justintimperio / xen-guest-tools Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
License: MIT License
Security Issue Summary:
Found 0 High Risk Issues
Found 6 Medium Risk Issues
Found 17 Low Risk Issues
=============================================
= Medium Security Risk Issues =
=============================================
----------------------------------
File: /go-source/syslog/syslog.go
----------------------------------
Line Number: 28
Confidence: HIGH
Description: Subprocess launched with variable
Code: "exec.Command("logger", "-t", topic, "-p", priority)"
GOSec Rule: G204
--------------------------------------------
File: /go-source/xenstoreclient/xenstore.go
--------------------------------------------
Line Number: 198
Confidence: HIGH
Description: Expect file permissions to be 0600 or less
Code: "os.OpenFile(devPath, os.O_RDWR, 0666)"
GOSec Rule: G302
--------------------------------------------------
File: /go-source/guestmetric/guestmetric_linux.go
--------------------------------------------------
Line Number: 211
Confidence: HIGH
Description: Expect file permissions to be 0600 or less
Code: "os.OpenFile(filename, os.O_RDONLY, 0666)"
GOSec Rule: G302
Line Number: 61
Confidence: HIGH
Description: Expect file permissions to be 0600 or less
Code: "os.OpenFile("/proc/meminfo", os.O_RDONLY, 0666)"
GOSec Rule: G302
Line Number: 25
Confidence: HIGH
Description: Expect file permissions to be 0600 or less
Code: "os.OpenFile("/var/cache/xe-linux-distribution", os.O_RDONLY, 0666)"
GOSec Rule: G302
--------------------------------------------
File: /go-source/guestmetric/guestmetric.go
--------------------------------------------
Line Number: 21
Confidence: HIGH
Description: Subprocess launched with variable
Code: "exec.Command(name, args...)"
GOSec Rule: G204
=============================================
= Low Security Risk Issues =
=============================================
--------------------------------------------
File: /go-source/xenstoreclient/xenstore.go
--------------------------------------------
Line Number: 409
Confidence: HIGH
Description: Errors unhandled.
Code: "xs.Close()"
GOSec Rule: G104
Line Number: 427
Confidence: HIGH
Description: Errors unhandled.
Code: "xsdata.Packet.Write(&b)"
GOSec Rule: G104
Line Number: 440
Confidence: HIGH
Description: Errors unhandled.
Code: "xs.StopWatch()"
GOSec Rule: G104
--------------------------------------
File: /go-source/xenstore/xenstore.go
--------------------------------------
Line Number: 138
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteString("\\r")"
GOSec Rule: G104
Line Number: 140
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteString("\\\\")"
GOSec Rule: G104
Line Number: 142
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteString(fmt.Sprintf("%03o", r))"
GOSec Rule: G104
Line Number: 144
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteString(fmt.Sprintf("x%02x", r))"
GOSec Rule: G104
Line Number: 316
Confidence: HIGH
Description: Errors unhandled.
Code: "xs.StopWatch()"
GOSec Rule: G104
Line Number: 136
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteString("\\n")"
GOSec Rule: G104
Line Number: 134
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteString("\\t")"
GOSec Rule: G104
Line Number: 132
Confidence: HIGH
Description: Errors unhandled.
Code: "builder.WriteRune(r)"
GOSec Rule: G104
----------------------------------
File: /go-source/system/system.go
----------------------------------
Line Number: 38
Confidence: HIGH
Description: Use of unsafe calls should be audited
Code: "unsafe.Pointer(new_value)"
GOSec Rule: G103
Line Number: 74
Confidence: HIGH
Description: Errors unhandled.
Code: "syscall.Close(fd)"
GOSec Rule: G104
Line Number: 39
Confidence: HIGH
Description: Use of unsafe calls should be audited
Code: "unsafe.Pointer(old_value)"
GOSec Rule: G103
----------------------------------------
File: /go-source/xe-daemon/xe-daemon.go
----------------------------------------
Line Number: 143
Confidence: HIGH
Description: Errors unhandled.
Code: "xs.Write("data/updated", time.Now().Format("Mon Jan _2 15:04:05 2006"))"
GOSec Rule: G104
----------------------------------
File: /go-source/syslog/syslog.go
----------------------------------
Line Number: 49
Confidence: HIGH
Description: Errors unhandled.
Code: "s.stdin.Close()"
GOSec Rule: G104
Line Number: 50
Confidence: HIGH
Description: Errors unhandled.
Code: "s.cmd.Process.Signal(os.Interrupt)"
GOSec Rule: G104
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.