mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 03:55:54 +00:00
Add G204 rule for sys/execabs (#660)
* Add G204 rule for sys/execabs * syntax error in testutils/sources.go
This commit is contained in:
parent
e936c84a90
commit
514f65f3c3
2 changed files with 20 additions and 0 deletions
|
@ -81,5 +81,7 @@ func NewSubproc(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
|
|||
rule.Add("syscall", "Exec")
|
||||
rule.Add("syscall", "ForkExec")
|
||||
rule.Add("syscall", "StartProcess")
|
||||
rule.Add("golang.org/x/sys/execabs", "Command")
|
||||
rule.Add("golang.org/x/sys/execabs", "CommandContext")
|
||||
return rule, []ast.Node{(*ast.CallExpr)(nil)}
|
||||
}
|
||||
|
|
|
@ -1368,6 +1368,24 @@ func main() {
|
|||
err = cmd.Wait()
|
||||
log.Printf("Command finished with error: %v", err)
|
||||
}`}, 0, gosec.NewConfig()},
|
||||
{[]string{`
|
||||
// exec.Command from supplemental package sys/execabs
|
||||
// using variable arguments
|
||||
package main
|
||||
import (
|
||||
"context"
|
||||
"log"
|
||||
"os"
|
||||
exec "golang.org/x/sys/execabs"
|
||||
)
|
||||
func main() {
|
||||
err := exec.CommandContext(context.Background(), os.Args[0], "5").Run()
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
log.Printf("Command finished with error: %v", err)
|
||||
}
|
||||
`}, 1, gosec.NewConfig()},
|
||||
}
|
||||
|
||||
// SampleCodeG301 - mkdir permission check
|
||||
|
|
Loading…
Reference in a new issue