2018-07-19 17:42:25 +01:00
|
|
|
package gosec_test
|
2017-07-19 22:17:00 +01:00
|
|
|
|
|
|
|
import (
|
|
|
|
"go/ast"
|
|
|
|
|
|
|
|
. "github.com/onsi/ginkgo"
|
|
|
|
. "github.com/onsi/gomega"
|
2018-07-19 17:42:25 +01:00
|
|
|
"github.com/securego/gosec"
|
|
|
|
"github.com/securego/gosec/testutils"
|
2017-07-19 22:17:00 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
var _ = Describe("Resolve ast node to concrete value", func() {
|
|
|
|
Context("when attempting to resolve an ast node", func() {
|
|
|
|
It("should successfully resolve basic literal", func() {
|
|
|
|
var basicLiteral *ast.BasicLit
|
|
|
|
|
|
|
|
pkg := testutils.NewTestPackage()
|
2017-09-16 01:12:27 +01:00
|
|
|
defer pkg.Close()
|
2017-07-19 22:17:00 +01:00
|
|
|
pkg.AddFile("foo.go", `package main; const foo = "bar"; func main(){}`)
|
|
|
|
ctx := pkg.CreateContext("foo.go")
|
|
|
|
v := testutils.NewMockVisitor()
|
2018-07-19 17:42:25 +01:00
|
|
|
v.Callback = func(n ast.Node, ctx *gosec.Context) bool {
|
2017-07-19 22:17:00 +01:00
|
|
|
if node, ok := n.(*ast.BasicLit); ok {
|
|
|
|
basicLiteral = node
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
v.Context = ctx
|
|
|
|
ast.Walk(v, ctx.Root)
|
|
|
|
Expect(basicLiteral).ShouldNot(BeNil())
|
2018-07-19 17:42:25 +01:00
|
|
|
Expect(gosec.TryResolve(basicLiteral, ctx)).Should(BeTrue())
|
2017-07-19 22:17:00 +01:00
|
|
|
})
|
|
|
|
|
|
|
|
It("should successfully resolve identifier", func() {
|
|
|
|
var ident *ast.Ident
|
|
|
|
pkg := testutils.NewTestPackage()
|
2017-09-16 01:12:27 +01:00
|
|
|
defer pkg.Close()
|
2017-07-19 22:17:00 +01:00
|
|
|
pkg.AddFile("foo.go", `package main; var foo string = "bar"; func main(){}`)
|
|
|
|
ctx := pkg.CreateContext("foo.go")
|
|
|
|
v := testutils.NewMockVisitor()
|
2018-07-19 17:42:25 +01:00
|
|
|
v.Callback = func(n ast.Node, ctx *gosec.Context) bool {
|
2017-07-19 22:17:00 +01:00
|
|
|
if node, ok := n.(*ast.Ident); ok {
|
|
|
|
ident = node
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
v.Context = ctx
|
|
|
|
ast.Walk(v, ctx.Root)
|
|
|
|
Expect(ident).ShouldNot(BeNil())
|
2018-07-19 17:42:25 +01:00
|
|
|
Expect(gosec.TryResolve(ident, ctx)).Should(BeTrue())
|
2017-07-19 22:17:00 +01:00
|
|
|
})
|
|
|
|
|
|
|
|
It("should successfully resolve assign statement", func() {
|
|
|
|
var assign *ast.AssignStmt
|
|
|
|
pkg := testutils.NewTestPackage()
|
2017-09-16 01:12:27 +01:00
|
|
|
defer pkg.Close()
|
2017-07-19 22:17:00 +01:00
|
|
|
pkg.AddFile("foo.go", `package main; const x = "bar"; func main(){ y := x; println(y) }`)
|
|
|
|
ctx := pkg.CreateContext("foo.go")
|
|
|
|
v := testutils.NewMockVisitor()
|
2018-07-19 17:42:25 +01:00
|
|
|
v.Callback = func(n ast.Node, ctx *gosec.Context) bool {
|
2017-07-19 22:17:00 +01:00
|
|
|
if node, ok := n.(*ast.AssignStmt); ok {
|
|
|
|
if id, ok := node.Lhs[0].(*ast.Ident); ok && id.Name == "y" {
|
|
|
|
assign = node
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
v.Context = ctx
|
|
|
|
ast.Walk(v, ctx.Root)
|
|
|
|
Expect(assign).ShouldNot(BeNil())
|
2018-07-19 17:42:25 +01:00
|
|
|
Expect(gosec.TryResolve(assign, ctx)).Should(BeTrue())
|
2017-07-19 22:17:00 +01:00
|
|
|
})
|
|
|
|
|
|
|
|
It("should successfully resolve a binary statement", func() {
|
|
|
|
var target *ast.BinaryExpr
|
|
|
|
pkg := testutils.NewTestPackage()
|
2017-09-16 01:12:27 +01:00
|
|
|
defer pkg.Close()
|
2017-07-19 22:17:00 +01:00
|
|
|
pkg.AddFile("foo.go", `package main; const (x = "bar"; y = "baz"); func main(){ z := x + y; println(z) }`)
|
|
|
|
ctx := pkg.CreateContext("foo.go")
|
|
|
|
v := testutils.NewMockVisitor()
|
2018-07-19 17:42:25 +01:00
|
|
|
v.Callback = func(n ast.Node, ctx *gosec.Context) bool {
|
2017-07-19 22:17:00 +01:00
|
|
|
if node, ok := n.(*ast.BinaryExpr); ok {
|
|
|
|
target = node
|
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
v.Context = ctx
|
|
|
|
ast.Walk(v, ctx.Root)
|
|
|
|
Expect(target).ShouldNot(BeNil())
|
2018-07-19 17:42:25 +01:00
|
|
|
Expect(gosec.TryResolve(target, ctx)).Should(BeTrue())
|
2017-07-19 22:17:00 +01:00
|
|
|
})
|
2019-10-04 12:22:41 +01:00
|
|
|
|
2019-10-04 12:07:53 +01:00
|
|
|
It("should successfully resolve value spec", func() {
|
|
|
|
var value *ast.ValueSpec
|
|
|
|
pkg := testutils.NewTestPackage()
|
|
|
|
defer pkg.Close()
|
|
|
|
pkg.AddFile("foo.go", `package main; const x = "bar"; func main(){ var y string = x; println(y) }`)
|
|
|
|
ctx := pkg.CreateContext("foo.go")
|
|
|
|
v := testutils.NewMockVisitor()
|
|
|
|
v.Callback = func(n ast.Node, ctx *gosec.Context) bool {
|
|
|
|
if node, ok := n.(*ast.ValueSpec); ok {
|
|
|
|
if len(node.Names) == 1 && node.Names[0].Name == "y" {
|
|
|
|
value = node
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
v.Context = ctx
|
|
|
|
ast.Walk(v, ctx.Root)
|
|
|
|
Expect(value).ShouldNot(BeNil())
|
|
|
|
Expect(gosec.TryResolve(value, ctx)).Should(BeTrue())
|
|
|
|
})
|
2017-07-19 22:17:00 +01:00
|
|
|
|
2019-10-04 12:23:58 +01:00
|
|
|
It("should successfully resolve composite literal", func() {
|
|
|
|
var value *ast.CompositeLit
|
|
|
|
pkg := testutils.NewTestPackage()
|
|
|
|
defer pkg.Close()
|
|
|
|
pkg.AddFile("foo.go", `package main; func main(){ y := []string{"value1", "value2"}; println(y) }`)
|
|
|
|
ctx := pkg.CreateContext("foo.go")
|
|
|
|
v := testutils.NewMockVisitor()
|
|
|
|
v.Callback = func(n ast.Node, ctx *gosec.Context) bool {
|
|
|
|
if node, ok := n.(*ast.CompositeLit); ok {
|
|
|
|
value = node
|
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
v.Context = ctx
|
|
|
|
ast.Walk(v, ctx.Root)
|
|
|
|
Expect(value).ShouldNot(BeNil())
|
|
|
|
Expect(gosec.TryResolve(value, ctx)).Should(BeTrue())
|
|
|
|
})
|
|
|
|
})
|
2017-07-19 22:17:00 +01:00
|
|
|
})
|