Sign upLogin

rapid7/ruby_smb

View on GitHub
Star

Showing 173 of 310 total issues

Method _handle_smb2 has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring.
Open

      def _handle_smb2(raw_request)
        begin
          header = RubySMB::SMB2::SMB2Header.read(raw_request)
        rescue IOError => e
          logger.error("Caught a #{e.class} while reading the SMB2 header (#{e.message})")
Severity: Minor
Found in lib/ruby_smb/server/server_client.rb - About 2 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method do_negotiate_smb2 has 68 lines of code (exceeds 25 allowed). Consider refactoring.
Open

        def do_negotiate_smb2(request)
          client_dialects = request.dialects.map { |d| "0x%04x" % d }
          server_dialects = @server.dialects.select { |dialect| Dialect[dialect].order == Dialect::ORDER_SMB2 }
          dialect = (server_dialects & client_dialects).first
Severity: Major
Found in lib/ruby_smb/server/server_client/negotiation.rb - About 2 hrs to fix

    Method handle_smb2 has 65 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

          def handle_smb2(raw_request, header)
        session_required = !(header.command == SMB2::Commands::SESSION_SETUP && header.session_id == 0)

        if header.flags.related_operations == 0
          @smb2_related_operations_state.clear
    Severity: Major
    Found in lib/ruby_smb/server/server_client.rb - About 2 hrs to fix

      Method _open has 65 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

            def _open(filename:, flags: nil, options: nil, disposition: RubySMB::Dispositions::FILE_OPEN,
                impersonation: RubySMB::ImpersonationLevels::SEC_IMPERSONATE, read: true, write: false, delete: false)
        nt_create_andx_request = RubySMB::SMB1::Packet::NtCreateAndxRequest.new
        nt_create_andx_request = set_header_fields(nt_create_andx_request)
      Severity: Major
      Found in lib/ruby_smb/smb1/tree.rb - About 2 hrs to fix

        Method do_query_directory_smb2 has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring.
        Open

                      def do_query_directory_smb2(request)
                local_path = get_local_path(request.file_id)
                if local_path.nil?
                  response = RubySMB::SMB2::Packet::ErrorPacket.new
                  response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_FILE_CLOSED
        Severity: Minor
        Found in lib/ruby_smb/server/share/provider/disk/processor/query.rb - About 2 hrs to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Method build_fscc_file_information has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring.
        Open

                    def build_fscc_file_information(path, info_class, rename: nil)
              case info_class
              when Fscc::FileInformation::FILE_ACCESS_INFORMATION
                info = Fscc::FileInformation::FileAccessInformation.new
                # smb2_access_mask returns back either file or directory access mask depending on what path is,
        Severity: Minor
        Found in lib/ruby_smb/server/share/provider/disk/processor.rb - About 2 hrs to fix

        Cognitive Complexity

        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

        A method's cognitive complexity is based on a few simple rules:

        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
        • Code is considered more complex for each "break in the linear flow of the code"
        • Code is considered more complex when "flow breaking structures are nested"

        Further reading

        Method process_ntlm_type3 has 63 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

                  def process_ntlm_type3(type3_msg)
            if type3_msg.user == '' && type3_msg.domain == ''
              if @provider.allow_anonymous
                @session_key = "\x00".b * 16 # see MS-NLMP section 3.4
                return WindowsError::NTStatus::STATUS_SUCCESS
        Severity: Major
        Found in lib/ruby_smb/gss/provider/ntlm.rb - About 2 hrs to fix

          Method do_query_directory_smb2 has 62 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

                        def do_query_directory_smb2(request)
                local_path = get_local_path(request.file_id)
                if local_path.nil?
                  response = RubySMB::SMB2::Packet::ErrorPacket.new
                  response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_FILE_CLOSED
          Severity: Major
          Found in lib/ruby_smb/server/share/provider/disk/processor/query.rb - About 2 hrs to fix

            Method list has 62 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

                  def list(directory: '\\', pattern: '*', unicode: true,
               type: RubySMB::SMB1::Packet::Trans2::FindInformationLevel::FindFileFullDirectoryInfo)
        find_first_request = RubySMB::SMB1::Packet::Trans2::FindFirst2Request.new
        find_first_request = set_header_fields(find_first_request)
        find_first_request.smb_header.flags2.unicode  = 1 if unicode
            Severity: Major
            Found in lib/ruby_smb/smb1/tree.rb - About 2 hrs to fix

              Method list has a Cognitive Complexity of 18 (exceeds 5 allowed). Consider refactoring.
              Open

                    def list(directory: '\\', pattern: '*', unicode: true,
               type: RubySMB::SMB1::Packet::Trans2::FindInformationLevel::FindFileFullDirectoryInfo)
        find_first_request = RubySMB::SMB1::Packet::Trans2::FindFirst2Request.new
        find_first_request = set_header_fields(find_first_request)
        find_first_request.smb_header.flags2.unicode  = 1 if unicode
              Severity: Minor
              Found in lib/ruby_smb/smb1/tree.rb - About 2 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method decompress_chunk has a Cognitive Complexity of 18 (exceeds 5 allowed). Consider refactoring.
              Open

                    def self.decompress_chunk(chunk)
        out = ''
        until chunk.empty?
          flags = chunk[0].unpack1('C')
          chunk = chunk[1..-1]
              Severity: Minor
              Found in lib/ruby_smb/compression/lznt1.rb - About 2 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method do_negotiate_smb2 has a Cognitive Complexity of 18 (exceeds 5 allowed). Consider refactoring.
              Open

                      def do_negotiate_smb2(request)
          client_dialects = request.dialects.map { |d| "0x%04x" % d }
          server_dialects = @server.dialects.select { |dialect| Dialect[dialect].order == Dialect::ORDER_SMB2 }
          dialect = (server_dialects & client_dialects).first
              Severity: Minor
              Found in lib/ruby_smb/server/server_client/negotiation.rb - About 2 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method parse has a Cognitive Complexity of 18 (exceeds 5 allowed). Consider refactoring.
              Open

                    def self.parse(defaults: {}, &block)
        defaults = DEFAULT_OPTIONS.merge(defaults)
        options = defaults.clone
        OptionParser.new do |parser|
          parser.on("--share-name SHARE_NAME", "The share name (default: #{defaults[:share_name]})") do |share|
              Severity: Minor
              Found in lib/ruby_smb/server/cli.rb - About 2 hrs to fix

              Cognitive Complexity

              Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

              A method's cognitive complexity is based on a few simple rules:

              • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
              • Code is considered more complex for each "break in the linear flow of the code"
              • Code is considered more complex when "flow breaking structures are nested"

              Further reading

              Method handle_smb has 60 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                    def handle_smb(raw_request)
        response = nil

        case raw_request[0...4].unpack1('L>')
        when RubySMB::SMB1::SMB_PROTOCOL_ID
              Severity: Major
              Found in lib/ruby_smb/server/server_client.rb - About 2 hrs to fix

                Class VirtualPathname has 22 methods (exceeds 20 allowed). Consider refactoring.
                Open

                          class VirtualPathname
            SEPARATOR = File::SEPARATOR
            # see: https://ruby-doc.org/stdlib-3.1.1/libdoc/pathname/rdoc/Pathname.html
            STAT_METHODS = %i[
              atime
                Severity: Minor
                Found in lib/ruby_smb/server/share/provider/virtual_disk/virtual_pathname.rb - About 2 hrs to fix

                  Class Client has 22 methods (exceeds 20 allowed). Consider refactoring.
                  Open

                    class Client
    # This module holds all the backend client methods for authentication.
    module Authentication
      include RubySMB::PeerInfo
                  Severity: Minor
                  Found in lib/ruby_smb/client/authentication.rb - About 2 hrs to fix

                    Method do_session_setup_smb2 has a Cognitive Complexity of 17 (exceeds 5 allowed). Consider refactoring.
                    Open

                            def do_session_setup_smb2(request, session)
          @smb2_related_operations_state.delete(:session_id)

          session_id = request.smb2_header.session_id
          if session_id == 0
                    Severity: Minor
                    Found in lib/ruby_smb/server/server_client/session_setup.rb - About 2 hrs to fix

                    Cognitive Complexity

                    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                    A method's cognitive complexity is based on a few simple rules:

                    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                    • Code is considered more complex for each "break in the linear flow of the code"
                    • Code is considered more complex when "flow breaking structures are nested"

                    Further reading

                    Method dcerpc_request has 55 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                          def dcerpc_request(stub_packet, options={})
        options.merge!(endpoint: stub_packet.class.name.split('::').at(-2))
        dcerpc_request = RubySMB::Dcerpc::Request.new({ opnum: stub_packet.opnum }, options)
        dcerpc_request.stub.read(stub_packet.to_binary_s)
        if options[:auth_level] &&
                    Severity: Major
                    Found in lib/ruby_smb/smb1/pipe.rb - About 2 hrs to fix

                      Method parse_negotiate_response has 53 lines of code (exceeds 25 allowed). Consider refactoring.
                      Open

                            def parse_negotiate_response(packet)
        case packet
        when RubySMB::SMB1::Packet::NegotiateResponseExtended
          self.smb1 = true
          self.smb2 = false
                      Severity: Major
                      Found in lib/ruby_smb/client/negotiation.rb - About 2 hrs to fix

                        Method transaction2_smb1_query_information has a Cognitive Complexity of 16 (exceeds 5 allowed). Consider refactoring.
                        Open

                                      def transaction2_smb1_query_information(request, response, local_path)
                unless local_path&.exist?
                  response = SMB1::Packet::EmptyPacket.new
                  response.smb_header.nt_status = WindowsError::NTStatus::STATUS_NO_SUCH_FILE
                  return response
                        Severity: Minor
                        Found in lib/ruby_smb/server/share/provider/disk/processor/query.rb - About 2 hrs to fix

                        Cognitive Complexity

                        Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                        A method's cognitive complexity is based on a few simple rules:

                        • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                        • Code is considered more complex for each "break in the linear flow of the code"
                        • Code is considered more complex when "flow breaking structures are nested"

                        Further reading

                        Severity
                        Category
                        Status
                        Source
                        Language