actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-12-26 04:25:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix gofmt errors

Browse source
This commit is contained in:
Grant Murphy 2018-03-09 12:49:01 +10:00
parent 15095a8bef
commit 66aea5cd99
2 changed files with 4 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
rules/readfile.go
View file

@ -31,7 +31,6 @@ func (r *readfile) ID() string {
return r.MetaData.ID return r.MetaData.ID
} }
// Match inspects AST nodes to determine if the match the methods `os.Open` or `ioutil.ReadFile` // Match inspects AST nodes to determine if the match the methods `os.Open` or `ioutil.ReadFile`
func (r *readfile) Match(n ast.Node, c *gas.Context) (*gas.Issue, error) { func (r *readfile) Match(n ast.Node, c *gas.Context) (*gas.Issue, error) {
if node := r.ContainsCallExpr(n, c); node != nil { if node := r.ContainsCallExpr(n, c); node != nil {
@ -50,14 +49,14 @@ func (r *readfile) Match(n ast.Node, c *gas.Context) (*gas.Issue, error) {
// NewReadFile detects cases where we read files // NewReadFile detects cases where we read files
func NewReadFile(id string, conf gas.Config) (gas.Rule, []ast.Node) { func NewReadFile(id string, conf gas.Config) (gas.Rule, []ast.Node) {
rule := &readfile{ rule := &readfile{
CallList: gas.NewCallList(), CallList: gas.NewCallList(),
MetaData: gas.MetaData{ MetaData: gas.MetaData{
ID: id, ID: id,
What: "Potential file inclusion via variable", What: "Potential file inclusion via variable",
Severity: gas.Medium, Severity: gas.Medium,
Confidence: gas.High, Confidence: gas.High,
}, },
} }
rule.Add("io/ioutil", "ReadFile") rule.Add("io/ioutil", "ReadFile")
rule.Add("os", "Open") rule.Add("os", "Open")
return rule, []ast.Node{(*ast.CallExpr)(nil)} return rule, []ast.Node{(*ast.CallExpr)(nil)}

2
rules/rulelist.go
View file

@ -78,7 +78,7 @@ func Generate(filters ...RuleFilter) RuleList {
{"G301", "Poor file permissions used when creating a directory", NewMkdirPerms}, {"G301", "Poor file permissions used when creating a directory", NewMkdirPerms},
{"G302", "Poor file permisions used when creation file or using chmod", NewFilePerms}, {"G302", "Poor file permisions used when creation file or using chmod", NewFilePerms},
{"G303", "Creating tempfile using a predictable path", NewBadTempFile}, {"G303", "Creating tempfile using a predictable path", NewBadTempFile},
{"G304", "File path provided as taint input", NewReadFile}, {"G304", "File path provided as taint input", NewReadFile},
// crypto // crypto
{"G401", "Detect the usage of DES, RC4, or MD5", NewUsesWeakCryptography}, {"G401", "Detect the usage of DES, RC4, or MD5", NewUsesWeakCryptography},