diff --git a/rules/tempfiles.go b/rules/tempfiles.go index 36f0f97..a2aed07 100644 --- a/rules/tempfiles.go +++ b/rules/tempfiles.go @@ -44,7 +44,7 @@ func (t *badTempFile) Match(n ast.Node, c *gosec.Context) (gi *gosec.Issue, err func NewBadTempFile(id string, conf gosec.Config) (gosec.Rule, []ast.Node) { calls := gosec.NewCallList() calls.Add("io/ioutil", "WriteFile") - calls.Add("os", "Create") + calls.AddAll("os", "Create", "WriteFile") return &badTempFile{ calls: calls, args: regexp.MustCompile(`^/tmp/.*$|^/var/tmp/.*$`), diff --git a/testutils/source.go b/testutils/source.go index 766becb..b389db2 100644 --- a/testutils/source.go +++ b/testutils/source.go @@ -1757,6 +1757,7 @@ package samples import ( "fmt" "io/ioutil" + "os" ) func main() { @@ -1764,7 +1765,17 @@ func main() { if err != nil { fmt.Println("Error while writing!") } -}`}, 1, gosec.NewConfig()}} + f, err := os.Create("/tmp/demo2") + if err != nil { + fmt.Println("Error while writing!") + } else if err = f.Close(); err != nil { + fmt.Println("Error while closing!") + } + err = os.WriteFile("/tmp/demo2", []byte("This is some data"), 0644) + if err != nil { + fmt.Println("Error while writing!") + } +}`}, 3, gosec.NewConfig()}} // SampleCodeG304 - potential file inclusion vulnerability SampleCodeG304 = []CodeSample{{[]string{`