Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 21,886 of 21,886 total issues

Avoid deeply nested control flow statements.
Open

        rescue ::StandardError => e
          print_status "Error when trying to create directory #{pathname.dirname}: #{e.message}"
          return false
Severity: Major
Found in lib/msf/ui/console/driver.rb - About 45 mins to fix

    Method read_channels has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

      def self.read_channels(client, request)
    dlog("read_channels: waiting for event")

    # Wait to see if there's any data available on channels.  If there
    # isn't, then we send a response immediately.  Otherwise, we check
    Severity: Minor
    Found in lib/msf/ui/web/comm.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method try_load_module has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

      def try_load_module(parent_path, reference_name, type, cached_metadata: nil)
    loaded = false
    # XXX borked
    loaders.each do |loader|
      next unless cached_metadata || loader.loadable_module?(parent_path, type, reference_name)
    Severity: Minor
    Found in lib/msf/core/module_manager/cache.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method load_cached_module has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

      def load_cached_module(type, reference_name, cache_type: Msf::ModuleManager::Cache::MEMORY)
    case cache_type
    when Msf::ModuleManager::Cache::FILESYSTEM
      cached_metadata = Msf::Modules::Metadata::Cache.instance.get_module_reference(type: type, reference_name: reference_name)
      return false unless cached_metadata
    Severity: Minor
    Found in lib/msf/core/module_manager/cache.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method rand_vars has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

        def self.rand_vars(opts = {})
      opts ||= {}
      opts[:cc] ||= 'US'
      opts[:st] ||= Faker::Address.state_abbr
      opts[:loc] ||= Faker::Address.city
    Severity: Minor
    Found in lib/msf/core/cert_provider.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method file_changed? has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

      def file_changed?(path)
    changed = false

    module_info = self.module_info_by_path[path]
    Severity: Minor
    Found in lib/msf/core/module_manager/loading.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method start_instance_connect_session has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

      def start_instance_connect_session
    # Configure AWS credentials
    credentials = if datastore['ACCESS_KEY_ID'] and datastore['SECRET_ACCESS_KEY']
      ::Aws::Credentials.new(datastore['ACCESS_KEY_ID'], datastore['SECRET_ACCESS_KEY'])
    else
    Severity: Minor
    Found in lib/msf/core/handler/bind_aws_instance_connect.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method setup_handler has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

      def setup_handler
    if !datastore['Proxies'].blank? && !datastore['ReverseAllowProxy']
      raise RuntimeError, "TCP connect-back payloads cannot be used with Proxies. Use 'set ReverseAllowProxy true' to override this behaviour."
    end
    Severity: Minor
    Found in lib/msf/core/handler/reverse_tcp_ssl.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method ssl_generate_certificate has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

        def self.ssl_generate_certificate(cert_vars: {}, ksize: 2048, **opts)
      yr      = 24*3600*365
      vf      = opts[:not_before] || Time.at(Time.now.to_i - rand(yr * 3) - yr)
      vt      = opts[:not_after]  || Time.at(vf.to_i + (rand(4..9) * yr))
      cvars   = self.rand_vars(cert_vars)
    Severity: Minor
    Found in lib/msf/core/cert_provider.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method search_for has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

      def search_for(key)
    k = find_key_case(key)
    return search_result(:user_defined, @user_defined[k]) if @user_defined.key?(k)

    option = @options.fetch(k) { @options.find { |option_name, _option| option_name.casecmp?(k) }&.last }
    Severity: Minor
    Found in lib/msf/core/data_store_with_fallbacks.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method ssm_read has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

        def ssm_read(length = nil, opts = {})
      maxw = opts[:timeout] ? opts[:timeout] : 30
      start = Time.now
      resp = @ssmclient.list_command_invocations(command_id: @cursor, instance_id: @peer_info['InstanceId'], details: true)
      while (resp.command_invocations.empty? or resp.command_invocations[0].status == 'InProgress') and
    Severity: Minor
    Found in lib/msf/core/handler/bind_aws_ssm.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method setup_handler has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

      def setup_handler
    if !datastore['Proxies'].blank? && !datastore['ReverseAllowProxy']
      raise RuntimeError, 'TCP connect-back payloads cannot be used with Proxies. Can be overridden by setting ReverseAllowProxy to true'
    end
    Severity: Minor
    Found in lib/msf/core/handler/reverse_tcp_double_ssl.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Method send_rpc_request has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
    Open

      def send_rpc_request(args)
    unless @cli
      @cli = Rex::Proto::Http::Client.new(info[:host], info[:port], info[:context], info[:ssl], info[:ssl_version])
      @cli.set_config(
        :vhost => info[:host],
    Severity: Minor
    Found in lib/msf/core/rpc/v10/client.rb - About 45 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Avoid deeply nested control flow statements.
    Open

              if(val.length == 16)
            raise RuntimeError, "IPv6 address specified for IPv4 payload."
          end
    Severity: Major
    Found in lib/msf/core/payload.rb - About 45 mins to fix

      Avoid deeply nested control flow statements.
      Open

              elsif (pack == 'RAW')
          # Just use the raw value...
        else
          # Check to see if the value is a hex string.  If so, convert
          # it.
      Severity: Major
      Found in lib/msf/core/payload.rb - About 45 mins to fix

        Method nmap_validate_rports has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
        Open

        def nmap_validate_rports
  # If there's an RPORT specified, use that instead.
  if datastore['RPORT'] && (datastore['RPORT'].kind_of?(Integer) || !datastore['RPORT'].empty?)
    return true
  end
        Severity: Minor
        Found in lib/msf/core/auxiliary/nmap.rb - About 45 mins to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Method get_broker_port has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
        Open

            def get_broker_port(broker_datas, rhost, default_broker_port: 10911)
      # Example of brokerData:
      # [{"brokerAddrs"=>{"0"=>"172.16.199.135:10911"}, "brokerName"=>"DESKTOP-8ATHH6O", "cluster"=>"DefaultCluster"}]

      if broker_datas['brokerDatas'].blank?
        Severity: Minor
        Found in lib/msf/core/auxiliary/rocketmq.rb - About 45 mins to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Method rpc_connect has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
        Open

          def rpc_connect(xopts)
    opts = fix_options(xopts)
    if not self.framework.db.driver and not opts[:driver]
      return { :result => 'failed' }
    end
        Severity: Minor
        Found in lib/msf/core/rpc/v10/rpc_db.rb - About 45 mins to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Method _valid_session has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
        Open

          def _valid_session(sid,type)

    s = self.framework.sessions[sid.to_i]

    if(not s)
        Severity: Minor
        Found in lib/msf/core/rpc/v10/rpc_session.rb - About 45 mins to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Method rpc_results has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
        Open

          def rpc_results(uuid)
    if (r = self.job_status_tracker.result(uuid))
      if r[:error]
        {"status" => "errored", "error" => r[:error]}
      else
        Severity: Minor
        Found in lib/msf/core/rpc/v10/rpc_module.rb - About 45 mins to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Severity
        Category
        Status
        Source
        Language