mkfs.ext4", "-F", "/dev/" + device])
- Exclude checks
Starting a process with a partial executable path Open
add_tor = run(["apk", "add", "tor"])
- Exclude checks
Try, Except, Pass detected. Open
except Exception:
- Exclude checks
Starting a process with a partial executable path Open
call(["docker", "exec", cfg.LND_MODE + "_lnd_1", "lncli", "getinfo"])
- Exclude checks
subprocess call - check for execution of untrusted input. Open
call(["/opt/vc/bin/vcgencmd", "get_mem", "arm"])
- Exclude checks
subprocess call - check for execution of untrusted input. Open
call(["apk", "update"])
- Exclude checks
subprocess call - check for execution of untrusted input. Open
call(["mount", "-o", "remount,ro", "/dev/mmcblk0p1", "/media/mmcblk0p1"])
- Exclude checks
subprocess call - check for execution of untrusted input. Open
call(["git", "pull"])
- Exclude checks
Starting a process with a partial executable path Open
device_table = popen("blkid").read().splitlines()
- Exclude checks
Refactor this function to reduce its Cognitive Complexity from 20 to the 15 allowed. Open
def check_for_destruction(device, path):
- Read upRead up
- Exclude checks
Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Functions with high Cognitive Complexity will be difficult to maintain.
See
Either remove or fill this block of code. Open
pass
- Read upRead up
- Exclude checks
Most of the time a block of code is empty when a piece of code is really missing. So such empty block must be either filled or removed.
Noncompliant Code Example
for i in range(3): pass
Exceptions
When a block contains a comment, this block is not considered to be empty.
Consider possible security implications associated with call module. Open
from subprocess import call
# TODO: handle mountable devices without partitions!
- Exclude checks
Starting a process with a shell: Seems safe, but may be changed in the future, consider rewriting without shell Open
device_table = popen("blkid").read().splitlines()
- Exclude checks
Refactor this function to reduce its Cognitive Complexity from 21 to the 15 allowed. Open
def create_swap():
- Read upRead up
- Exclude checks
Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Functions with high Cognitive Complexity will be difficult to maintain.
See
subprocess call - check for execution of untrusted input. Open
call(cli_invocation)
- Exclude checks
Refactor this function to reduce its Cognitive Complexity from 37 to the 15 allowed. Open
def usb_setup():
- Read upRead up
- Exclude checks
Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Functions with high Cognitive Complexity will be difficult to maintain.
See
Merge this if statement with the enclosing one. Open
if swap_on() and enable_swap():
- Read upRead up
- Exclude checks
Merging collapsible if
statements increases the code's readability.
Noncompliant Code Example
if condition1: if condition2: # ...
Compliant Solution
if condition1 and condition2: # ...
Refactor this function to reduce its Cognitive Complexity from 54 to the 15 allowed. Open
def fastsync():
- Read upRead up
- Exclude checks
Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Functions with high Cognitive Complexity will be difficult to maintain.