mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 03:55:54 +00:00
Additional types for bad defer check (#897)
* Additional types for bad defer check * Ignore new check in tlsconfig.go
This commit is contained in:
parent
2fe6c5b64a
commit
44f484fdc7
3 changed files with 46 additions and 2 deletions
|
@ -68,7 +68,7 @@ func getTLSConfFromURL(url string) (*ServerSideTLSJson, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
defer r.Body.Close()
|
defer r.Body.Close() //#nosec G307
|
||||||
|
|
||||||
var sstls ServerSideTLSJson
|
var sstls ServerSideTLSJson
|
||||||
err = json.NewDecoder(r.Body).Decode(&sstls)
|
err = json.NewDecoder(r.Body).Decode(&sstls)
|
||||||
|
|
|
@ -57,6 +57,34 @@ func NewDeferredClosing(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
|
||||||
typ: "os.File",
|
typ: "os.File",
|
||||||
methods: []string{"Close"},
|
methods: []string{"Close"},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
typ: "io.ReadCloser",
|
||||||
|
methods: []string{"Close"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
typ: "io.WriteCloser",
|
||||||
|
methods: []string{"Close"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
typ: "io.ReadWriteCloser",
|
||||||
|
methods: []string{"Close"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
typ: "io.ReadSeekCloser",
|
||||||
|
methods: []string{"Close"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
typ: "io.Closer",
|
||||||
|
methods: []string{"Close"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
typ: "net.Conn",
|
||||||
|
methods: []string{"Close"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
typ: "net.Listener",
|
||||||
|
methods: []string{"Close"},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
MetaData: gosec.MetaData{
|
MetaData: gosec.MetaData{
|
||||||
ID: id,
|
ID: id,
|
||||||
|
|
|
@ -2756,7 +2756,23 @@ func main() {
|
||||||
n4, err := w.WriteString("buffered\n")
|
n4, err := w.WriteString("buffered\n")
|
||||||
fmt.Printf("wrote %d bytes\n", n4)
|
fmt.Printf("wrote %d bytes\n", n4)
|
||||||
w.Flush()
|
w.Flush()
|
||||||
}`}, 1, gosec.NewConfig()},
|
}`}, 1, gosec.NewConfig()}, {[]string{`
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net"
|
||||||
|
"net/http"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
response, _ := http.Get("https://127.0.0.1")
|
||||||
|
|
||||||
|
defer response.Body.Close() // io.ReadCloser
|
||||||
|
|
||||||
|
conn, _ := net.Dial("tcp", "127.0.0.1:8080")
|
||||||
|
defer conn.Close() // net.Conn
|
||||||
|
|
||||||
|
}`}, 2, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
|
|
||||||
// SampleCodeG401 - Use of weak crypto MD5
|
// SampleCodeG401 - Use of weak crypto MD5
|
||||||
|
|
Loading…
Reference in a new issue