mirror of
https://github.com/securego/gosec.git
synced 2025-01-12 04:45:53 +00:00
G303: catch with os.WriteFile, add os.Create test case (#718)
* Add G303 os.Create test case * Catch G303 with os.WriteFile too
This commit is contained in:
parent
873ac243ea
commit
40fa36d1de
2 changed files with 13 additions and 2 deletions
|
@ -44,7 +44,7 @@ func (t *badTempFile) Match(n ast.Node, c *gosec.Context) (gi *gosec.Issue, err
|
|||
func NewBadTempFile(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
|
||||
calls := gosec.NewCallList()
|
||||
calls.Add("io/ioutil", "WriteFile")
|
||||
calls.Add("os", "Create")
|
||||
calls.AddAll("os", "Create", "WriteFile")
|
||||
return &badTempFile{
|
||||
calls: calls,
|
||||
args: regexp.MustCompile(`^/tmp/.*$|^/var/tmp/.*$`),
|
||||
|
|
|
@ -1757,6 +1757,7 @@ package samples
|
|||
import (
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
)
|
||||
|
||||
func main() {
|
||||
|
@ -1764,7 +1765,17 @@ func main() {
|
|||
if err != nil {
|
||||
fmt.Println("Error while writing!")
|
||||
}
|
||||
}`}, 1, gosec.NewConfig()}}
|
||||
f, err := os.Create("/tmp/demo2")
|
||||
if err != nil {
|
||||
fmt.Println("Error while writing!")
|
||||
} else if err = f.Close(); err != nil {
|
||||
fmt.Println("Error while closing!")
|
||||
}
|
||||
err = os.WriteFile("/tmp/demo2", []byte("This is some data"), 0644)
|
||||
if err != nil {
|
||||
fmt.Println("Error while writing!")
|
||||
}
|
||||
}`}, 3, gosec.NewConfig()}}
|
||||
|
||||
// SampleCodeG304 - potential file inclusion vulnerability
|
||||
SampleCodeG304 = []CodeSample{{[]string{`
|
||||
|
|
Loading…
Reference in a new issue