rapid7/metasploit-framework

View on GitHub
data/exploits/CVE-2021-3156/nss_generic2.py

Summary

Maintainability
B
4 hrs
Test Coverage

Function get_service_user_idx has a Cognitive Complexity of 12 (exceeds 5 allowed). Consider refactoring.
Open

def get_service_user_idx():
    '''Parse /etc/nsswitch.conf to find a group entry index
    '''
    idx = 0
    found = False
Severity: Minor
Found in data/exploits/CVE-2021-3156/nss_generic2.py - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function check_nscd_condition has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
Open

def check_nscd_condition():
    if not os.path.exists('/var/run/nscd/socket'):
        return True # no socket. no service
    
    # try connect
Severity: Minor
Found in data/exploits/CVE-2021-3156/nss_generic2.py - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Function get_extra_chunk_count has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
Open

def get_extra_chunk_count(target_chunk_size):
    # service_user are allocated by calling getpwuid()
    # so we don't care allocation of chunk size 0x40 after getpwuid()
    # there are many string that size can be varied
    # here is the most common
Severity: Minor
Found in data/exploits/CVE-2021-3156/nss_generic2.py - About 1 hr to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Avoid too many return statements within this function.
Open

    return True
Severity: Major
Found in data/exploits/CVE-2021-3156/nss_generic2.py - About 30 mins to fix

    There are no issues that match your filters.

    Category
    Status