actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-05 11:35:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add filepath.EvalSymlinks to clean functions in rule G304

Browse source 
Signed-off-by: Cosmin Cojocar <cosmin@cojocar.ch>
This commit is contained in:
Cosmin Cojocar 2024-05-13 17:14:01 +02:00
parent d34f8b77d5
commit 417a44c73b
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
rules/readfile.go
View file

@ -143,6 +143,7 @@ func NewReadFile(id string, _ gosec.Config) (gosec.Rule, []ast.Node) {
rule.pathJoin.Add("path", "Join")
rule.clean.Add("path/filepath", "Clean")
rule.clean.Add("path/filepath", "Rel")
rule.clean.Add("path/filepath", "EvalSymlinks")
rule.Add("io/ioutil", "ReadFile")
rule.Add("os", "ReadFile")
rule.Add("os", "Open")