From 417a44c73be12f54ac1732daaca952f3d3a0ba9d Mon Sep 17 00:00:00 2001 From: Cosmin Cojocar Date: Mon, 13 May 2024 17:14:01 +0200 Subject: [PATCH] Add filepath.EvalSymlinks to clean functions in rule G304 Signed-off-by: Cosmin Cojocar --- rules/readfile.go | 1 + 1 file changed, 1 insertion(+) diff --git a/rules/readfile.go b/rules/readfile.go index 7ef4bba..da6b9c9 100644 --- a/rules/readfile.go +++ b/rules/readfile.go @@ -143,6 +143,7 @@ func NewReadFile(id string, _ gosec.Config) (gosec.Rule, []ast.Node) { rule.pathJoin.Add("path", "Join") rule.clean.Add("path/filepath", "Clean") rule.clean.Add("path/filepath", "Rel") + rule.clean.Add("path/filepath", "EvalSymlinks") rule.Add("io/ioutil", "ReadFile") rule.Add("os", "ReadFile") rule.Add("os", "Open")