mirror of
https://github.com/securego/gosec.git
synced 2025-01-12 04:45:53 +00:00
Mark all lines of a multi-line finding
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
parent
4d4e5949c6
commit
6bcd89aa6b
1 changed files with 23 additions and 1 deletions
|
@ -324,12 +324,15 @@ func highlight(t string, s gosec.Score) string {
|
||||||
|
|
||||||
// printCodeSnippet prints the code snippet from the issue by adding a marker to the affected line
|
// printCodeSnippet prints the code snippet from the issue by adding a marker to the affected line
|
||||||
func printCodeSnippet(issue *gosec.Issue) string {
|
func printCodeSnippet(issue *gosec.Issue) string {
|
||||||
|
start, end := parseLine(issue.Line)
|
||||||
scanner := bufio.NewScanner(strings.NewReader(issue.Code))
|
scanner := bufio.NewScanner(strings.NewReader(issue.Code))
|
||||||
var buf bytes.Buffer
|
var buf bytes.Buffer
|
||||||
|
line := start
|
||||||
for scanner.Scan() {
|
for scanner.Scan() {
|
||||||
codeLine := scanner.Text()
|
codeLine := scanner.Text()
|
||||||
if strings.HasPrefix(codeLine, issue.Line) {
|
if strings.HasPrefix(codeLine, strconv.Itoa(line)) && line <= end {
|
||||||
codeLine = " > " + codeLine + "\n"
|
codeLine = " > " + codeLine + "\n"
|
||||||
|
line++
|
||||||
} else {
|
} else {
|
||||||
codeLine = " " + codeLine + "\n"
|
codeLine = " " + codeLine + "\n"
|
||||||
}
|
}
|
||||||
|
@ -337,3 +340,22 @@ func printCodeSnippet(issue *gosec.Issue) string {
|
||||||
}
|
}
|
||||||
return buf.String()
|
return buf.String()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// parseLine extract the start and the end line numbers from a issue line
|
||||||
|
func parseLine(line string) (int, int) {
|
||||||
|
parts := strings.Split(line, "-")
|
||||||
|
start := parts[0]
|
||||||
|
end := start
|
||||||
|
if len(parts) > 1 {
|
||||||
|
end = parts[1]
|
||||||
|
}
|
||||||
|
s, err := strconv.Atoi(start)
|
||||||
|
if err != nil {
|
||||||
|
return -1, -1
|
||||||
|
}
|
||||||
|
e, err := strconv.Atoi(end)
|
||||||
|
if err != nil {
|
||||||
|
return -1, -1
|
||||||
|
}
|
||||||
|
return s, e
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue