Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save christo4ferris/49dc94fdc91c0984734ce80ce6af7de3 to your computer and use it in GitHub Desktop.
Save christo4ferris/49dc94fdc91c0984734ce80ce6af7de3 to your computer and use it in GitHub Desktop.
gas security scan of hyperledger/fabric v1.0.0-alpha2
Results:
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/pkcs11/aeskey.go:44] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> hash.Write([]byte{0x01})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/pkcs11/aeskey.go:45] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> hash.Write(k.privKey)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/pkcs11/fileks.go:377] - Expect directory permissions to be 0700 or less (Confidence: HIGH, Severity: MEDIUM)
> os.MkdirAll(ksPath, 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/pkcs11/impl.go:172] - RSA keys should be at least 2048 bits (Confidence: HIGH, Severity: MEDIUM)
> rsa.GenerateKey(rand.Reader, 1024)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/pkcs11/rsakey.go:56] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> raw, _ := asn1.Marshal(rsaPublicKeyASN{
N: k.privKey.N,
E: k.privKey.E,
})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/pkcs11/rsakey.go:63] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> hash.Write(raw)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/pkcs11/rsakey.go:109] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> raw, _ := asn1.Marshal(rsaPublicKeyASN{
N: k.pubKey.N,
E: k.pubKey.E,
})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/pkcs11/rsakey.go:116] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> hash.Write(raw)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/sw/aeskey.go:44] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> hash.Write([]byte{0x01})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/sw/aeskey.go:45] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> hash.Write(k.privKey)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/sw/ecdsakey.go:53] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> hash.Write(raw)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/sw/ecdsakey.go:100] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> hash.Write(raw)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/sw/fileks.go:413] - Expect directory permissions to be 0700 or less (Confidence: HIGH, Severity: MEDIUM)
> os.MkdirAll(ksPath, 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/sw/hash.go:31] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> h.Write(msg)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/sw/rsakey.go:56] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> raw, _ := asn1.Marshal(rsaPublicKeyASN{
N: k.privKey.N,
E: k.privKey.E,
})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/sw/rsakey.go:63] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> hash.Write(raw)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/sw/rsakey.go:109] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> raw, _ := asn1.Marshal(rsaPublicKeyASN{
N: k.pubKey.N,
E: k.pubKey.E,
})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bccsp/sw/rsakey.go:116] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> hash.Write(raw)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bddtests/compose.go:113] - Subprocess launching with variable. (Confidence: HIGH, Severity: HIGH)
> exec.Command(dockerComposeCommand, cmdArgs...)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bddtests/docker.go:53] - Subprocess launching with variable. (Confidence: HIGH, Severity: HIGH)
> exec.Command("docker", cmdArgs...)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bddtests/docker.go:95] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> _, _ = d.issueDockerCommand([]string{"rm", "-f", id})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bddtests/regression/go/ote/ote.go:153] - Expect file permissions to be 0600 or less (Confidence: HIGH, Severity: MEDIUM)
> os.OpenFile(fileName+"-"+res+".log", os.O_RDWR|os.O_CREATE|os.O_APPEND, 0666)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bddtests/regression/go/ote/ote.go:174] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> logFile.Close()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/bddtests/regression/go/ote/ote.go:347] - Subprocess launching with variable. (Confidence: HIGH, Severity: HIGH)
> exec.Command("/bin/sh", "-c", cmd)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/configtx/tool/configtxgen/main.go:327] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> factory.InitFactories(nil)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/configtx/tool/localconfig/config.go:52] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> flogging.SetModuleLevel(pkgLogID, "error")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/configtx/tool/localconfig/config.go:169] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> cf.InitViper(config, configName)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/configtx/tool/provisional/provisional.go:47] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> flogging.SetModuleLevel(pkgLogID, "info")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/errors/errors.go:176] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> re, _ := regexp.Compile(regExp)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/genesis/genesis.go:64] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> utils.SetTxID(payloadChannelHeader, payloadSignatureHeader)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/ledger/blkstorage/fsblkstorage/blockfile_rw.go:40] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> w.file.Truncate(int64(targetSize))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/ledger/blkstorage/fsblkstorage/blockfile_rw.go:57] - Expect file permissions to be 0600 or less (Confidence: HIGH, Severity: MEDIUM)
> os.OpenFile(w.filePath, os.O_RDWR|os.O_APPEND|os.O_CREATE, 0660)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/ledger/util/ioutil.go:39] - Expect directory permissions to be 0700 or less (Confidence: HIGH, Severity: MEDIUM)
> os.MkdirAll(path.Dir(dirPath), 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/mocks/msp/noopmsp.go:45] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> id, _ := newNoopSigningIdentity()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/mocks/msp/noopmsp.go:50] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> id, _ := newNoopSigningIdentity()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/mocks/msp/noopmsp.go:65] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> id, _ := newNoopIdentity()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/tools/cryptogen/ca/generator.go:48] - Expect directory permissions to be 0700 or less (Confidence: HIGH, Severity: MEDIUM)
> os.MkdirAll(baseDir, 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/tools/cryptogen/ca/generator.go:125] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> serialNumber, _ := rand.Int(rand.Reader, serialNumberLimit)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/tools/cryptogen/ca/generator.go:158] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> certFile.Close()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/tools/cryptogen/main.go:260] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> renderOrgSpec(&orgSpec, "orderer")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/tools/cryptogen/main.go:441] - Expect directory permissions to be 0700 or less (Confidence: HIGH, Severity: MEDIUM)
> os.MkdirAll(adminCertsDir, 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/tools/cryptogen/msp/generator.go:43] - Expect directory permissions to be 0700 or less (Confidence: HIGH, Severity: MEDIUM)
> os.MkdirAll(tlsDir, 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/common/tools/cryptogen/msp/generator.go:125] - Expect directory permissions to be 0700 or less (Confidence: HIGH, Severity: MEDIUM)
> os.MkdirAll(folder, 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/admin.go:63] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> os.Remove(pidFile)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/car/platform.go:59] - SQL string concatenation (Confidence: HIGH, Severity: MEDIUM)
> "FROM "+cutil.GetDockerfileFromConfig("chaincode.car.runtime")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/car/platform.go:76] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> tw.Close()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/car/platform.go:77] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> output.CloseWithError(err)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/golang/package.go:80] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> os.Mkdir(newgopath, 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/golang/package.go:80] - Expect directory permissions to be 0700 or less (Confidence: HIGH, Severity: MEDIUM)
> os.Mkdir(newgopath, 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/golang/package.go:102] - Subprocess launching with variable. (Confidence: HIGH, Severity: HIGH)
> exec.Command("go", "get", path)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/golang/package.go:191] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> os.RemoveAll(codegopath)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/golang/platform.go:191] - SQL string concatenation (Confidence: HIGH, Severity: MEDIUM)
> "FROM "+cutil.GetDockerfileFromConfig("chaincode.golang.runtime")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/java/hash.go:49] - Subprocess launching with variable. (Confidence: HIGH, Severity: HIGH)
> exec.Command("git", "clone", path, codegopath)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/java/hash.go:81] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> os.RemoveAll(codepath)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/platforms.go:221] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> tw.Close()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/platforms.go:222] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> gw.Close()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/chaincode/platforms/platforms.go:223] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> output.CloseWithError(err)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/comm/testdata/certs/generate.go:90] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> pem.Encode(keyFile, &pem.Block{Type: "EC PRIVATE KEY", Bytes: keyBytes})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/comm/testdata/certs/generate.go:91] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> keyFile.Close()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/comm/testdata/certs/generate.go:111] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> pem.Encode(certFile, &pem.Block{Type: "CERTIFICATE", Bytes: certBytes})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/comm/testdata/certs/generate.go:112] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> certFile.Close()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/common/ccprovider/ccprovider.go:78] - Expect directory permissions to be 0700 or less (Confidence: HIGH, Severity: MEDIUM)
> os.Mkdir(path, 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/container/dockercontroller/dockercontroller.go:180] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> vm.stopInternal(ctxt, client, containerID, 0, false, false)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/container/dockercontroller/dockercontroller.go:236] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> _ = w.CloseWithError(err)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/container/util/writer.go:167] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> tw.WriteHeader(&tar.Header{Name: name, Size: int64(len(payload)), ModTime: zeroTime, AccessTime: zeroTime, ChangeTime: zeroTime})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/container/util/writer.go:168] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> tw.Write(payload)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/deliverservice/blocksprovider/blocksprovider.go:151] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> b.gossip.AddPayload(b.chainID, payload)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/deliverservice/mocks/blocksprovider.go:109] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> payload, _ := utils.GetPayload(env)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/deliverservice/mocks/blocksprovider.go:112] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> proto.Unmarshal(payload.Data, seekInfo)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/deliverservice/mocks/orderer.go:62] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> o.Listener.Close()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/deliverservice/mocks/orderer.go:83] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> proto.Unmarshal(envlp.Payload, payload)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/deliverservice/mocks/orderer.go:85] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> proto.Unmarshal(payload.Data, seekInfo)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/deliverservice/mocks/orderer.go:105] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> stream.Send(&orderer.DeliverResponse{
Type: &orderer.DeliverResponse_Block{Block: block},
})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/example/app.go:51] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> txSimulator.SetState(app.name, accountID, toBytes(bal))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/example/app.go:85] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> txSimulator.SetState(app.name, fromAccount, toBytes(balFrom-transferAmt))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/example/app.go:86] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> txSimulator.SetState(app.name, toAccount, toBytes(balTo+transferAmt))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/example/app.go:123] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> txEnv, _, _ := ptestutils.ConstructSingedTxEnvWithDefaultSigner(util.GetTestChainID(), ccid, response, simulationResults, nil, nil)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/example/marble_app.go:73] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> txSimulator.SetState(marbleApp.name, marbleName, marbleJsonBytes)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:51] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> db.ApplyUpdates(batch, savePoint)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:53] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> actualValues, _ := db.GetStateMultipleKeys("ns1", []string{"key1", "key2"})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:83] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> db.ApplyUpdates(batch, savePoint)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:85] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> vv, _ := db.GetState("ns1", "key1")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:88] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> vv, _ = db.GetState("ns2", "key4")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:110] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> db1.ApplyUpdates(batch1, savePoint1)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:118] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> db2.ApplyUpdates(batch2, savePoint2)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:120] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> vv, _ := db1.GetState("ns1", "key1")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:127] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> vv, _ = db2.GetState("ns1", "key1")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:154] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> vv, _ := db.GetState("ns", "key2")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:174] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> db.Open()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:185] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> db.ApplyUpdates(batch, savePoint)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:187] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> itr1, _ := db.GetStateRangeScanIterator("ns1", "key1", "")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:190] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> itr2, _ := db.GetStateRangeScanIterator("ns1", "key2", "key3")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:193] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> itr3, _ := db.GetStateRangeScanIterator("ns1", "", "")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:196] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> itr4, _ := db.GetStateRangeScanIterator("ns2", "", "")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:203] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> queryResult, _ := itr.Next()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:217] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> db.Open()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/commontests/test_common.go:256] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> db.ApplyUpdates(batch, savePoint)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/ledger/kvledger/txmgmt/statedb/statecouchdb/query_wrapper.go:107] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> editedQuery, _ := json.Marshal(jsonQueryMap)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/peer/peer.go:262] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> gb, _ := configtxtest.MakeGenesisBlock(cid)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/scc/lscc/lscc.go:442] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> re, _ := regexp.Compile(regExp)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/core/scc/lscc/lscc.go:628] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> cdbytes, _ := lscc.getCCInstance(stub, chaincodeName)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/events/config.go:64] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> config.AddDevConfigPath(nil)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02/chaincode_example02.go:115] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> Aval, _ = strconv.Atoi(string(Avalbytes))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/chaincode/go/chaincode_example02/chaincode_example02.go:124] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> Bval, _ = strconv.Atoi(string(Bvalbytes))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/chaincode/go/eventsender/eventsender.go:53] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> noevts, _ := strconv.Atoi(string(b))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/chaincode/go/invokereturnsvalue/invokereturnsvalue.go:100] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> Aval, _ = strconv.Atoi(string(Avalbytes))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/chaincode/go/invokereturnsvalue/invokereturnsvalue.go:109] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> Bval, _ = strconv.Atoi(string(Bvalbytes))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/chaincode/go/map/map.go:112] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> stime, _ = strconv.Atoi(args[2])
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/chaincode/go/marbles02/marbles_chaincode.go:221] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> stub.PutState(colorNameIndexKey, value)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/chaincode/go/marbles02/marbles_chaincode.go:328] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> marbleJSONasBytes, _ := json.Marshal(marbleToTransfer)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/chaincode/go/sleeper/sleeper.go:39] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> st, _ := strconv.Atoi(sleepTime)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/dchackfest/samples/e2e/chaincodes/go/chaincode_example02/chaincode_example02.go:115] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> Aval, _ = strconv.Atoi(string(Avalbytes))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/dchackfest/samples/e2e/chaincodes/go/chaincode_example02/chaincode_example02.go:124] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> Bval, _ = strconv.Atoi(string(Bvalbytes))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/dchackfest/samples/e2e/chaincodes/go/marbles02/marbles_chaincode.go:221] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> stub.PutState(colorNameIndexKey, value)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/dchackfest/samples/e2e/chaincodes/go/marbles02/marbles_chaincode.go:328] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> marbleJSONasBytes, _ := json.Marshal(marbleToTransfer)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/e2e_cli/examples/chaincode/go/chaincode_example02/chaincode_example02.go:115] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> Aval, _ = strconv.Atoi(string(Avalbytes))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/e2e_cli/examples/chaincode/go/chaincode_example02/chaincode_example02.go:124] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> Bval, _ = strconv.Atoi(string(Bvalbytes))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/events/block-listener/block-listener.go:61] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> obcEHClient, _ = consumer.NewEventsClient(eventAddress, 5, adapter)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/events/block-listener/block-listener.go:64] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> obcEHClient.Stop()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/examples/events/block-listener/block-listener.go:159] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> tx, _ := getTxPayload(r)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/gossip/comm/comm_impl.go:645] - TLS InsecureSkipVerify set true. (Confidence: HIGH, Severity: HIGH)
> InsecureSkipVerify: true
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/gossip/comm/comm_impl.go:650] - TLS InsecureSkipVerify set true. (Confidence: HIGH, Severity: HIGH)
> InsecureSkipVerify: true
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/kafka/util.go:51] - TLS MinVersion too low. (Confidence: HIGH, Severity: HIGH)
> MinVersion: 0
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/localconfig/config.go:52] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> flogging.SetModuleLevel(pkgLogID, "error")
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/localconfig/config.go:208] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> cf.InitViper(config, configName)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/mocks/util/util.go:30] - RSA keys should be at least 2048 bits (Confidence: HIGH, Severity: MEDIUM)
> rsa.GenerateKey(rand.Reader, 1024)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/sample_clients/broadcast_config/client.go:103] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> _ = conn.Close()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/sample_clients/broadcast_timestamp/client.go:85] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> _ = conn.Close()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/sample_clients/broadcast_timestamp/client.go:99] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> s.broadcast([]byte(fmt.Sprintf("Testing %v", time.Now())))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/sample_clients/single_tx_client/single_tx_client.go:102] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> dstream.Send(&cb.Envelope{
Payload: utils.MarshalOrPanic(&cb.Payload{
Header: &cb.Header{
ChannelHeader: utils.MarshalOrPanic(&cb.ChannelHeader{
ChannelId: provisional.TestChainID,
}),
SignatureHeader: utils.MarshalOrPanic(&cb.SignatureHeader{}),
},
Data: utils.MarshalOrPanic(&ab.SeekInfo{
Start: &ab.SeekPosition{Type: &ab.SeekPosition_Newest{}},
Stop: &ab.SeekPosition{Type: &ab.SeekPosition_Newest{}},
Behavior: ab.SeekInfo_BLOCK_UNTIL_READY,
}),
}),
})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/sample_clients/single_tx_client/single_tx_client.go:162] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> bstream.Send(&cb.Envelope{Payload: mpl})
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/sbft/connection/connection.go:59] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> c.Self, _ = NewPeerInfo("", cert.Certificate[0])
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/sbft/connection/connection.go:64] - TLS InsecureSkipVerify set true. (Confidence: HIGH, Severity: HIGH)
> InsecureSkipVerify: true
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/sbft/connection/connection.go:92] - TLS InsecureSkipVerify set true. (Confidence: HIGH, Severity: HIGH)
> InsecureSkipVerify: true
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/sbft/persist/persist.go:33] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> os.MkdirAll(dir, 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/sbft/persist/persist.go:33] - Expect directory permissions to be 0700 or less (Confidence: HIGH, Severity: MEDIUM)
> os.MkdirAll(dir, 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/sbft/persist/persist.go:73] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> os.Remove(p.path(key))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/orderer/util.go:80] - Expect directory permissions to be 0700 or less (Confidence: HIGH, Severity: MEDIUM)
> os.Mkdir(subDirPath, 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/peer/common/common.go:46] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> config.InitViper(nil, cmdRoot)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/peer/common/ordererclient.go:72] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> conn.Close()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/peer/main.go:89] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> viper.BindPFlag("logging_level", mainFlags.Lookup("logging-level"))
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/peer/node/start.go:340] - Expect directory permissions to be 0700 or less (Confidence: HIGH, Severity: MEDIUM)
> os.MkdirAll(filepath.Dir(fileName), 0755)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/peer/node/start.go:345] - Expect file permissions to be 0600 or less (Confidence: HIGH, Severity: MEDIUM)
> os.OpenFile(fileName, os.O_RDWR|os.O_CREATE, 0644)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/peer/node/status.go:38] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> status()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/peer/node/stop.go:48] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> stop()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/peer/node/stop.go:86] - Expect file permissions to be 0600 or less (Confidence: HIGH, Severity: MEDIUM)
> os.OpenFile(fileName, os.O_RDWR|os.O_CREATE, 0644)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/protos/testutils/txtestutils.go:110] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> sigId, _ = mspLcl.GetDefaultSigningIdentity()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/test/tools/ledgerbenchmarks/chainmgmt/tx_envelope_gen.go:43] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> signer, _ = mspLcl.GetDefaultSigningIdentity()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/test/tools/ledgerbenchmarks/chainmgmt/tx_envelope_gen.go:44] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> serializedSigner, _ = signer.Serialize()
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/test/tools/ledgerbenchmarks/chainmgmt/tx_envelope_gen.go:46] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> dummyProposal, _, _ = putils.CreateChaincodeProposal(
common.HeaderType_ENDORSER_TRANSACTION, dummyChainID,
&pb.ChaincodeInvocationSpec{ChaincodeSpec: &pb.ChaincodeSpec{ChaincodeId: dummyCCID}},
serializedSigner)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/test/tools/ledgerbenchmarks/experiments/util.go:66] - Errors unhandled. (Confidence: HIGH, Severity: LOW)
> rand.Read(b)
[/Users/cbf/dev/gocode/src/github.com/hyperledger/fabric/test/tools/ledgerbenchmarks/experiments/util.go:66] - Use of weak random number generator (math/rand instead of crypto/rand) (Confidence: MEDIUM, Severity: HIGH)
> rand.Read(b)
Summary:
Files: 451
Lines: 79043
Nosec: 0
Issues: 152
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment