justintimperio / xen-guest-tools Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
xen-guest-tools's People
Contributors
Watchers
Forkers
gitter-badgerxen-guest-tools's Issues
Current Security Issues
Security Issue Summary:
Found 0 High Risk Issues
Found 6 Medium Risk Issues
Found 17 Low Risk Issues
=============================================
= Medium Security Risk Issues =
=============================================
----------------------------------
File: /go-source/syslog/syslog.go
----------------------------------
Line Number: 28
Confidence: HIGH
Description: Subprocess launched with variable
Code: "exec.Command("logger", "-t", topic, "-p", priority)"
GOSec Rule: G204
--------------------------------------------
File: /go-source/xenstoreclient/xenstore.go
--------------------------------------------
Line Number: 198
Confidence: HIGH
Description: Expect file permissions to be 0600 or less
Code: "os.OpenFile(devPath, os.O_RDWR, 0666)"
GOSec Rule: G302
--------------------------------------------------
File: /go-source/guestmetric/guestmetric_linux.go
--------------------------------------------------
Line Number: 211
Confidence: HIGH
Description: Expect file permissions to be 0600 or less
Code: "os.OpenFile(filename, os.O_RDONLY, 0666)"
GOSec Rule: G302
Line Number: 61
Confidence: HIGH
Description: Expect file permissions to be 0600 or less
Code: "os.OpenFile("/proc/meminfo", os.O_RDONLY, 0666)"
GOSec Rule: G302
Line Number: 25
Confidence: HIGH
Description: Expect file permissions to be 0600 or less
Code: "os.OpenFile("/var/cache/xe-linux-distribution", os.O_RDONLY, 0666)"
GOSec Rule: G302
--------------------------------------------
File: /go-source/guestmetric/guestmetric.go
--------------------------------------------
Line Number: 21
Confidence: HIGH
Description: Subprocess launched with variable
Code: "exec.Command(name, args...)"
GOSec Rule: G204
=============================================
= Low Security Risk Issues =
=============================================
--------------------------------------------
File: /go-source/xenstoreclient/xenstore.go
--------------------------------------------
Line Number: 409
Confidence: HIGH
Description: Errors unhandled.
Code: "xs.Close()"
GOSec Rule: G104
Line Number: 427
Confidence: HIGH
Description: Errors unhandled.
Code: "xsdata.Packet.Write(&b)"
GOSec Rule: G104
Line Number: 440
Confidence: HIGH
Description: Errors unhandled.
Code: "xs.StopWatch()"
GOSec Rule: G104
--------------------------------------
File: /go-source/xenstore/xenstore.go
--------------------------------------
Line Number: 138
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteString("\\r")"
GOSec Rule: G104
Line Number: 140
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteString("\\\\")"
GOSec Rule: G104
Line Number: 142
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteString(fmt.Sprintf("%03o", r))"
GOSec Rule: G104
Line Number: 144
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteString(fmt.Sprintf("x%02x", r))"
GOSec Rule: G104
Line Number: 316
Confidence: HIGH
Description: Errors unhandled.
Code: "xs.StopWatch()"
GOSec Rule: G104
Line Number: 136
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteString("\\n")"
GOSec Rule: G104
Line Number: 134
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteString("\\t")"
GOSec Rule: G104
Line Number: 132
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteRune(r)"
GOSec Rule: G104
----------------------------------
File: /go-source/system/system.go
----------------------------------
Line Number: 38
Confidence: HIGH
Description: Use of unsafe calls should be audited
Code: "unsafe.Pointer(new_value)"
GOSec Rule: G103
Line Number: 74
Confidence: HIGH
Description: Errors unhandled.
Code: "syscall.Close(fd)"
GOSec Rule: G104
Line Number: 39
Confidence: HIGH
Description: Use of unsafe calls should be audited
Code: "unsafe.Pointer(old_value)"
GOSec Rule: G103
----------------------------------------
File: /go-source/xe-daemon/xe-daemon.go
----------------------------------------
Line Number: 143
Confidence: HIGH
Description: Errors unhandled.
Code: "xs.Write("data/updated", time.Now().Format("Mon Jan _2 15:04:05 2006"))"
GOSec Rule: G104
----------------------------------
File: /go-source/syslog/syslog.go
----------------------------------
Line Number: 49
Confidence: HIGH
Description: Errors unhandled.
Code: "s.stdin.Close()"
GOSec Rule: G104
Line Number: 50
Confidence: HIGH
Description: Errors unhandled.
Code: "s.cmd.Process.Signal(os.Interrupt)"
GOSec Rule: G104
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.