gosec/analyzers/analyzers_test.go

package analyzers_test

import (
	"fmt"
	"log"

	. "github.com/onsi/ginkgo/v2"
	. "github.com/onsi/gomega"

	"github.com/securego/gosec/v2"
	"github.com/securego/gosec/v2/analyzers"
	"github.com/securego/gosec/v2/testutils"
)

var _ = Describe("gosec analyzers", func() {
	var (
		logger    *log.Logger
		config    gosec.Config
		analyzer  *gosec.Analyzer
		runner    func(string, []testutils.CodeSample)
		buildTags []string
		tests     bool
	)

	BeforeEach(func() {
		logger, _ = testutils.NewLogger()
		config = gosec.NewConfig()
		analyzer = gosec.NewAnalyzer(config, tests, false, false, 1, logger)
		runner = func(analyzerId string, samples []testutils.CodeSample) {
			for n, sample := range samples {
				analyzer.Reset()
				analyzer.SetConfig(sample.Config)
				analyzer.LoadAnalyzers(analyzers.Generate(false, analyzers.NewAnalyzerFilter(false, analyzerId)).AnalyzersInfo())
				pkg := testutils.NewTestPackage()
				defer pkg.Close()
				for i, code := range sample.Code {
					pkg.AddFile(fmt.Sprintf("sample_%d_%d.go", n, i), code)
				}
				err := pkg.Build()
				Expect(err).ShouldNot(HaveOccurred())
				Expect(pkg.PrintErrors()).Should(BeZero())
				err = analyzer.Process(buildTags, pkg.Path)
				Expect(err).ShouldNot(HaveOccurred())
				issues, _, _ := analyzer.Report()
				if len(issues) != sample.Errors {
					fmt.Println(sample.Code)
				}
				Expect(issues).Should(HaveLen(sample.Errors))
			}
		}
	})

	Context("report correct errors for all samples", func() {
		It("should detect integer conversion overflow", func() {
			runner("G115", testutils.SampleCodeG115)
		})

		It("should detect hardcoded nonce/IV", func() {
			runner("G407", testutils.SampleCodeG407)
		})

		It("should detect out of bounds slice access", func() {
			runner("G602", testutils.SampleCodeG602)
		})
	})
})
Allow excluding analyzers globally (#1180) * This change does not exclude analyzers for inline comment * Changed the expected issues count for G103, G109 samples for test. Previously G115 has been included in the issue count * Show analyzers IDs(G115, G602) in gosec usage help * See #1175 2024-08-20 09:43:40 +01:00			`package analyzers_test`

			`import (`
			`"fmt"`
			`"log"`

			`. "github.com/onsi/ginkgo/v2"`
			`. "github.com/onsi/gomega"`

			`"github.com/securego/gosec/v2"`
			`"github.com/securego/gosec/v2/analyzers"`
			`"github.com/securego/gosec/v2/testutils"`
			`)`

			`var _ = Describe("gosec analyzers", func() {`
			`var (`
			`logger *log.Logger`
			`config gosec.Config`
			`analyzer *gosec.Analyzer`
			`runner func(string, []testutils.CodeSample)`
			`buildTags []string`
			`tests bool`
			`)`

			`BeforeEach(func() {`
			`logger, _ = testutils.NewLogger()`
			`config = gosec.NewConfig()`
			`analyzer = gosec.NewAnalyzer(config, tests, false, false, 1, logger)`
			`runner = func(analyzerId string, samples []testutils.CodeSample) {`
			`for n, sample := range samples {`
			`analyzer.Reset()`
			`analyzer.SetConfig(sample.Config)`
			`analyzer.LoadAnalyzers(analyzers.Generate(false, analyzers.NewAnalyzerFilter(false, analyzerId)).AnalyzersInfo())`
			`pkg := testutils.NewTestPackage()`
			`defer pkg.Close()`
			`for i, code := range sample.Code {`
			`pkg.AddFile(fmt.Sprintf("sample_%d_%d.go", n, i), code)`
			`}`
			`err := pkg.Build()`
			`Expect(err).ShouldNot(HaveOccurred())`
			`Expect(pkg.PrintErrors()).Should(BeZero())`
			`err = analyzer.Process(buildTags, pkg.Path)`
			`Expect(err).ShouldNot(HaveOccurred())`
			`issues, _, _ := analyzer.Report()`
			`if len(issues) != sample.Errors {`
			`fmt.Println(sample.Code)`
			`}`
			`Expect(issues).Should(HaveLen(sample.Errors))`
			`}`
			`}`
			`})`

			`Context("report correct errors for all samples", func() {`
			`It("should detect integer conversion overflow", func() {`
			`runner("G115", testutils.SampleCodeG115)`
			`})`

Updated analyzer to use new way of initialization * Removed old way of initializing analyzers * Added the new analyzer to the rest of the default analyzers * Fixed small bug in the rule * Removed the test for the new analyzer from the file responsible for testing the rules * Merged the diffrent examples into 1 variable * Added tests for the analyzer * Removed code that was used for testing rules, but it was used to test the analyzer 2024-08-30 10:39:24 +01:00			`It("should detect hardcoded nonce/IV", func() {`
			`runner("G407", testutils.SampleCodeG407)`
			`})`

Allow excluding analyzers globally (#1180) * This change does not exclude analyzers for inline comment * Changed the expected issues count for G103, G109 samples for test. Previously G115 has been included in the issue count * Show analyzers IDs(G115, G602) in gosec usage help * See #1175 2024-08-20 09:43:40 +01:00			`It("should detect out of bounds slice access", func() {`
			`runner("G602", testutils.SampleCodeG602)`
			`})`
			`})`
			`})`