mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 03:55:54 +00:00
Recreate fileset each time we process a file
Some files were being counted multiple times here and giving a skewed result for line numbers processed. Closes #100
This commit is contained in:
parent
b5308ff621
commit
191750f44c
3 changed files with 14 additions and 20 deletions
|
@ -79,10 +79,10 @@ type Metrics struct {
|
||||||
type Analyzer struct {
|
type Analyzer struct {
|
||||||
ignoreNosec bool
|
ignoreNosec bool
|
||||||
ruleset RuleSet
|
ruleset RuleSet
|
||||||
context Context
|
context *Context
|
||||||
logger *log.Logger
|
logger *log.Logger
|
||||||
Issues []Issue `json:"issues"`
|
Issues []*Issue `json:"issues"`
|
||||||
Stats Metrics `json:"metrics"`
|
Stats *Metrics `json:"metrics"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewAnalyzer builds a new anaylzer.
|
// NewAnalyzer builds a new anaylzer.
|
||||||
|
@ -93,17 +93,10 @@ func NewAnalyzer(conf map[string]interface{}, logger *log.Logger) Analyzer {
|
||||||
a := Analyzer{
|
a := Analyzer{
|
||||||
ignoreNosec: conf["ignoreNosec"].(bool),
|
ignoreNosec: conf["ignoreNosec"].(bool),
|
||||||
ruleset: make(RuleSet),
|
ruleset: make(RuleSet),
|
||||||
Issues: make([]Issue, 0),
|
context: &Context{nil, nil, nil, nil, nil, nil, nil},
|
||||||
context: Context{
|
logger: logger,
|
||||||
token.NewFileSet(),
|
Issues: make([]*Issue, 0, 16),
|
||||||
nil,
|
Stats: &Metrics{0, 0, 0, 0},
|
||||||
nil,
|
|
||||||
nil,
|
|
||||||
nil,
|
|
||||||
nil,
|
|
||||||
nil,
|
|
||||||
},
|
|
||||||
logger: logger,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO(tkelsey): use the inc/exc lists
|
// TODO(tkelsey): use the inc/exc lists
|
||||||
|
@ -113,6 +106,7 @@ func NewAnalyzer(conf map[string]interface{}, logger *log.Logger) Analyzer {
|
||||||
|
|
||||||
func (gas *Analyzer) process(filename string, source interface{}) error {
|
func (gas *Analyzer) process(filename string, source interface{}) error {
|
||||||
mode := parser.ParseComments
|
mode := parser.ParseComments
|
||||||
|
gas.context.FileSet = token.NewFileSet()
|
||||||
root, err := parser.ParseFile(gas.context.FileSet, filename, source, mode)
|
root, err := parser.ParseFile(gas.context.FileSet, filename, source, mode)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
gas.context.Comments = ast.NewCommentMap(gas.context.FileSet, root, root.Comments)
|
gas.context.Comments = ast.NewCommentMap(gas.context.FileSet, root, root.Comments)
|
||||||
|
@ -221,14 +215,14 @@ func (gas *Analyzer) Visit(n ast.Node) ast.Visitor {
|
||||||
|
|
||||||
if val, ok := gas.ruleset[reflect.TypeOf(n)]; ok {
|
if val, ok := gas.ruleset[reflect.TypeOf(n)]; ok {
|
||||||
for _, rule := range val {
|
for _, rule := range val {
|
||||||
ret, err := rule.Match(n, &gas.context)
|
ret, err := rule.Match(n, gas.context)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
file, line := GetLocation(n, &gas.context)
|
file, line := GetLocation(n, gas.context)
|
||||||
file = path.Base(file)
|
file = path.Base(file)
|
||||||
gas.logger.Printf("Rule error: %v => %s (%s:%d)\n", reflect.TypeOf(rule), err, file, line)
|
gas.logger.Printf("Rule error: %v => %s (%s:%d)\n", reflect.TypeOf(rule), err, file, line)
|
||||||
}
|
}
|
||||||
if ret != nil {
|
if ret != nil {
|
||||||
gas.Issues = append(gas.Issues, *ret)
|
gas.Issues = append(gas.Issues, ret)
|
||||||
gas.Stats.NumFound++
|
gas.Stats.NumFound++
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -57,7 +57,7 @@ func TestMatchCallByType(t *testing.T) {
|
||||||
t.Errorf("Expected to match a bytes.Buffer.Write call")
|
t.Errorf("Expected to match a bytes.Buffer.Write call")
|
||||||
}
|
}
|
||||||
|
|
||||||
typeName, callName, err := GetCallInfo(rule.callExpr[0], &analyzer.context)
|
typeName, callName, err := GetCallInfo(rule.callExpr[0], analyzer.context)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("Unable to resolve call info: %v\n", err)
|
t.Errorf("Unable to resolve call info: %v\n", err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,12 +21,12 @@ import (
|
||||||
gas "github.com/GoASTScanner/gas/core"
|
gas "github.com/GoASTScanner/gas/core"
|
||||||
)
|
)
|
||||||
|
|
||||||
func gasTestRunner(source string, analyzer gas.Analyzer) []gas.Issue {
|
func gasTestRunner(source string, analyzer gas.Analyzer) []*gas.Issue {
|
||||||
analyzer.ProcessSource("dummy.go", source)
|
analyzer.ProcessSource("dummy.go", source)
|
||||||
return analyzer.Issues
|
return analyzer.Issues
|
||||||
}
|
}
|
||||||
|
|
||||||
func checkTestResults(t *testing.T, issues []gas.Issue, expected int, msg string) {
|
func checkTestResults(t *testing.T, issues []*gas.Issue, expected int, msg string) {
|
||||||
found := len(issues)
|
found := len(issues)
|
||||||
if found != expected {
|
if found != expected {
|
||||||
t.Errorf("Found %d issues, expected %d", found, expected)
|
t.Errorf("Found %d issues, expected %d", found, expected)
|
||||||
|
|
Loading…
Reference in a new issue