mirror of
https://github.com/securego/gosec.git
synced 2024-11-05 19:45:51 +00:00
Update the list of unsafe functions detected by the unsafe rule (#1033)
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
This commit is contained in:
Cosmin Cojocar
GitHub
parent
3952187ea7
commit
616520f44f
2 changed files with 44 additions and 11 deletions
|
|
@ -43,7 +43,7 @@ func (r *usingUnsafe) Match(n ast.Node, c *gosec.Context) (gi *issue.Issue, err
|
||||||
func NewUsingUnsafe(id string, _ gosec.Config) (gosec.Rule, []ast.Node) {
|
func NewUsingUnsafe(id string, _ gosec.Config) (gosec.Rule, []ast.Node) {
|
||||||
return &usingUnsafe{
|
return &usingUnsafe{
|
||||||
pkg: "unsafe",
|
pkg: "unsafe",
|
||||||
calls: []string{"Alignof", "Offsetof", "Sizeof", "Pointer"},
|
calls: []string{"Pointer", "String", "StringData", "Slice", "SliceData"},
|
||||||
MetaData: issue.MetaData{
|
MetaData: issue.MetaData{
|
||||||
ID: id,
|
ID: id,
|
||||||
What: "Use of unsafe calls should be audited",
|
What: "Use of unsafe calls should be audited",
|
||||||
|
|
|
||||||
|
|
@ -436,16 +436,49 @@ type Fake struct{}
|
||||||
func (Fake) Good() {}
|
func (Fake) Good() {}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
unsafeM := Fake{}
|
unsafeM := Fake{}
|
||||||
unsafeM.Good()
|
unsafeM.Good()
|
||||||
intArray := [...]int{1, 2}
|
intArray := [...]int{1, 2}
|
||||||
fmt.Printf("\nintArray: %v\n", intArray)
|
fmt.Printf("\nintArray: %v\n", intArray)
|
||||||
intPtr := &intArray[0]
|
intPtr := &intArray[0]
|
||||||
fmt.Printf("\nintPtr=%p, *intPtr=%d.\n", intPtr, *intPtr)
|
fmt.Printf("\nintPtr=%p, *intPtr=%d.\n", intPtr, *intPtr)
|
||||||
addressHolder := uintptr(unsafe.Pointer(intPtr)) + unsafe.Sizeof(intArray[0])
|
addressHolder := uintptr(unsafe.Pointer(intPtr))
|
||||||
intPtr = (*int)(unsafe.Pointer(addressHolder))
|
intPtr = (*int)(unsafe.Pointer(addressHolder))
|
||||||
fmt.Printf("\nintPtr=%p, *intPtr=%d.\n\n", intPtr, *intPtr)
|
fmt.Printf("\nintPtr=%p, *intPtr=%d.\n\n", intPtr, *intPtr)
|
||||||
}`}, 3, gosec.NewConfig()},
|
}`}, 2, gosec.NewConfig()},
|
||||||
|
{[]string{`
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"unsafe"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
chars := [...]byte{1, 2}
|
||||||
|
charsPtr := &chars[0]
|
||||||
|
str := unsafe.String(charsPtr, len(chars))
|
||||||
|
fmt.Printf("%s\n", str)
|
||||||
|
ptr := unsafe.StringData(str)
|
||||||
|
fmt.Printf("ptr: %p\n", ptr)
|
||||||
|
|
||||||
|
}`}, 2, gosec.NewConfig()},
|
||||||
|
{[]string{`
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"unsafe"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
chars := [...]byte{1, 2}
|
||||||
|
charsPtr := &chars[0]
|
||||||
|
slice := unsafe.Slice(charsPtr, len(chars))
|
||||||
|
fmt.Printf("%v\n", slice)
|
||||||
|
ptr := unsafe.SliceData(slice)
|
||||||
|
fmt.Printf("ptr: %p\n", ptr)
|
||||||
|
}`}, 2, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
|
|
||||||
// SampleCodeG104 finds errors that aren't being handled
|
// SampleCodeG104 finds errors that aren't being handled
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue