actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-05 19:45:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix lint warnings by properly formatting the files

Browse source 
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
This commit is contained in:
Cosmin Cojocar 2023-12-08 14:30:54 +01:00 committed by Cosmin Cojocar
parent 0e2a61899a
commit 2aad3f02a5
32 changed files with 259 additions and 321 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
testutils/cgo_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeCgo - Cgo file sample
SampleCodeCgo = []CodeSample{
// SampleCodeCgo - Cgo file sample
var SampleCodeCgo = []CodeSample{
{[]string{`
package main
@ -48,5 +47,4 @@ func main() {
C.printData(cData)
}
`}, 0, gosec.NewConfig()},
}
)
}

8
testutils/g102_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG102 code snippets for network binding
SampleCodeG102 = []CodeSample{
// SampleCodeG102 code snippets for network binding
var SampleCodeG102 = []CodeSample{
// Bind to all networks explicitly
{[]string{`
package main
@ -102,5 +101,4 @@ func main() {
defer l.Close()
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g103_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG103 find instances of unsafe blocks for auditing purposes
SampleCodeG103 = []CodeSample{
// SampleCodeG103 find instances of unsafe blocks for auditing purposes
var SampleCodeG103 = []CodeSample{
{[]string{`
package main
@ -63,5 +62,4 @@ func main() {
fmt.Printf("ptr: %p\n", ptr)
}
`}, 2, gosec.NewConfig()},
}
)
}

8
testutils/g106_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG106 - ssh InsecureIgnoreHostKey
SampleCodeG106 = []CodeSample{
// SampleCodeG106 - ssh InsecureIgnoreHostKey
var SampleCodeG106 = []CodeSample{
{[]string{`
package main
@ -16,5 +15,4 @@ func main() {
_ = ssh.InsecureIgnoreHostKey()
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g107_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG107 - SSRF via http requests with variable url
SampleCodeG107 = []CodeSample{
// SampleCodeG107 - SSRF via http requests with variable url
var SampleCodeG107 = []CodeSample{
{[]string{`
// Input from the std in is considered insecure
package main
@ -194,5 +193,4 @@ func main() {
get(url)
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g108_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG108 - pprof endpoint automatically exposed
SampleCodeG108 = []CodeSample{
// SampleCodeG108 - pprof endpoint automatically exposed
var SampleCodeG108 = []CodeSample{
{[]string{`
package main
@ -38,5 +37,4 @@ func main() {
log.Fatal(http.ListenAndServe(":8080", nil))
}
`}, 0, gosec.NewConfig()},
}
)
}

8
testutils/g109_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG109 - Potential Integer OverFlow
SampleCodeG109 = []CodeSample{
// SampleCodeG109 - Potential Integer OverFlow
var SampleCodeG109 = []CodeSample{
{[]string{`
package main
@ -110,5 +109,4 @@ func main() {
fmt.Println(b, err)
}
`}, 0, gosec.NewConfig()},
}
)
}

8
testutils/g110_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG110 - potential DoS vulnerability via decompression bomb
SampleCodeG110 = []CodeSample{
// SampleCodeG110 - potential DoS vulnerability via decompression bomb
var SampleCodeG110 = []CodeSample{
{[]string{`
package main
@ -124,5 +123,4 @@ func main() {
}
}
`}, 0, gosec.NewConfig()},
}
)
}

8
testutils/g111_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG111 - potential directory traversal
SampleCodeG111 = []CodeSample{
// SampleCodeG111 - potential directory traversal
var SampleCodeG111 = []CodeSample{
{[]string{`
package main
@ -25,5 +24,4 @@ func HelloServer(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Hello, %s!", r.URL.Path[1:])
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g112_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG112 - potential slowloris attack
SampleCodeG112 = []CodeSample{
// SampleCodeG112 - potential slowloris attack
var SampleCodeG112 = []CodeSample{
{[]string{`
package main
@ -103,5 +102,4 @@ func main() {
fmt.Print("test")
}
`}, 0, gosec.NewConfig()},
}
)
}

8
testutils/g113_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG113 - Usage of Rat.SetString in math/big with an overflow
SampleCodeG113 = []CodeSample{
// SampleCodeG113 - Usage of Rat.SetString in math/big with an overflow
var SampleCodeG113 = []CodeSample{
{[]string{`
package main
@ -20,5 +19,4 @@ func main() {
fmt.Println(r)
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g114_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG114 - Use of net/http serve functions that have no support for setting timeouts
SampleCodeG114 = []CodeSample{
// SampleCodeG114 - Use of net/http serve functions that have no support for setting timeouts
var SampleCodeG114 = []CodeSample{
{[]string{`
package main
@ -69,5 +68,4 @@ func main() {
log.Fatal(err)
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g201_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG201 - SQL injection via format string
SampleCodeG201 = []CodeSample{
// SampleCodeG201 - SQL injection via format string
var SampleCodeG201 = []CodeSample{
{[]string{`
// Format string without proper quoting
package main
@ -399,5 +398,4 @@ func main() {
defer stmt.Close()
}
`}, 0, gosec.NewConfig()},
}
)
}

8
testutils/g202_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG202 - SQL query string building via string concatenation
SampleCodeG202 = []CodeSample{
// SampleCodeG202 - SQL query string building via string concatenation
var SampleCodeG202 = []CodeSample{
{[]string{`
// infixed concatenation
package main
@ -280,5 +279,4 @@ func main() {
fmt.Println(result)
}
`}, 0, gosec.NewConfig()},
}
)
}

8
testutils/g203_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG203 - Template checks
SampleCodeG203 = []CodeSample{
// SampleCodeG203 - Template checks
var SampleCodeG203 = []CodeSample{
{[]string{`
// We assume that hardcoded template strings are safe as the programmer would
// need to be explicitly shooting themselves in the foot (as below)
@ -88,5 +87,4 @@ func main() {
t.Execute(os.Stdout, v)
}
`}, 1, gosec.NewConfig()},
}
)
}

11
testutils/g204_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG204 - Subprocess auditing
SampleCodeG204 = []CodeSample{
// SampleCodeG204 - Subprocess auditing
var SampleCodeG204 = []CodeSample{
{[]string{`
package main
@ -156,7 +155,8 @@ func RunCmd(command string) {
func main() {
RunCmd("sleep")
}
`}, 1, gosec.NewConfig()},
`}, 1, gosec.NewConfig(),
},
{[]string{`
package main
@ -242,5 +242,4 @@ func main() {
log.Printf("Command finished with error: %v", err)
}
`}, 1, gosec.NewConfig()},
}
)
}

7
testutils/g301_samples.go
View file

@ -2,8 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var ( // SampleCodeG301 - mkdir permission check
SampleCodeG301 = []CodeSample{
// SampleCodeG301 - mkdir permission check
var SampleCodeG301 = []CodeSample{
{[]string{`
package main
@ -52,5 +52,4 @@ func main() {
}
}
`}, 0, gosec.NewConfig()},
}
)
}

8
testutils/g302_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG302 - file create / chmod permissions check
SampleCodeG302 = []CodeSample{
// SampleCodeG302 - file create / chmod permissions check
var SampleCodeG302 = []CodeSample{
{[]string{`
package main
@ -69,5 +68,4 @@ func main() {
}
}
`}, 0, gosec.NewConfig()},
}
)
}

8
testutils/g303_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG303 - bad tempfile permissions & hardcoded shared path
SampleCodeG303 = []CodeSample{
// SampleCodeG303 - bad tempfile permissions & hardcoded shared path
var SampleCodeG303 = []CodeSample{
{[]string{`
package samples
@ -57,5 +56,4 @@ func main() {
}
}
`}, 9, gosec.NewConfig()},
}
)
}

8
testutils/g304_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG304 - potential file inclusion vulnerability
SampleCodeG304 = []CodeSample{
// SampleCodeG304 - potential file inclusion vulnerability
var SampleCodeG304 = []CodeSample{
{[]string{`
package main
@ -303,5 +302,4 @@ package main
var THEWD string
`}, 0, gosec.NewConfig()},
}
)
}

8
testutils/g305_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG305 - File path traversal when extracting zip/tar archives
SampleCodeG305 = []CodeSample{
// SampleCodeG305 - File path traversal when extracting zip/tar archives
var SampleCodeG305 = []CodeSample{
{[]string{`
package unzip
@ -174,5 +173,4 @@ func extractFile(f *tar.Header, tr *tar.Reader, destPath string) error {
return os.Chmod(filePath, f.FileInfo().Mode())
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g306_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG306 - Poor permissions for WriteFile
SampleCodeG306 = []CodeSample{
// SampleCodeG306 - Poor permissions for WriteFile
var SampleCodeG306 = []CodeSample{
{[]string{`
package main
@ -54,5 +53,4 @@ func main() {
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g307_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG307 - Poor permissions for os.Create
SampleCodeG307 = []CodeSample{
// SampleCodeG307 - Poor permissions for os.Create
var SampleCodeG307 = []CodeSample{
{[]string{`
package main
@ -45,5 +44,4 @@ func main() {
defer f.Close()
}
`}, 1, gosec.Config{"G307": "0o600"}},
}
)
}

8
testutils/g402_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG402 - TLS settings
SampleCodeG402 = []CodeSample{
// SampleCodeG402 - TLS settings
var SampleCodeG402 = []CodeSample{
{[]string{`
// InsecureSkipVerify
package main
@ -294,5 +293,4 @@ func main() {
_ = cryptotls.Config{MinVersion: cryptotls.VersionTLS12}
}
`}, 0, gosec.NewConfig()},
}
)
}

8
testutils/g403_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG403 - weak key strength
SampleCodeG403 = []CodeSample{
// SampleCodeG403 - weak key strength
var SampleCodeG403 = []CodeSample{
{[]string{`
package main
@ -23,5 +22,4 @@ func main() {
fmt.Println(pvk)
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g404_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG404 - weak random number
SampleCodeG404 = []CodeSample{
// SampleCodeG404 - weak random number
var SampleCodeG404 = []CodeSample{
{[]string{`
package main
@ -100,5 +99,4 @@ func main() {
_ = rand3.Intn(2) // bad
}
`}, 3, gosec.NewConfig()},
}
)
}

8
testutils/g501_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG501 - Blocklisted import MD5
SampleCodeG501 = []CodeSample{
// SampleCodeG501 - Blocklisted import MD5
var SampleCodeG501 = []CodeSample{
{[]string{`
package main
@ -20,5 +19,4 @@ func main() {
}
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g502_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG502 - Blocklisted import DES
SampleCodeG502 = []CodeSample{
// SampleCodeG502 - Blocklisted import DES
var SampleCodeG502 = []CodeSample{
{[]string{`
package main
@ -33,5 +32,4 @@ func main() {
fmt.Println("Secret message is: %s", hex.EncodeToString(ciphertext))
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g503_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG503 - Blocklisted import RC4
SampleCodeG503 = []CodeSample{
// SampleCodeG503 - Blocklisted import RC4
var SampleCodeG503 = []CodeSample{
{[]string{`
package main
@ -25,5 +24,4 @@ func main() {
fmt.Println("Secret message is: %s", hex.EncodeToString(ciphertext))
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g504_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG504 - Blocklisted import CGI
SampleCodeG504 = []CodeSample{
// SampleCodeG504 - Blocklisted import CGI
var SampleCodeG504 = []CodeSample{
{[]string{`
package main
@ -17,5 +16,4 @@ func main() {
cgi.Serve(http.FileServer(http.Dir("/usr/share/doc")))
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g505_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG505 - Blocklisted import SHA1
SampleCodeG505 = []CodeSample{
// SampleCodeG505 - Blocklisted import SHA1
var SampleCodeG505 = []CodeSample{
{[]string{`
package main
@ -20,5 +19,4 @@ func main() {
}
}
`}, 1, gosec.NewConfig()},
}
)
}

8
testutils/g602_samples.go
View file

@ -2,9 +2,8 @@ package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG602 - Slice access out of bounds
SampleCodeG602 = []CodeSample{
// SampleCodeG602 - Slice access out of bounds
var SampleCodeG602 = []CodeSample{
{[]string{`
package main
@ -251,5 +250,4 @@ func main() {
}
}
`}, 0, gosec.NewConfig()},
}
)
}