rust-analyzer@0.4.2538 - Visual Studio Code | ReversingLabs Spectra Assure Community

Popularity

5.33M

Total Installs

Contributor

Declared Dependencies

Dependents

Top issues

See all issues

TH17127

Detected presence of files containing URLs that link to raw files on GitHub.

hunting

Problem

Uniform Resource Locators (URLs) are structured addresses that point to locations and assets on the internet. URLs allow software developers to build complex applications that exchange data with servers that can be hosted in multiple geographical regions. URLs can commonly be found embedded in documentation, configuration files, source code and compiled binaries. One or more embedded URLs were discovered to link to raw files hosted on GitHub. Attackers often abuse popular web services to host malicious payloads. Since code-sharing services URLs are typically allowed by security solutions, using them for payload delivery increases the odds that the malicious code will reach the user. While the presence of code-sharing service locations does not imply malicious intent, all of their uses in a software package should be documented and approved. An increasing number of software supply chain attacks in the open source space leverages the GitHub service to deliver malicious payloads.

Prevalence in Visual Studio Code community

No prevalence information at this time

Next steps

Investigate reported detections.

If the software should not include these network references, investigate your build and release environment for software supply chain compromise.

You should delay the software release until the investigation is completed, or until the issue is risk accepted.

Consider an alternative delivery mechanism for software packages.

SQ34202

Detected presence of private debug database files.

Causes risk: debugging symbols found

secrets

Problem

Program database (PDB) files are typically only used during software development. They contain private debug symbols that make it significantly easier to reverse engineer a closed source application. In some cases, having a program database file is equivalent to having access to the source code. Presence of program databases could indicate that one or more software components have been built using a debug profile, instead of the release.

Prevalence in Visual Studio Code community

No prevalence information at this time

Next steps

Remove private debug database files from the software package before you release it.

SQ14127

Detected Windows executable files that do not implement long jump control flow vulnerability mitigation protection.

Causes risk: low priority mitigations absent

hardening

Problem

Control Flow Guard (CFG/CFI) protects the code flow integrity by ensuring that indirect calls are made only to vetted functions. This mitigation protects dynamically resolved function targets by instrumenting the code responsible for transferring execution control. Higher-level programming languages implement structured exception handling by managing their own code flow execution paths. As such, they are subject to code flow hijacking during runtime. Language-specific exception handling mitigation enforces execution integrity by instrumenting calls to manage execution context switching. Any deviation from the known and trusted code flow paths will cause the application to terminate. This makes malicious code less likely to execute.

Prevalence in Visual Studio Code community

No prevalence information at this time

Next steps

It's highly recommended to enable this option for all software components used at security boundaries, or those that process user controlled inputs.

To enable this mitigation, refer to your programming language toolchain documentation.

In Microsoft VisualStudio, you can enable CFG mitigation by passing the /guard:cf parameter to the compiler and linker.

Top behaviors

See all behaviors

Deletes files in Windows system directories.

file