diff --git a/rules/rulelist.go b/rules/rulelist.go index 39b6dc5..a1733d4 100644 --- a/rules/rulelist.go +++ b/rules/rulelist.go @@ -61,35 +61,35 @@ func NewRuleFilter(action bool, ruleIDs ...string) RuleFilter { func Generate(filters ...RuleFilter) RuleList { rules := []RuleDefinition{ // misc - RuleDefinition{"G101", "Look for hardcoded credentials", NewHardcodedCredentials}, - RuleDefinition{"G102", "Bind to all interfaces", NewBindsToAllNetworkInterfaces}, - RuleDefinition{"G103", "Audit the use of unsafe block", NewUsingUnsafe}, - RuleDefinition{"G104", "Audit errors not checked", NewNoErrorCheck}, - RuleDefinition{"G105", "Audit the use of big.Exp function", NewUsingBigExp}, - RuleDefinition{"G106", "Audit the use of ssh.InsecureIgnoreHostKey function", NewSSHHostKey}, + {"G101", "Look for hardcoded credentials", NewHardcodedCredentials}, + {"G102", "Bind to all interfaces", NewBindsToAllNetworkInterfaces}, + {"G103", "Audit the use of unsafe block", NewUsingUnsafe}, + {"G104", "Audit errors not checked", NewNoErrorCheck}, + {"G105", "Audit the use of big.Exp function", NewUsingBigExp}, + {"G106", "Audit the use of ssh.InsecureIgnoreHostKey function", NewSSHHostKey}, // injection - RuleDefinition{"G201", "SQL query construction using format string", NewSQLStrFormat}, - RuleDefinition{"G202", "SQL query construction using string concatenation", NewSQLStrConcat}, - RuleDefinition{"G203", "Use of unescaped data in HTML templates", NewTemplateCheck}, - RuleDefinition{"G204", "Audit use of command execution", NewSubproc}, + {"G201", "SQL query construction using format string", NewSQLStrFormat}, + {"G202", "SQL query construction using string concatenation", NewSQLStrConcat}, + {"G203", "Use of unescaped data in HTML templates", NewTemplateCheck}, + {"G204", "Audit use of command execution", NewSubproc}, // filesystem - RuleDefinition{"G301", "Poor file permissions used when creating a directory", NewMkdirPerms}, - RuleDefinition{"G302", "Poor file permisions used when creation file or using chmod", NewFilePerms}, - RuleDefinition{"G303", "Creating tempfile using a predictable path", NewBadTempFile}, + {"G301", "Poor file permissions used when creating a directory", NewMkdirPerms}, + {"G302", "Poor file permisions used when creation file or using chmod", NewFilePerms}, + {"G303", "Creating tempfile using a predictable path", NewBadTempFile}, // crypto - RuleDefinition{"G401", "Detect the usage of DES, RC4, or MD5", NewUsesWeakCryptography}, - RuleDefinition{"G402", "Look for bad TLS connection settings", NewIntermediateTLSCheck}, - RuleDefinition{"G403", "Ensure minimum RSA key length of 2048 bits", NewWeakKeyStrength}, - RuleDefinition{"G404", "Insecure random number source (rand)", NewWeakRandCheck}, + {"G401", "Detect the usage of DES, RC4, or MD5", NewUsesWeakCryptography}, + {"G402", "Look for bad TLS connection settings", NewIntermediateTLSCheck}, + {"G403", "Ensure minimum RSA key length of 2048 bits", NewWeakKeyStrength}, + {"G404", "Insecure random number source (rand)", NewWeakRandCheck}, // blacklist - RuleDefinition{"G501", "Import blacklist: crypto/md5", NewBlacklistedImportMD5}, - RuleDefinition{"G502", "Import blacklist: crypto/des", NewBlacklistedImportDES}, - RuleDefinition{"G503", "Import blacklist: crypto/rc4", NewBlacklistedImportRC4}, - RuleDefinition{"G504", "Import blacklist: net/http/cgi", NewBlacklistedImportCGI}, + {"G501", "Import blacklist: crypto/md5", NewBlacklistedImportMD5}, + {"G502", "Import blacklist: crypto/des", NewBlacklistedImportDES}, + {"G503", "Import blacklist: crypto/rc4", NewBlacklistedImportRC4}, + {"G504", "Import blacklist: net/http/cgi", NewBlacklistedImportCGI}, } ruleMap := make(map[string]RuleDefinition)