mirror of
https://github.com/securego/gosec.git
synced 2024-12-24 11:35:52 +00:00
Fix lint warnings by properly formatting the files
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
This commit is contained in:
parent
0e2a61899a
commit
2aad3f02a5
32 changed files with 259 additions and 321 deletions
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeCgo - Cgo file sample
|
||||||
// SampleCodeCgo - Cgo file sample
|
var SampleCodeCgo = []CodeSample{
|
||||||
SampleCodeCgo = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -48,5 +47,4 @@ func main() {
|
||||||
C.printData(cData)
|
C.printData(cData)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,11 +2,10 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG102 code snippets for network binding
|
||||||
// SampleCodeG102 code snippets for network binding
|
var SampleCodeG102 = []CodeSample{
|
||||||
SampleCodeG102 = []CodeSample{
|
// Bind to all networks explicitly
|
||||||
// Bind to all networks explicitly
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -22,8 +21,8 @@ func main() {
|
||||||
defer l.Close()
|
defer l.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
// Bind to all networks implicitly (default if host omitted)
|
// Bind to all networks implicitly (default if host omitted)
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -39,8 +38,8 @@ func main() {
|
||||||
defer l.Close()
|
defer l.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
// Bind to all networks indirectly through a parsing function
|
// Bind to all networks indirectly through a parsing function
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -61,8 +60,8 @@ func main() {
|
||||||
defer l.Close()
|
defer l.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
// Bind to all networks indirectly through a parsing function
|
// Bind to all networks indirectly through a parsing function
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -84,7 +83,7 @@ func main() {
|
||||||
defer l.Close()
|
defer l.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -102,5 +101,4 @@ func main() {
|
||||||
defer l.Close()
|
defer l.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG103 find instances of unsafe blocks for auditing purposes
|
||||||
// SampleCodeG103 find instances of unsafe blocks for auditing purposes
|
var SampleCodeG103 = []CodeSample{
|
||||||
SampleCodeG103 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -29,7 +28,7 @@ func main() {
|
||||||
fmt.Printf("\nintPtr=%p, *intPtr=%d.\n\n", intPtr, *intPtr)
|
fmt.Printf("\nintPtr=%p, *intPtr=%d.\n\n", intPtr, *intPtr)
|
||||||
}
|
}
|
||||||
`}, 2, gosec.NewConfig()},
|
`}, 2, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -46,7 +45,7 @@ func main() {
|
||||||
fmt.Printf("ptr: %p\n", ptr)
|
fmt.Printf("ptr: %p\n", ptr)
|
||||||
}
|
}
|
||||||
`}, 2, gosec.NewConfig()},
|
`}, 2, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -63,5 +62,4 @@ func main() {
|
||||||
fmt.Printf("ptr: %p\n", ptr)
|
fmt.Printf("ptr: %p\n", ptr)
|
||||||
}
|
}
|
||||||
`}, 2, gosec.NewConfig()},
|
`}, 2, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG106 - ssh InsecureIgnoreHostKey
|
||||||
// SampleCodeG106 - ssh InsecureIgnoreHostKey
|
var SampleCodeG106 = []CodeSample{
|
||||||
SampleCodeG106 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -16,5 +15,4 @@ func main() {
|
||||||
_ = ssh.InsecureIgnoreHostKey()
|
_ = ssh.InsecureIgnoreHostKey()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG107 - SSRF via http requests with variable url
|
||||||
// SampleCodeG107 - SSRF via http requests with variable url
|
var SampleCodeG107 = []CodeSample{
|
||||||
SampleCodeG107 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
// Input from the std in is considered insecure
|
// Input from the std in is considered insecure
|
||||||
package main
|
package main
|
||||||
import (
|
import (
|
||||||
|
@ -33,7 +32,7 @@ func main() {
|
||||||
fmt.Printf("%s", body)
|
fmt.Printf("%s", body)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Variable defined a package level can be changed at any time
|
// Variable defined a package level can be changed at any time
|
||||||
// regardless of the initial value
|
// regardless of the initial value
|
||||||
package main
|
package main
|
||||||
|
@ -58,7 +57,7 @@ func main() {
|
||||||
}
|
}
|
||||||
fmt.Printf("%s", body)
|
fmt.Printf("%s", body)
|
||||||
}`}, 1, gosec.NewConfig()},
|
}`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Environmental variables are not considered as secure source
|
// Environmental variables are not considered as secure source
|
||||||
package main
|
package main
|
||||||
import (
|
import (
|
||||||
|
@ -81,7 +80,7 @@ func main() {
|
||||||
fmt.Printf("%s", body)
|
fmt.Printf("%s", body)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Constant variables or hard-coded strings are secure
|
// Constant variables or hard-coded strings are secure
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -98,7 +97,7 @@ func main() {
|
||||||
fmt.Println(resp.Status)
|
fmt.Println(resp.Status)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// A variable at function scope which is initialized to
|
// A variable at function scope which is initialized to
|
||||||
// a constant string is secure (e.g. cannot be changed concurrently)
|
// a constant string is secure (e.g. cannot be changed concurrently)
|
||||||
package main
|
package main
|
||||||
|
@ -116,7 +115,7 @@ func main() {
|
||||||
fmt.Println(resp.Status)
|
fmt.Println(resp.Status)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// A variable at function scope which is initialized to
|
// A variable at function scope which is initialized to
|
||||||
// a constant string is secure (e.g. cannot be changed concurrently)
|
// a constant string is secure (e.g. cannot be changed concurrently)
|
||||||
package main
|
package main
|
||||||
|
@ -134,7 +133,7 @@ func main() {
|
||||||
fmt.Println(resp.Status)
|
fmt.Println(resp.Status)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// A variable at function scope which is initialized to
|
// A variable at function scope which is initialized to
|
||||||
// a constant string is secure (e.g. cannot be changed concurrently)
|
// a constant string is secure (e.g. cannot be changed concurrently)
|
||||||
package main
|
package main
|
||||||
|
@ -154,7 +153,7 @@ func main() {
|
||||||
fmt.Println(resp.Status)
|
fmt.Println(resp.Status)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// An exported variable declared a packaged scope is not secure
|
// An exported variable declared a packaged scope is not secure
|
||||||
// because it can changed at any time
|
// because it can changed at any time
|
||||||
package main
|
package main
|
||||||
|
@ -174,7 +173,7 @@ func main() {
|
||||||
fmt.Println(resp.Status)
|
fmt.Println(resp.Status)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// An url provided as a function argument is not secure
|
// An url provided as a function argument is not secure
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -194,5 +193,4 @@ func main() {
|
||||||
get(url)
|
get(url)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG108 - pprof endpoint automatically exposed
|
||||||
// SampleCodeG108 - pprof endpoint automatically exposed
|
var SampleCodeG108 = []CodeSample{
|
||||||
SampleCodeG108 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -22,7 +21,7 @@ func main() {
|
||||||
log.Fatal(http.ListenAndServe(":8080", nil))
|
log.Fatal(http.ListenAndServe(":8080", nil))
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -38,5 +37,4 @@ func main() {
|
||||||
log.Fatal(http.ListenAndServe(":8080", nil))
|
log.Fatal(http.ListenAndServe(":8080", nil))
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG109 - Potential Integer OverFlow
|
||||||
// SampleCodeG109 - Potential Integer OverFlow
|
var SampleCodeG109 = []CodeSample{
|
||||||
SampleCodeG109 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -22,7 +21,7 @@ func main() {
|
||||||
fmt.Println(value)
|
fmt.Println(value)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -40,7 +39,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -56,7 +55,7 @@ func main() {
|
||||||
fmt.Println(bigValue)
|
fmt.Println(bigValue)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -79,7 +78,7 @@ func test() {
|
||||||
fmt.Println(value)
|
fmt.Println(value)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -97,7 +96,7 @@ func main() {
|
||||||
fmt.Println(v)
|
fmt.Println(v)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -110,5 +109,4 @@ func main() {
|
||||||
fmt.Println(b, err)
|
fmt.Println(b, err)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG110 - potential DoS vulnerability via decompression bomb
|
||||||
// SampleCodeG110 - potential DoS vulnerability via decompression bomb
|
var SampleCodeG110 = []CodeSample{
|
||||||
SampleCodeG110 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -31,7 +30,7 @@ func main() {
|
||||||
|
|
||||||
r.Close()
|
r.Close()
|
||||||
}`}, 1, gosec.NewConfig()},
|
}`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -58,7 +57,7 @@ func main() {
|
||||||
r.Close()
|
r.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -97,7 +96,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -124,5 +123,4 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG111 - potential directory traversal
|
||||||
// SampleCodeG111 - potential directory traversal
|
var SampleCodeG111 = []CodeSample{
|
||||||
SampleCodeG111 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -25,5 +24,4 @@ func HelloServer(w http.ResponseWriter, r *http.Request) {
|
||||||
fmt.Fprintf(w, "Hello, %s!", r.URL.Path[1:])
|
fmt.Fprintf(w, "Hello, %s!", r.URL.Path[1:])
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG112 - potential slowloris attack
|
||||||
// SampleCodeG112 - potential slowloris attack
|
var SampleCodeG112 = []CodeSample{
|
||||||
SampleCodeG112 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -25,7 +24,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -48,7 +47,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -71,7 +70,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -103,5 +102,4 @@ func main() {
|
||||||
fmt.Print("test")
|
fmt.Print("test")
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG113 - Usage of Rat.SetString in math/big with an overflow
|
||||||
// SampleCodeG113 - Usage of Rat.SetString in math/big with an overflow
|
var SampleCodeG113 = []CodeSample{
|
||||||
SampleCodeG113 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -20,5 +19,4 @@ func main() {
|
||||||
fmt.Println(r)
|
fmt.Println(r)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG114 - Use of net/http serve functions that have no support for setting timeouts
|
||||||
// SampleCodeG114 - Use of net/http serve functions that have no support for setting timeouts
|
var SampleCodeG114 = []CodeSample{
|
||||||
SampleCodeG114 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -18,7 +17,7 @@ func main() {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -31,7 +30,7 @@ func main() {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -50,7 +49,7 @@ func main() {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -69,5 +68,4 @@ func main() {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG201 - SQL injection via format string
|
||||||
// SampleCodeG201 - SQL injection via format string
|
var SampleCodeG201 = []CodeSample{
|
||||||
SampleCodeG201 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
// Format string without proper quoting
|
// Format string without proper quoting
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -28,7 +27,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Format string without proper quoting case insensitive
|
// Format string without proper quoting case insensitive
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -51,7 +50,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Format string without proper quoting with context
|
// Format string without proper quoting with context
|
||||||
package main
|
package main
|
||||||
import (
|
import (
|
||||||
|
@ -74,7 +73,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Format string without proper quoting with transaction
|
// Format string without proper quoting with transaction
|
||||||
package main
|
package main
|
||||||
import (
|
import (
|
||||||
|
@ -105,7 +104,7 @@ func main(){
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Format string false positive, safe string spec.
|
// Format string false positive, safe string spec.
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -128,7 +127,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Format string false positive
|
// Format string false positive
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -150,7 +149,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Format string false positive, quoted formatter argument.
|
// Format string false positive, quoted formatter argument.
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -174,7 +173,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// false positive
|
// false positive
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -197,7 +196,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
@ -207,7 +206,7 @@ func main(){
|
||||||
fmt.Sprintln()
|
fmt.Sprintln()
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Format string with \n\r
|
// Format string with \n\r
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -230,7 +229,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Format string with \n\r
|
// Format string with \n\r
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -253,7 +252,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// SQLI by db.Query(some).Scan(&other)
|
// SQLI by db.Query(some).Scan(&other)
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -277,7 +276,7 @@ func main() {
|
||||||
}
|
}
|
||||||
defer db.Close()
|
defer db.Close()
|
||||||
}`}, 1, gosec.NewConfig()},
|
}`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// SQLI by db.Query(some).Scan(&other)
|
// SQLI by db.Query(some).Scan(&other)
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -300,7 +299,7 @@ func main() {
|
||||||
}
|
}
|
||||||
defer db.Close()
|
defer db.Close()
|
||||||
}`}, 1, gosec.NewConfig()},
|
}`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// SQLI by db.Prepare(some)
|
// SQLI by db.Prepare(some)
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -333,7 +332,7 @@ func main() {
|
||||||
defer stmt.Close()
|
defer stmt.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// SQLI by db.PrepareContext(some)
|
// SQLI by db.PrepareContext(some)
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -367,7 +366,7 @@ func main() {
|
||||||
defer stmt.Close()
|
defer stmt.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// false positive
|
// false positive
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -399,5 +398,4 @@ func main() {
|
||||||
defer stmt.Close()
|
defer stmt.Close()
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG202 - SQL query string building via string concatenation
|
||||||
// SampleCodeG202 - SQL query string building via string concatenation
|
var SampleCodeG202 = []CodeSample{
|
||||||
SampleCodeG202 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
// infixed concatenation
|
// infixed concatenation
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -28,7 +27,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -48,7 +47,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// case insensitive match
|
// case insensitive match
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -69,7 +68,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// context match
|
// context match
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -91,7 +90,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// DB transaction check
|
// DB transaction check
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -121,7 +120,7 @@ func main(){
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// multiple string concatenation
|
// multiple string concatenation
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -142,7 +141,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// false positive
|
// false positive
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -163,7 +162,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -186,7 +185,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
const gender = "M"
|
const gender = "M"
|
||||||
|
@ -213,7 +212,7 @@ func main(){
|
||||||
defer rows.Close()
|
defer rows.Close()
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// ExecContext match
|
// ExecContext match
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -235,7 +234,7 @@ func main() {
|
||||||
}
|
}
|
||||||
fmt.Println(result)
|
fmt.Println(result)
|
||||||
}`}, 1, gosec.NewConfig()},
|
}`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Exec match
|
// Exec match
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -256,7 +255,7 @@ func main() {
|
||||||
}
|
}
|
||||||
fmt.Println(result)
|
fmt.Println(result)
|
||||||
}`}, 1, gosec.NewConfig()},
|
}`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -280,5 +279,4 @@ func main() {
|
||||||
fmt.Println(result)
|
fmt.Println(result)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG203 - Template checks
|
||||||
// SampleCodeG203 - Template checks
|
var SampleCodeG203 = []CodeSample{
|
||||||
SampleCodeG203 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
// We assume that hardcoded template strings are safe as the programmer would
|
// We assume that hardcoded template strings are safe as the programmer would
|
||||||
// need to be explicitly shooting themselves in the foot (as below)
|
// need to be explicitly shooting themselves in the foot (as below)
|
||||||
package main
|
package main
|
||||||
|
@ -26,7 +25,7 @@ func main() {
|
||||||
t.Execute(os.Stdout, v)
|
t.Execute(os.Stdout, v)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Using a variable to initialize could potentially be dangerous. Under the
|
// Using a variable to initialize could potentially be dangerous. Under the
|
||||||
// current model this will likely produce some false positives.
|
// current model this will likely produce some false positives.
|
||||||
package main
|
package main
|
||||||
|
@ -48,7 +47,7 @@ func main() {
|
||||||
t.Execute(os.Stdout, v)
|
t.Execute(os.Stdout, v)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -68,7 +67,7 @@ func main() {
|
||||||
t.Execute(os.Stdout, v)
|
t.Execute(os.Stdout, v)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -88,5 +87,4 @@ func main() {
|
||||||
t.Execute(os.Stdout, v)
|
t.Execute(os.Stdout, v)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG204 - Subprocess auditing
|
||||||
// SampleCodeG204 - Subprocess auditing
|
var SampleCodeG204 = []CodeSample{
|
||||||
SampleCodeG204 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -22,7 +21,7 @@ func main() {
|
||||||
log.Printf("Command finished with error: %v", err)
|
log.Printf("Command finished with error: %v", err)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Calling any function which starts a new process with using
|
// Calling any function which starts a new process with using
|
||||||
// command line arguments as it's arguments is considered dangerous
|
// command line arguments as it's arguments is considered dangerous
|
||||||
package main
|
package main
|
||||||
|
@ -42,7 +41,7 @@ func main() {
|
||||||
log.Printf("Command finished with error: %v", err)
|
log.Printf("Command finished with error: %v", err)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Initializing a local variable using a environmental
|
// Initializing a local variable using a environmental
|
||||||
// variable is consider as a dangerous user input
|
// variable is consider as a dangerous user input
|
||||||
package main
|
package main
|
||||||
|
@ -65,7 +64,7 @@ func main() {
|
||||||
log.Printf("Command finished with error: %v", err)
|
log.Printf("Command finished with error: %v", err)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// gosec doesn't have enough context to decide that the
|
// gosec doesn't have enough context to decide that the
|
||||||
// command argument of the RunCmd function is hardcoded string
|
// command argument of the RunCmd function is hardcoded string
|
||||||
// and that's why it's better to warn the user so he can audit it
|
// and that's why it's better to warn the user so he can audit it
|
||||||
|
@ -90,7 +89,7 @@ func main() {
|
||||||
RunCmd("sleep")
|
RunCmd("sleep")
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -120,7 +119,7 @@ func main() {
|
||||||
RunCmd("ll", "ls")
|
RunCmd("ll", "ls")
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// syscall.Exec function called with hardcoded arguments
|
// syscall.Exec function called with hardcoded arguments
|
||||||
// shouldn't be consider as a command injection
|
// shouldn't be consider as a command injection
|
||||||
package main
|
package main
|
||||||
|
@ -137,8 +136,8 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{
|
{
|
||||||
[]string{`
|
[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -156,8 +155,9 @@ func RunCmd(command string) {
|
||||||
func main() {
|
func main() {
|
||||||
RunCmd("sleep")
|
RunCmd("sleep")
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig(),
|
||||||
{[]string{`
|
},
|
||||||
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -176,7 +176,7 @@ func main() {
|
||||||
RunCmd("sleep")
|
RunCmd("sleep")
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// starting a process with a variable as an argument
|
// starting a process with a variable as an argument
|
||||||
// even if not constant is not considered as dangerous
|
// even if not constant is not considered as dangerous
|
||||||
// because it has hardcoded value
|
// because it has hardcoded value
|
||||||
|
@ -199,7 +199,7 @@ func main() {
|
||||||
log.Printf("Command finished with error: %v", err)
|
log.Printf("Command finished with error: %v", err)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// exec.Command from supplemental package sys/execabs
|
// exec.Command from supplemental package sys/execabs
|
||||||
// using variable arguments
|
// using variable arguments
|
||||||
package main
|
package main
|
||||||
|
@ -219,7 +219,7 @@ func main() {
|
||||||
log.Printf("Command finished with error: %v", err)
|
log.Printf("Command finished with error: %v", err)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Initializing a local variable using a environmental
|
// Initializing a local variable using a environmental
|
||||||
// variable is consider as a dangerous user input
|
// variable is consider as a dangerous user input
|
||||||
package main
|
package main
|
||||||
|
@ -242,5 +242,4 @@ func main() {
|
||||||
log.Printf("Command finished with error: %v", err)
|
log.Printf("Command finished with error: %v", err)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,9 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var ( // SampleCodeG301 - mkdir permission check
|
// SampleCodeG301 - mkdir permission check
|
||||||
SampleCodeG301 = []CodeSample{
|
var SampleCodeG301 = []CodeSample{
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -20,7 +20,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -36,7 +36,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -52,5 +52,4 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG302 - file create / chmod permissions check
|
||||||
// SampleCodeG302 - file create / chmod permissions check
|
var SampleCodeG302 = []CodeSample{
|
||||||
SampleCodeG302 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -21,7 +20,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -37,7 +36,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -53,7 +52,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -69,5 +68,4 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG303 - bad tempfile permissions & hardcoded shared path
|
||||||
// SampleCodeG303 - bad tempfile permissions & hardcoded shared path
|
var SampleCodeG303 = []CodeSample{
|
||||||
SampleCodeG303 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package samples
|
package samples
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -57,5 +56,4 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 9, gosec.NewConfig()},
|
`}, 9, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG304 - potential file inclusion vulnerability
|
||||||
// SampleCodeG304 - potential file inclusion vulnerability
|
var SampleCodeG304 = []CodeSample{
|
||||||
SampleCodeG304 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -24,7 +23,7 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -42,7 +41,7 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -68,7 +67,7 @@ func main() {
|
||||||
log.Fatal(http.ListenAndServe(":3000", nil))
|
log.Fatal(http.ListenAndServe(":3000", nil))
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -94,7 +93,7 @@ func main() {
|
||||||
log.Fatal(http.ListenAndServe(":3000", nil))
|
log.Fatal(http.ListenAndServe(":3000", nil))
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -112,7 +111,7 @@ import (
|
||||||
log.Print(body)
|
log.Print(body)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -138,7 +137,7 @@ func main() {
|
||||||
fmt.Println(string(contents))
|
fmt.Println(string(contents))
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -159,7 +158,7 @@ func main() {
|
||||||
log.Print(body)
|
log.Print(body)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -176,7 +175,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -196,7 +195,7 @@ func main() {
|
||||||
openFile(repoFile)
|
openFile(repoFile)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -219,7 +218,7 @@ func main() {
|
||||||
openFile(dir, repoFile)
|
openFile(dir, repoFile)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -239,7 +238,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -271,7 +270,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -303,5 +302,4 @@ package main
|
||||||
|
|
||||||
var THEWD string
|
var THEWD string
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG305 - File path traversal when extracting zip/tar archives
|
||||||
// SampleCodeG305 - File path traversal when extracting zip/tar archives
|
var SampleCodeG305 = []CodeSample{
|
||||||
SampleCodeG305 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package unzip
|
package unzip
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -52,7 +51,7 @@ func unzip(archive, target string) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package unzip
|
package unzip
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -100,7 +99,7 @@ func unzip(archive, target string) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package zip
|
package zip
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -140,7 +139,7 @@ func extractFile(f *zip.File, destPath string) error {
|
||||||
return os.Chmod(filePath, f.FileInfo().Mode())
|
return os.Chmod(filePath, f.FileInfo().Mode())
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package tz
|
package tz
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -174,5 +173,4 @@ func extractFile(f *tar.Header, tr *tar.Reader, destPath string) error {
|
||||||
return os.Chmod(filePath, f.FileInfo().Mode())
|
return os.Chmod(filePath, f.FileInfo().Mode())
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG306 - Poor permissions for WriteFile
|
||||||
// SampleCodeG306 - Poor permissions for WriteFile
|
var SampleCodeG306 = []CodeSample{
|
||||||
SampleCodeG306 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -54,5 +53,4 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG307 - Poor permissions for os.Create
|
||||||
// SampleCodeG307 - Poor permissions for os.Create
|
var SampleCodeG307 = []CodeSample{
|
||||||
SampleCodeG307 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -25,7 +24,7 @@ func main() {
|
||||||
defer f.Close()
|
defer f.Close()
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -45,5 +44,4 @@ func main() {
|
||||||
defer f.Close()
|
defer f.Close()
|
||||||
}
|
}
|
||||||
`}, 1, gosec.Config{"G307": "0o600"}},
|
`}, 1, gosec.Config{"G307": "0o600"}},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG402 - TLS settings
|
||||||
// SampleCodeG402 - TLS settings
|
var SampleCodeG402 = []CodeSample{
|
||||||
SampleCodeG402 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
// InsecureSkipVerify
|
// InsecureSkipVerify
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -27,7 +26,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// InsecureSkipVerify from variable
|
// InsecureSkipVerify from variable
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -40,7 +39,7 @@ func main() {
|
||||||
conf.InsecureSkipVerify = true
|
conf.InsecureSkipVerify = true
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Insecure minimum version
|
// Insecure minimum version
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -61,7 +60,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Insecure minimum version
|
// Insecure minimum version
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -83,7 +82,7 @@ func main() {
|
||||||
fmt.Printf("Debug: %v\n", a.MinVersion)
|
fmt.Printf("Debug: %v\n", a.MinVersion)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Insecure minimum version
|
// Insecure minimum version
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -103,7 +102,7 @@ func main() {
|
||||||
fmt.Printf("Debug: %v\n", a.MinVersion)
|
fmt.Printf("Debug: %v\n", a.MinVersion)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Insecure minimum version
|
// Insecure minimum version
|
||||||
package main
|
package main
|
||||||
import (
|
import (
|
||||||
|
@ -123,7 +122,7 @@ func main() {
|
||||||
fmt.Printf("Debug: %v\n", a.MinVersion)
|
fmt.Printf("Debug: %v\n", a.MinVersion)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Insecure minimum version
|
// Insecure minimum version
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -148,7 +147,7 @@ func main() {
|
||||||
fmt.Printf("Debug: %v\n", a.MinVersion)
|
fmt.Printf("Debug: %v\n", a.MinVersion)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Insecure minimum version
|
// Insecure minimum version
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -171,7 +170,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Insecure max version
|
// Insecure max version
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -192,7 +191,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// Insecure ciphersuite selection
|
// Insecure ciphersuite selection
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -218,7 +217,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
// secure max version when min version is specified
|
// secure max version when min version is specified
|
||||||
package main
|
package main
|
||||||
|
|
||||||
|
@ -242,7 +241,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package p0
|
package p0
|
||||||
|
|
||||||
import "crypto/tls"
|
import "crypto/tls"
|
||||||
|
@ -260,7 +259,7 @@ func TlsConfig1() *tls.Config {
|
||||||
return &tls.Config{MinVersion: 0x0304}
|
return &tls.Config{MinVersion: 0x0304}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -281,7 +280,7 @@ import "crypto/tls"
|
||||||
|
|
||||||
const MinVer = tls.VersionTLS13
|
const MinVer = tls.VersionTLS13
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -294,5 +293,4 @@ func main() {
|
||||||
_ = cryptotls.Config{MinVersion: cryptotls.VersionTLS12}
|
_ = cryptotls.Config{MinVersion: cryptotls.VersionTLS12}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG403 - weak key strength
|
||||||
// SampleCodeG403 - weak key strength
|
var SampleCodeG403 = []CodeSample{
|
||||||
SampleCodeG403 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -23,5 +22,4 @@ func main() {
|
||||||
fmt.Println(pvk)
|
fmt.Println(pvk)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG404 - weak random number
|
||||||
// SampleCodeG404 - weak random number
|
var SampleCodeG404 = []CodeSample{
|
||||||
SampleCodeG404 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "crypto/rand"
|
import "crypto/rand"
|
||||||
|
@ -15,7 +14,7 @@ func main() {
|
||||||
println(good)
|
println(good)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "math/rand"
|
import "math/rand"
|
||||||
|
@ -25,7 +24,7 @@ func main() {
|
||||||
println(bad)
|
println(bad)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -40,7 +39,7 @@ func main() {
|
||||||
println(bad)
|
println(bad)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -53,7 +52,7 @@ func main() {
|
||||||
println(bad)
|
println(bad)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -65,7 +64,7 @@ func main() {
|
||||||
println(bad)
|
println(bad)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -81,7 +80,7 @@ func main() {
|
||||||
println(bad)
|
println(bad)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -100,5 +99,4 @@ func main() {
|
||||||
_ = rand3.Intn(2) // bad
|
_ = rand3.Intn(2) // bad
|
||||||
}
|
}
|
||||||
`}, 3, gosec.NewConfig()},
|
`}, 3, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG501 - Blocklisted import MD5
|
||||||
// SampleCodeG501 - Blocklisted import MD5
|
var SampleCodeG501 = []CodeSample{
|
||||||
SampleCodeG501 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -20,5 +19,4 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG502 - Blocklisted import DES
|
||||||
// SampleCodeG502 - Blocklisted import DES
|
var SampleCodeG502 = []CodeSample{
|
||||||
SampleCodeG502 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -33,5 +32,4 @@ func main() {
|
||||||
fmt.Println("Secret message is: %s", hex.EncodeToString(ciphertext))
|
fmt.Println("Secret message is: %s", hex.EncodeToString(ciphertext))
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG503 - Blocklisted import RC4
|
||||||
// SampleCodeG503 - Blocklisted import RC4
|
var SampleCodeG503 = []CodeSample{
|
||||||
SampleCodeG503 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -25,5 +24,4 @@ func main() {
|
||||||
fmt.Println("Secret message is: %s", hex.EncodeToString(ciphertext))
|
fmt.Println("Secret message is: %s", hex.EncodeToString(ciphertext))
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG504 - Blocklisted import CGI
|
||||||
// SampleCodeG504 - Blocklisted import CGI
|
var SampleCodeG504 = []CodeSample{
|
||||||
SampleCodeG504 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -17,5 +16,4 @@ func main() {
|
||||||
cgi.Serve(http.FileServer(http.Dir("/usr/share/doc")))
|
cgi.Serve(http.FileServer(http.Dir("/usr/share/doc")))
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG505 - Blocklisted import SHA1
|
||||||
// SampleCodeG505 - Blocklisted import SHA1
|
var SampleCodeG505 = []CodeSample{
|
||||||
SampleCodeG505 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -20,5 +19,4 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
|
@ -2,10 +2,9 @@ package testutils
|
||||||
|
|
||||||
import "github.com/securego/gosec/v2"
|
import "github.com/securego/gosec/v2"
|
||||||
|
|
||||||
var (
|
// SampleCodeG602 - Slice access out of bounds
|
||||||
// SampleCodeG602 - Slice access out of bounds
|
var SampleCodeG602 = []CodeSample{
|
||||||
SampleCodeG602 = []CodeSample{
|
{[]string{`
|
||||||
{[]string{`
|
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -18,7 +17,7 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -31,7 +30,7 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -44,7 +43,7 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -57,7 +56,7 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -70,7 +69,7 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -83,7 +82,7 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -96,7 +95,7 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -110,7 +109,7 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -124,7 +123,7 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -138,7 +137,7 @@ func main() {
|
||||||
|
|
||||||
}
|
}
|
||||||
`}, 2, gosec.NewConfig()},
|
`}, 2, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -151,7 +150,7 @@ func main() {
|
||||||
fmt.Println(y)
|
fmt.Println(y)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -167,7 +166,7 @@ func doStuff(x []int) {
|
||||||
fmt.Println(newSlice)
|
fmt.Println(newSlice)
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -190,7 +189,7 @@ func doStuff(x []int) {
|
||||||
fmt.Println(newSlice2)
|
fmt.Println(newSlice2)
|
||||||
}
|
}
|
||||||
`}, 2, gosec.NewConfig()},
|
`}, 2, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -205,7 +204,7 @@ func main() {
|
||||||
fmt.Println(testMap)
|
fmt.Println(testMap)
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -217,7 +216,7 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -230,7 +229,7 @@ func main() {
|
||||||
fmt.Println(s[0])
|
fmt.Println(s[0])
|
||||||
}
|
}
|
||||||
`}, 1, gosec.NewConfig()},
|
`}, 1, gosec.NewConfig()},
|
||||||
{[]string{`
|
{[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import "fmt"
|
import "fmt"
|
||||||
|
@ -251,5 +250,4 @@ func main() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`}, 0, gosec.NewConfig()},
|
`}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
)
|
|
||||||
|
|
Loading…
Reference in a new issue