mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 12:05:52 +00:00
Refactor path matching logic
Effectively using filepath.Glob to build a set of files and directories to exclude from the scan. (ref: https://golang.org/pkg/path/filepath/#Glob)
This commit is contained in:
parent
b5a98c12a8
commit
59fbf7446d
2 changed files with 46 additions and 48 deletions
90
filelist.go
90
filelist.go
|
@ -15,59 +15,57 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"os"
|
|
||||||
"path"
|
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
type filelist []string
|
type filelist struct {
|
||||||
|
paths map[string]bool
|
||||||
func (f *filelist) String() string {
|
globs []string
|
||||||
return strings.Join([]string(*f), ", ")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (f *filelist) Set(val string) error {
|
func newFileList(paths ...string) *filelist {
|
||||||
*f = append(*f, val)
|
|
||||||
|
f := &filelist{
|
||||||
|
make(map[string]bool),
|
||||||
|
make([]string, 0),
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, path := range paths {
|
||||||
|
f.Set(path)
|
||||||
|
}
|
||||||
|
return f
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f *filelist) String() string {
|
||||||
|
return strings.Join(f.globs, ", ")
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f *filelist) Set(path string) error {
|
||||||
|
f.globs = append(f.globs, path)
|
||||||
|
matches, e := filepath.Glob(path)
|
||||||
|
if e != nil {
|
||||||
|
return e
|
||||||
|
}
|
||||||
|
for _, each := range matches {
|
||||||
|
abs, e := filepath.Abs(each)
|
||||||
|
if e != nil {
|
||||||
|
return e
|
||||||
|
}
|
||||||
|
f.paths[abs] = true
|
||||||
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (f *filelist) Contains(pathname string) bool {
|
func (f filelist) Contains(path string) bool {
|
||||||
|
_, present := f.paths[path]
|
||||||
// Ignore dot files
|
return present
|
||||||
_, filename := filepath.Split(pathname)
|
|
||||||
if strings.HasPrefix(filename, ".") {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
|
|
||||||
cwd, _ := os.Getwd()
|
|
||||||
abs, _ := filepath.Abs(pathname)
|
|
||||||
|
|
||||||
for _, pattern := range *f {
|
|
||||||
|
|
||||||
// Also check working directory
|
|
||||||
rel := path.Join(cwd, pattern)
|
|
||||||
|
|
||||||
// Match pattern directly
|
|
||||||
if matched, _ := filepath.Match(pattern, pathname); matched {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
// Also check pattern relative to working directory
|
|
||||||
if matched, _ := filepath.Match(rel, pathname); matched {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
|
|
||||||
// match file suffixes ie. *_test.go
|
|
||||||
if matched, _ := filepath.Match(filepath.Join("**", pattern), pathname); matched {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
|
|
||||||
// Finally try absolute path
|
|
||||||
st, e := os.Stat(rel)
|
|
||||||
if os.IsExist(e) && st.IsDir() && strings.HasPrefix(abs, rel) {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
return false
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
func (f filelist) Dump() {
|
||||||
|
for k, _ := range f.paths {
|
||||||
|
println(k)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
|
4
main.go
4
main.go
|
@ -139,8 +139,8 @@ func main() {
|
||||||
flag.Usage = usage
|
flag.Usage = usage
|
||||||
|
|
||||||
// Exclude files
|
// Exclude files
|
||||||
var excluded filelist = []string{"*_test.go"}
|
excluded := newFileList("**/*_test.go")
|
||||||
flag.Var(&excluded, "skip", "File pattern to exclude from scan")
|
flag.Var(excluded, "skip", "File pattern to exclude from scan")
|
||||||
|
|
||||||
incRules := ""
|
incRules := ""
|
||||||
flag.StringVar(&incRules, "include", "", "Comma separated list of rules IDs to include. (see rule list)")
|
flag.StringVar(&incRules, "include", "", "Comma separated list of rules IDs to include. (see rule list)")
|
||||||
|
|
Loading…
Reference in a new issue