gosec/testutils/g111_samples.go

package testutils

import "github.com/securego/gosec/v2"

// SampleCodeG111 - potential directory traversal
var SampleCodeG111 = []CodeSample{
	{[]string{`
package main

import (
	"fmt"
	"log"
	"net/http"
	"os"
)

func main() {
	http.Handle("/bad/", http.StripPrefix("/bad/", http.FileServer(http.Dir("/"))))
	http.HandleFunc("/", HelloServer)
	log.Fatal(http.ListenAndServe(":"+os.Getenv("PORT"), nil))
}

func HelloServer(w http.ResponseWriter, r *http.Request) {
	fmt.Fprintf(w, "Hello, %s!", r.URL.Path[1:])
}
`}, 1, gosec.NewConfig()},
}
chore: Refactor Sample Code to Separate Files Split the code in `source.go` to individual sample files, one per rule. This will help contributors submit samples for new rules, or improvements to existing rules. The cgo sample was all that was left after refactoring, which resulted in its own sample file. Sample code was also formatted to have some level of consistency. Each sample go "file" attempts to keep the formatting of `gofmt`, and each code sample is in its own section in the sample file. Signed-off-by: Adam Kaplan <adam@adambkaplan.com> 2023-11-25 22:51:38 +00:00			`package testutils`

			`import "github.com/securego/gosec/v2"`

Fix lint warnings by properly formatting the files Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com> 2023-12-08 13:30:54 +00:00			`// SampleCodeG111 - potential directory traversal`
			`var SampleCodeG111 = []CodeSample{`
			{[]string{`
chore: Refactor Sample Code to Separate Files Split the code in `source.go` to individual sample files, one per rule. This will help contributors submit samples for new rules, or improvements to existing rules. The cgo sample was all that was left after refactoring, which resulted in its own sample file. Sample code was also formatted to have some level of consistency. Each sample go "file" attempts to keep the formatting of `gofmt`, and each code sample is in its own section in the sample file. Signed-off-by: Adam Kaplan <adam@adambkaplan.com> 2023-11-25 22:51:38 +00:00			`package main`

			`import (`
			`"fmt"`
			`"log"`
			`"net/http"`
			`"os"`
			`)`

			`func main() {`
			`http.Handle("/bad/", http.StripPrefix("/bad/", http.FileServer(http.Dir("/"))))`
			`http.HandleFunc("/", HelloServer)`
			`log.Fatal(http.ListenAndServe(":"+os.Getenv("PORT"), nil))`
			`}`

			`func HelloServer(w http.ResponseWriter, r *http.Request) {`
			`fmt.Fprintf(w, "Hello, %s!", r.URL.Path[1:])`
			`}`
			`}, 1, gosec.NewConfig()},
Fix lint warnings by properly formatting the files Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com> 2023-12-08 13:30:54 +00:00			`}`