Extend the insecure random rule with more insecure random functions

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
Cosmin Cojocar 2020-06-15 12:00:13 +02:00 committed by Cosmin Cojocar
parent af699f6a62
commit 6bbf8f9cbc
2 changed files with 2 additions and 2 deletions

View file

@ -37,7 +37,6 @@ import (
// node, matched := MatchCallByPackage(n, ctx, "math/rand", "Read") // node, matched := MatchCallByPackage(n, ctx, "math/rand", "Read")
// //
func MatchCallByPackage(n ast.Node, c *Context, pkg string, names ...string) (*ast.CallExpr, bool) { func MatchCallByPackage(n ast.Node, c *Context, pkg string, names ...string) (*ast.CallExpr, bool) {
importedName, found := GetImportedName(pkg, c) importedName, found := GetImportedName(pkg, c)
if !found { if !found {
return nil, false return nil, false

View file

@ -43,7 +43,8 @@ func (w *weakRand) Match(n ast.Node, c *gosec.Context) (*gosec.Issue, error) {
// NewWeakRandCheck detects the use of random number generator that isn't cryptographically secure // NewWeakRandCheck detects the use of random number generator that isn't cryptographically secure
func NewWeakRandCheck(id string, conf gosec.Config) (gosec.Rule, []ast.Node) { func NewWeakRandCheck(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
return &weakRand{ return &weakRand{
funcNames: []string{"Read", "Int"}, funcNames: []string{"New", "Read", "Float32", "Float64", "Int", "Int31",
"Int31n", "Int63", "Int63n", "Intn", "NormalFloat64", "Uint32", "Uint64"},
packagePath: "math/rand", packagePath: "math/rand",
MetaData: gosec.MetaData{ MetaData: gosec.MetaData{
ID: id, ID: id,