Run started:2021-08-16 17:24:15.071466

Test results:
>> Issue: [B404:blacklist] Consider possible security implications associated with subprocess module.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:42
   More Info: https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
41	import matplotlib.pyplot as plt
42	import shlex,  subprocess
43	import simpleaudio as sa

--------------------------------------------------
>> Issue: [B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:403
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
402	command = "ffmpeg -version"
403	p1 = subprocess.Popen(shlex.split(command), shell=False, stdout=subprocess.PIPE)
404	out, err = p1.communicate()

--------------------------------------------------
>> Issue: [B105:hardcoded_password_string] Possible hardcoded password: ''
   Severity: Low   Confidence: Medium
   Location: as4pgc\AS4PGC.py:456
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
455	        ###########################################################################################
456	        if PASSWORD != "":
457	            configuration.SEED_IGNORE = int.from_bytes(KEY_FROM_PASSWORD[:len(KEY_FROM_PASSWORD)//2], byteorder='little', signed=False)

--------------------------------------------------
>> Issue: [B311:blacklist] Standard pseudo-random generators are not suitable for security/cryptographic purposes.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:511
   More Info: https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b311-random
510	    diff_bins = configuration.CODE_FREQUENCY_END_BIN - configuration.CODE_FREQUENCY_START_BIN
511	    configuration.CODE_FREQUENCY_START_BIN = configuration.CODE_FREQUENCY_START_BIN + random.randint(-configuration.CODE_FREQUENCY_START_BIN//20, configuration.CODE_FREQUENCY_START_BIN//10)
512	    logging.info("Messed up configuration.CODE_FREQUENCY_START_BIN = " + str(configuration.CODE_FREQUENCY_START_BIN))

--------------------------------------------------
>> Issue: [B311:blacklist] Standard pseudo-random generators are not suitable for security/cryptographic purposes.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:515
   More Info: https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b311-random
514	    random.seed(int(KEY_FROM_PASSWORD[idx_key]))
515	    configuration.CODE_FREQUENCY_END_BIN = configuration.CODE_FREQUENCY_START_BIN + diff_bins + random.randint(-diff_bins//10, diff_bins//5)
516	    logging.info("Messed up configuration.CODE_FREQUENCY_END_BIN = " + str(configuration.CODE_FREQUENCY_END_BIN))

--------------------------------------------------
>> Issue: [B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:1007
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
1006	        command = "ffmpeg -loglevel quiet -y -i " + FILE_NAME + ".mp3 -vn -acodec "+WAV_SAMPLE_FORMAT+" -ac 2 -ar " + str(SAMPLING_FREQUENCY) + " -f wav " + FILE_NAME + "_temp.wav"
1007	    p1 = subprocess.Popen(shlex.split(command), shell=False, stdout=subprocess.PIPE)
1008	    out, err = p1.communicate()

--------------------------------------------------
>> Issue: [B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:1022
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
1021	        command = "ffmpeg -loglevel quiet -y -i " + FILE_NAME + "_temp.wav -map_channel 0.0.0 " + FILE_NAME + ".wav"
1022	        p1 = subprocess.Popen(shlex.split(command), shell=False, stdout=subprocess.PIPE)
1023	        out, err = p1.communicate()

--------------------------------------------------
>> Issue: [B311:blacklist] Standard pseudo-random generators are not suitable for security/cryptographic purposes.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:1210
   More Info: https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b311-random
1209	            # random values beyond threshold will be marked to be ignored
1210	            if random.random() > IGNORE_THRESHOLD:
1211	                ignore[i] = 1

--------------------------------------------------
>> Issue: [B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:1612
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
1611	        command = "ffmpeg -loglevel quiet -y -i " + FILE_NAME + "_mod.wav -ab " + MP3_BITRATE_STR + " -sample_fmt "+MP3_SAMPLE_FORMAT+" -metadata comment='comment' " + FILE_NAME + "_out.mp3"
1612	        p1 = subprocess.Popen(shlex.split(command), shell=False, stdout=subprocess.PIPE)
1613	        out, err = p1.communicate()

--------------------------------------------------
>> Issue: [B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:1627
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
1626	            SAMPLING_FREQUENCY) + " -f wav " + FILE_NAME + "_out.wav"
1627	        p1 = subprocess.Popen(shlex.split(command), shell=False, stdout=subprocess.PIPE)
1628	        out, err = p1.communicate()

--------------------------------------------------
>> Issue: [B607:start_process_with_partial_path] Starting a process with a partial executable path
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:1659
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b607_start_process_with_partial_path.html
1658	                ##################################
1659	                subprocess.check_call(["attrib","+h",OUT_FILE_NAME])
1660	                logging.info("Hidden " + OUT_FILE_NAME)

--------------------------------------------------
>> Issue: [B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:1659
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
1658	                ##################################
1659	                subprocess.check_call(["attrib","+h",OUT_FILE_NAME])
1660	                logging.info("Hidden " + OUT_FILE_NAME)

--------------------------------------------------
>> Issue: [B311:blacklist] Standard pseudo-random generators are not suitable for security/cryptographic purposes.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:1798
   More Info: https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b311-random
1797	            for i in range(len(ignore2)):
1798	                if random.random() > IGNORE_THRESHOLD:
1799	                    ignore2[i] = 1

--------------------------------------------------
>> Issue: [B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:2395
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
2394	        tag.samplerate) + " -f wav " + stego_file + ".wav"
2395	    p1 = subprocess.Popen(shlex.split(command), shell=False, stdout=subprocess.PIPE)
2396	    out, err = p1.communicate()

--------------------------------------------------
>> Issue: [B311:blacklist] Standard pseudo-random generators are not suitable for security/cryptographic purposes.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:2457
   More Info: https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b311-random
2456	        for i in range(len(ignore2)):
2457	            if random.random() > IGNORE_THRESHOLD:
2458	                ignore2[i] = 1

--------------------------------------------------
>> Issue: [B607:start_process_with_partial_path] Starting a process with a partial executable path
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:2798
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b607_start_process_with_partial_path.html
2797	        OUT_MSG_FILE = OUT_DIR_NAME + FILE_NAME_HDR_1
2798	        subprocess.check_call(["attrib", "+h", OUT_MSG_FILE])
2799	        logging.info("Hidden " + OUT_MSG_FILE)

--------------------------------------------------
>> Issue: [B603:subprocess_without_shell_equals_true] subprocess call - check for execution of untrusted input.
   Severity: Low   Confidence: High
   Location: as4pgc\AS4PGC.py:2798
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
2797	        OUT_MSG_FILE = OUT_DIR_NAME + FILE_NAME_HDR_1
2798	        subprocess.check_call(["attrib", "+h", OUT_MSG_FILE])
2799	        logging.info("Hidden " + OUT_MSG_FILE)

--------------------------------------------------

Code scanned:
	Total lines of code: 1933
	Total lines skipped (#nosec): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0.0
		Low: 17.0
		Medium: 0.0
		High: 0.0
	Total issues (by confidence):
		Undefined: 0.0
		Low: 0.0
		Medium: 1.0
		High: 16.0
Files skipped (0):
