Sign upLogin

rapid7/ruby_smb

View on GitHub
Star

Showing 299 of 299 total issues

File winreg.rb has 295 lines of code (exceeds 250 allowed). Consider refactoring.
Open

module RubySMB
  module Dcerpc
    module Winreg

      UUID = '338CD001-2244-31F1-AAAA-900038001003'
Severity: Minor
Found in lib/ruby_smb/dcerpc/winreg.rb - About 3 hrs to fix

    Method do_create_smb2 has 76 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

                  def do_create_smb2(request)
                unless request.create_disposition == RubySMB::Dispositions::FILE_OPEN
                  logger.warn("Can not handle CREATE request for disposition: #{request.create_disposition}")
                  raise NotImplementedError
                end
    Severity: Major
    Found in lib/ruby_smb/server/share/provider/disk/processor/create.rb - About 3 hrs to fix

      Method ioctl_send_recv has a Cognitive Complexity of 21 (exceeds 5 allowed). Consider refactoring.
      Open

            def ioctl_send_recv(action, options={})
        request = set_header_fields(RubySMB::SMB2::Packet::IoctlRequest.new(options))
        request.ctl_code = 0x0011C017
        request.flags.is_fsctl = 0x00000001
        # TODO: handle fragmentation when the request size > MAX_XMIT_FRAG
      Severity: Minor
      Found in lib/ruby_smb/smb2/pipe.rb - About 2 hrs to fix

      Cognitive Complexity

      Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

      A method's cognitive complexity is based on a few simple rules:

      • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
      • Code is considered more complex for each "break in the linear flow of the code"
      • Code is considered more complex when "flow breaking structures are nested"

      Further reading

      File svcctl.rb has 287 lines of code (exceeds 250 allowed). Consider refactoring.
      Open

      module RubySMB
  module Dcerpc
    module Svcctl

      UUID = '367abb81-9844-35f1-ad32-98f038001003'
      Severity: Minor
      Found in lib/ruby_smb/dcerpc/svcctl.rb - About 2 hrs to fix

        Method build_fscc_file_information has 72 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

                    def build_fscc_file_information(path, info_class, rename: nil)
              case info_class
              when Fscc::FileInformation::FILE_ACCESS_INFORMATION
                info = Fscc::FileInformation::FileAccessInformation.new
                # smb2_access_mask returns back either file or directory access mask depending on what path is,
        Severity: Major
        Found in lib/ruby_smb/server/share/provider/disk/processor.rb - About 2 hrs to fix

          Similar blocks of code found in 2 locations. Consider refactoring.
          Open

            module SMB1
    module Packet
      module Trans2
        # The Trans2 Parameter Block for this particular Subcommand
        class QueryPathInformationResponseTrans2Parameters < BinData::Record
          Severity: Major
          Found in lib/ruby_smb/smb1/packet/trans2/query_path_information_response.rb and 1 other location - About 2 hrs to fix
          lib/ruby_smb/smb1/packet/trans2/query_file_information_response.rb on lines 2..53

          Duplicated Code

          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

          Tuning

          This issue has a mass of 103.

          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

          Refactorings

          Further Reading

          Similar blocks of code found in 2 locations. Consider refactoring.
          Open

            module SMB1
    module Packet
      module Trans2
        # The Trans2 Parameter Block for this particular Subcommand
        class QueryFileInformationResponseTrans2Parameters < BinData::Record
          Severity: Major
          Found in lib/ruby_smb/smb1/packet/trans2/query_file_information_response.rb and 1 other location - About 2 hrs to fix
          lib/ruby_smb/smb1/packet/trans2/query_path_information_response.rb on lines 2..53

          Duplicated Code

          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

          Tuning

          This issue has a mass of 103.

          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

          Refactorings

          Further Reading

          Identical blocks of code found in 2 locations. Consider refactoring.
          Open

                def initialize(tree:, response:, name:)
        raise ArgumentError, 'No Name Provided' if name.nil?
        case name
        when 'netlogon', '\\netlogon'
          extend RubySMB::Dcerpc::Netlogon
          Severity: Major
          Found in lib/ruby_smb/smb2/pipe.rb and 1 other location - About 2 hrs to fix
          lib/ruby_smb/smb1/pipe.rb on lines 16..40

          Duplicated Code

          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

          Tuning

          This issue has a mass of 101.

          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

          Refactorings

          Further Reading

          Identical blocks of code found in 2 locations. Consider refactoring.
          Open

                def initialize(tree:, response:, name:)
        raise ArgumentError, 'No Name Provided' if name.nil?
        case name
        when 'netlogon', '\\netlogon'
          extend RubySMB::Dcerpc::Netlogon
          Severity: Major
          Found in lib/ruby_smb/smb1/pipe.rb and 1 other location - About 2 hrs to fix
          lib/ruby_smb/smb2/pipe.rb on lines 13..37

          Duplicated Code

          Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

          Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

          When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

          Tuning

          This issue has a mass of 101.

          We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

          The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

          If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

          See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

          Refactorings

          Further Reading

          Method _handle_smb2 has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring.
          Open

                def _handle_smb2(raw_request)
        begin
          header = RubySMB::SMB2::SMB2Header.read(raw_request)
        rescue IOError => e
          logger.error("Caught a #{e.class} while reading the SMB2 header (#{e.message})")
          Severity: Minor
          Found in lib/ruby_smb/server/server_client.rb - About 2 hrs to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Method recv_packet has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring.
          Open

                def recv_packet(full_response: false)
        raise RubySMB::Error::CommunicationError, 'Connection has already been closed' if @tcp_socket.closed?
        if IO.select([@tcp_socket], nil, nil, @read_timeout).nil?
          raise RubySMB::Error::CommunicationError, "Read timeout expired when reading from the Socket (timeout=#{@read_timeout})"
        end
          Severity: Minor
          Found in lib/ruby_smb/dispatcher/socket.rb - About 2 hrs to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Method do_negotiate_smb2 has 68 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

                  def do_negotiate_smb2(request)
          client_dialects = request.dialects.map { |d| "0x%04x" % d }
          server_dialects = @server.dialects.select { |dialect| Dialect[dialect].order == Dialect::ORDER_SMB2 }
          dialect = (server_dialects & client_dialects).first
          Severity: Major
          Found in lib/ruby_smb/server/server_client/negotiation.rb - About 2 hrs to fix

            Similar blocks of code found in 2 locations. Consider refactoring.
            Open

                    class FindNext2Response < RubySMB::GenericPacket
          COMMAND = RubySMB::SMB1::Commands::SMB_COM_TRANSACTION2

          class ParameterBlock < RubySMB::SMB1::Packet::Trans2::Response::ParameterBlock
          end
            Severity: Major
            Found in lib/ruby_smb/smb1/packet/trans2/find_next2_response.rb and 1 other location - About 2 hrs to fix
            lib/ruby_smb/smb1/packet/trans2/find_first2_response.rb on lines 43..86

            Duplicated Code

            Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

            Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

            When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

            Tuning

            This issue has a mass of 97.

            We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

            The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

            If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

            See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

            Refactorings

            Further Reading

            Similar blocks of code found in 2 locations. Consider refactoring.
            Open

                    class FindFirst2Response < RubySMB::GenericPacket
          COMMAND = RubySMB::SMB1::Commands::SMB_COM_TRANSACTION2

          class ParameterBlock < RubySMB::SMB1::Packet::Trans2::Response::ParameterBlock
          end
            Severity: Major
            Found in lib/ruby_smb/smb1/packet/trans2/find_first2_response.rb and 1 other location - About 2 hrs to fix
            lib/ruby_smb/smb1/packet/trans2/find_next2_response.rb on lines 42..85

            Duplicated Code

            Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

            Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

            When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

            Tuning

            This issue has a mass of 97.

            We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

            The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

            If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

            See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

            Refactorings

            Further Reading

            Method process_ntlm_type3 has 66 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

                      def process_ntlm_type3(type3_msg)
            if type3_msg.user == '' && type3_msg.domain == ''
              if @provider.allow_anonymous
                @session_key = "\x00".b * 16 # see MS-NLMP section 3.4
                return WindowsError::NTStatus::STATUS_SUCCESS
            Severity: Major
            Found in lib/ruby_smb/gss/provider/ntlm.rb - About 2 hrs to fix

              Similar blocks of code found in 2 locations. Consider refactoring.
              Open

                  module BitField
      # The bit-field for SMB1 Extended File Attributes as defined in
      # [2.2.1.2.3 SMB_EXT_FILE_ATTR](https://msdn.microsoft.com/en-us/library/ee878573.aspx) and
      # [2.2.1.2.1 Extended File Attribute (SMB_EXT_FILE_ATTR) Extensions](https://msdn.microsoft.com/en-us/library/cc246322.aspx)
      class SmbExtFileAttributes < BinData::Record
              Severity: Major
              Found in lib/ruby_smb/smb1/bit_field/smb_ext_file_attributes.rb and 1 other location - About 2 hrs to fix
              lib/ruby_smb/fscc/file_attributes.rb on lines 2..27

              Duplicated Code

              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

              Tuning

              This issue has a mass of 96.

              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

              Refactorings

              Further Reading

              Similar blocks of code found in 2 locations. Consider refactoring.
              Open

                module Fscc
    # The bit-field for File System Control Code File Attributes as defined in
    # [2.6 File Attributes](https://msdn.microsoft.com/en-us/library/cc232110.aspx)
    class FileAttributes < BinData::Record
      endian :little
              Severity: Major
              Found in lib/ruby_smb/fscc/file_attributes.rb and 1 other location - About 2 hrs to fix
              lib/ruby_smb/smb1/bit_field/smb_ext_file_attributes.rb on lines 3..29

              Duplicated Code

              Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

              Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

              When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

              Tuning

              This issue has a mass of 96.

              We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

              The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

              If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

              See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

              Refactorings

              Further Reading

              Method _open has 65 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                    def _open(filename:, flags: nil, options: nil, disposition: RubySMB::Dispositions::FILE_OPEN,
                impersonation: RubySMB::ImpersonationLevels::SEC_IMPERSONATE, read: true, write: false, delete: false)
        nt_create_andx_request = RubySMB::SMB1::Packet::NtCreateAndxRequest.new
        nt_create_andx_request = set_header_fields(nt_create_andx_request)
              Severity: Major
              Found in lib/ruby_smb/smb1/tree.rb - About 2 hrs to fix

                Method handle_smb2 has 65 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                      def handle_smb2(raw_request, header)
        session_required = !(header.command == SMB2::Commands::SESSION_SETUP && header.session_id == 0)

        if header.flags.related_operations == 0
          @smb2_related_operations_state.clear
                Severity: Major
                Found in lib/ruby_smb/server/server_client.rb - About 2 hrs to fix

                  Method build_fscc_file_information has a Cognitive Complexity of 19 (exceeds 5 allowed). Consider refactoring.
                  Open

                              def build_fscc_file_information(path, info_class, rename: nil)
              case info_class
              when Fscc::FileInformation::FILE_ACCESS_INFORMATION
                info = Fscc::FileInformation::FileAccessInformation.new
                # smb2_access_mask returns back either file or directory access mask depending on what path is,
                  Severity: Minor
                  Found in lib/ruby_smb/server/share/provider/disk/processor.rb - About 2 hrs to fix

                  Cognitive Complexity

                  Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                  A method's cognitive complexity is based on a few simple rules:

                  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                  • Code is considered more complex for each "break in the linear flow of the code"
                  • Code is considered more complex when "flow breaking structures are nested"

                  Further reading

                  Severity
                  Category
                  Status
                  Source
                  Language