Sign upLogin

rapid7/ruby_smb

View on GitHub
Star

Showing 307 of 307 total issues

Method smb3_decrypt has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def smb3_decrypt(th)
        unless @server_encryption_key
          raise RubySMB::Error::EncryptionError.new('The encryption algorithm has not been set') if @encryption_algorithm.nil?

          key_bit_len = OpenSSL::Cipher.new(@encryption_algorithm).key_len * 8
Severity: Minor
Found in lib/ruby_smb/client/encryption.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method read has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def self.read(val)
      begin
        super(val)
      rescue IOError => e
        # $stderr.puts "#{e.class}: #{e.message}"
Severity: Minor
Found in lib/ruby_smb/generic_packet.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method bind has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def bind(options={})
      @call_id ||= 1
      bind_req = Bind.new(options)
      bind_req.pdu_header.call_id = @call_id
      auth_type = options.fetch(:auth_type) { RPC_C_AUTHN_WINNT }
Severity: Minor
Found in lib/ruby_smb/dcerpc.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method authenticate has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def authenticate
        if smb1
          if username.empty? && password.empty?
            smb1_anonymous_auth
          else
Severity: Minor
Found in lib/ruby_smb/client/authentication.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method handle_smb1 has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def handle_smb1(raw_request, header)
        session = @session_table[header.uid]

        if session.nil? && !(header.command == SMB1::Commands::SMB_COM_SESSION_SETUP_ANDX && header.uid == 0)
          response = SMB1::Packet::EmptyPacket.new
Severity: Minor
Found in lib/ruby_smb/server/server_client.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method do_read_smb2 has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

              def do_read_smb2(request)
                handle = @handles[request.file_id.to_binary_s]
                if handle.nil?
                  response = RubySMB::SMB2::Packet::ErrorPacket.new
                  response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_FILE_CLOSED
Severity: Minor
Found in lib/ruby_smb/server/share/provider/disk/processor/read.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method query_service_config has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def query_service_config(svc_handle)
        qsc_request = QueryServiceConfigWRequest.new
        qsc_request.h_service = svc_handle
        qsc_request.cb_buf_size = 0
        response = dcerpc_request(qsc_request)
Severity: Minor
Found in lib/ruby_smb/dcerpc/svcctl.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method results has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

          def results(klass, unicode:)
            information_classes = []
            blob = data_block.trans2_data.buffer.to_binary_s.dup
            until blob.empty?
              length = blob[0, 4].unpack('V').first
Severity: Minor
Found in lib/ruby_smb/smb1/packet/trans2/find_next2_response.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method add_static_file has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

          def add_static_file(path, content, stat: nil)
            path = VirtualPathname.cleanpath(path)
            path = File::SEPARATOR + path unless path.start_with?(File::SEPARATOR)
            raise ArgumentError.new('must be a file') if stat && !stat.file?
Severity: Minor
Found in lib/ruby_smb/server/share/provider/virtual_disk.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method smb3_encrypt has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def smb3_encrypt(data)
        unless @client_encryption_key
          raise RubySMB::Error::EncryptionError.new('The encryption algorithm has not been set') if @encryption_algorithm.nil?

          key_bit_len = OpenSSL::Cipher.new(@encryption_algorithm).key_len * 8
Severity: Minor
Found in lib/ruby_smb/client/encryption.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method process has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

          def process(request_buffer=nil)
            if request_buffer.nil?
              # this is only NTLMSSP (as opposed to SPNEGO + NTLMSSP)
              buffer = OpenSSL::ASN1::ASN1Data.new([
                Gss::OID_SPNEGO,
Severity: Minor
Found in lib/ruby_smb/gss/provider/ntlm.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method results has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

          def results(klass, unicode:)
            information_classes = []
            blob = data_block.trans2_data.buffer.to_binary_s.dup
            until blob.empty?
              length = blob[0, 4].unpack('V').first
Severity: Minor
Found in lib/ruby_smb/smb1/packet/trans2/find_first2_response.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method add_smb3_to_negotiate_request has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def add_smb3_to_negotiate_request(packet, dialects = SMB3_DIALECT_DEFAULT)
        dialects.each do |dialect|
          raise ArgumentError, 'Must be an array of strings' unless dialect.is_a? String
          packet.add_dialect(dialect.to_i(16))
        end
Severity: Minor
Found in lib/ruby_smb/client/negotiation.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method do_write has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def do_write(io)
      if is_a?(ConfPlugin) && should_process_max_count?
        io.writebytes([@max_count].pack('L<'))
      end
Severity: Minor
Found in lib/ruby_smb/dcerpc/ndr.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method ntlmv2_hash has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def ntlmv2_hash(user, password, target, opt={})
        if Net::NTLM.is_ntlm_hash? password
          decoded_password = Net::NTLM::EncodeUtil.decode_utf16le(password)
          ntlmhash = [decoded_password.upcase[33,65]].pack('H32')
        else
Severity: Minor
Found in lib/ruby_smb/ntlm.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method do_num_bytes has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

    def do_num_bytes(struct_offset = 0)
      sum = 0

      if is_a?(ConfPlugin) && should_process_max_count?
        sum += 4
Severity: Minor
Found in lib/ruby_smb/dcerpc/ndr.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method samr_get_alias_membership has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def samr_get_alias_membership(domain_handle:, sids:)
        sids = [sids] unless sids.is_a?(::Array)
        samr_get_alias_membership_request = SamrGetAliasMembershipRequest.new(
          domain_handle: domain_handle
        )
Severity: Minor
Found in lib/ruby_smb/dcerpc/samr.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method samr_lookup_names_in_domain has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
Open

      def samr_lookup_names_in_domain(domain_handle:, names:)
        raise ArgumentError.new('names may not be longer than 1000') if names.length > 1000

        samr_lookup_request = SamrLookupNamesInDomainRequest.new(
          domain_handle: domain_handle,
Severity: Minor
Found in lib/ruby_smb/dcerpc/samr.rb - About 25 mins to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Similar blocks of code found in 2 locations. Consider refactoring.
Open

          class DataBlock < RubySMB::SMB1::Packet::Trans2::DataBlock
            string :pad1, length: -> { pad1_length }
            string :trans2_parameters,  label: 'Trans2 Parameters'
            string :pad2,               length: -> { pad2_length }
            string :trans2_data,        label: 'Trans2 Data'
Severity: Minor
Found in lib/ruby_smb/smb1/packet/nt_trans/request.rb and 1 other location - About 25 mins to fix
lib/ruby_smb/smb1/packet/nt_trans/create_request.rb on lines 73..78

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 30.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Identical blocks of code found in 4 locations. Consider refactoring.
Open

client = RubySMB::Client.new(dispatcher, smb1: options[:smbv1], smb2: options[:smbv2], smb3: options[:smbv3], username: options[:username], password: options[:password], domain: options[:domain])
Severity: Minor
Found in examples/read_file.rb and 3 other locations - About 25 mins to fix
examples/pwsh_service.rb on lines 60..60
examples/registry_key_security_descriptor.rb on lines 86..86
examples/tree_connect.rb on lines 58..58

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 30.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Severity
Category
Status
Source
Language