mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 12:05:52 +00:00
Find G303 with filepath.Join'd temp dirs (#754)
This commit is contained in:
parent
19bda8d15f
commit
4c1afaa492
2 changed files with 7 additions and 1 deletions
|
@ -71,6 +71,7 @@ func NewBadTempFile(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
|
||||||
argCalls.Add("os", "TempDir")
|
argCalls.Add("os", "TempDir")
|
||||||
nestedCalls := gosec.NewCallList()
|
nestedCalls := gosec.NewCallList()
|
||||||
nestedCalls.Add("path", "Join")
|
nestedCalls.Add("path", "Join")
|
||||||
|
nestedCalls.Add("path/filepath", "Join")
|
||||||
return &badTempFile{
|
return &badTempFile{
|
||||||
calls: calls,
|
calls: calls,
|
||||||
args: regexp.MustCompile(`^(/(usr|var))?/tmp(/.*)?$`),
|
args: regexp.MustCompile(`^(/(usr|var))?/tmp(/.*)?$`),
|
||||||
|
|
|
@ -1759,6 +1759,7 @@ import (
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"os"
|
"os"
|
||||||
"path"
|
"path"
|
||||||
|
"path/filepath"
|
||||||
)
|
)
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
|
@ -1796,7 +1797,11 @@ func main() {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Println("Error while writing!")
|
fmt.Println("Error while writing!")
|
||||||
}
|
}
|
||||||
}`}, 8, gosec.NewConfig()}}
|
err = os.WriteFile(filepath.Join(os.TempDir(), "demo2"), []byte("This is some data"), 0644)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println("Error while writing!")
|
||||||
|
}
|
||||||
|
}`}, 9, gosec.NewConfig()}}
|
||||||
|
|
||||||
// SampleCodeG304 - potential file inclusion vulnerability
|
// SampleCodeG304 - potential file inclusion vulnerability
|
||||||
SampleCodeG304 = []CodeSample{{[]string{`
|
SampleCodeG304 = []CodeSample{{[]string{`
|
||||||
|
|
Loading…
Reference in a new issue