mirror of
https://github.com/securego/gosec.git
synced 2024-11-05 19:45:51 +00:00
Fix to reporting to use output formats
This commit is contained in:
Grant Murphy
parent
9b081744c9
commit
8df48f9769
3 changed files with 36 additions and 32 deletions
|
|
@ -181,12 +181,7 @@ func (gas *Analyzer) ProcessPackage(prog *loader.Program, pkg *loader.PackageInf
|
||||||
}
|
}
|
||||||
ast.Walk(gas, file)
|
ast.Walk(gas, file)
|
||||||
gas.Stats.NumFiles++
|
gas.Stats.NumFiles++
|
||||||
|
gas.Stats.NumLines += prog.Fset.File(file.Pos()).LineCount()
|
||||||
count := func(f *token.File) bool {
|
|
||||||
gas.Stats.NumLines += f.LineCount()
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
prog.Fset.Iterate(count)
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
42
main.go
42
main.go
|
|
@ -28,6 +28,7 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
gas "github.com/GoASTScanner/gas/core"
|
gas "github.com/GoASTScanner/gas/core"
|
||||||
|
"github.com/GoASTScanner/gas/output"
|
||||||
"golang.org/x/tools/go/loader"
|
"golang.org/x/tools/go/loader"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -151,7 +152,7 @@ func usage() {
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO(gm) This needs to be refactored (potentially included in Analyzer)
|
// TODO(gm) This needs to be refactored (potentially included in Analyzer)
|
||||||
func analyzePackage(packageDirectory string, config map[string]interface{}, logger *log.Logger) ([]*gas.Issue, error) {
|
func analyzePackage(packageDirectory string, metrics *gas.Metrics, config map[string]interface{}, logger *log.Logger) ([]*gas.Issue, error) {
|
||||||
|
|
||||||
basePackage, err := build.Default.ImportDir(packageDirectory, build.ImportComment)
|
basePackage, err := build.Default.ImportDir(packageDirectory, build.ImportComment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -178,7 +179,12 @@ func analyzePackage(packageDirectory string, config map[string]interface{}, logg
|
||||||
analyzer.ProcessPackage(builtPackage, pkg, file)
|
analyzer.ProcessPackage(builtPackage, pkg, file)
|
||||||
}
|
}
|
||||||
issues = append(issues, analyzer.Issues...)
|
issues = append(issues, analyzer.Issues...)
|
||||||
|
metrics.NumFiles += analyzer.Stats.NumFiles
|
||||||
|
metrics.NumFound += analyzer.Stats.NumFound
|
||||||
|
metrics.NumLines += analyzer.Stats.NumLines
|
||||||
|
metrics.NumNosec += analyzer.Stats.NumNosec
|
||||||
}
|
}
|
||||||
|
|
||||||
return issues, nil
|
return issues, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -223,6 +229,8 @@ func main() {
|
||||||
|
|
||||||
config := buildConfig(incRules, excRules)
|
config := buildConfig(incRules, excRules)
|
||||||
issues := make([]*gas.Issue, 0)
|
issues := make([]*gas.Issue, 0)
|
||||||
|
metrics := &gas.Metrics{}
|
||||||
|
|
||||||
for _, arg := range flag.Args() {
|
for _, arg := range flag.Args() {
|
||||||
if arg == "./..." {
|
if arg == "./..." {
|
||||||
baseDirectory, err := os.Getwd()
|
baseDirectory, err := os.Getwd()
|
||||||
|
|
@ -238,7 +246,7 @@ func main() {
|
||||||
log.Printf("Skipping %s\n", path)
|
log.Printf("Skipping %s\n", path)
|
||||||
return filepath.SkipDir
|
return filepath.SkipDir
|
||||||
}
|
}
|
||||||
newIssues, err := analyzePackage(path, config, logger)
|
newIssues, err := analyzePackage(path, metrics, config, logger)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Println(err)
|
log.Println(err)
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -248,7 +256,7 @@ func main() {
|
||||||
return nil
|
return nil
|
||||||
})
|
})
|
||||||
} else {
|
} else {
|
||||||
newIssues, err := analyzePackage(arg, config, logger)
|
newIssues, err := analyzePackage(arg, metrics, config, logger)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
}
|
}
|
||||||
|
|
@ -262,25 +270,17 @@ func main() {
|
||||||
os.Exit(0)
|
os.Exit(0)
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO(gm) - Report output is borken...
|
// Create output report
|
||||||
/*
|
if *flagOutput != "" {
|
||||||
for _, issue := range issues {
|
outfile, err := os.Create(*flagOutput)
|
||||||
log.Println(issue)
|
if err != nil {
|
||||||
|
logger.Fatalf("Couldn't open: %s for writing. Reason - %s", *flagOutput, err)
|
||||||
}
|
}
|
||||||
|
defer outfile.Close()
|
||||||
// Create output report
|
output.CreateReport(outfile, *flagFormat, issues, metrics)
|
||||||
if *flagOutput != "" {
|
} else {
|
||||||
outfile, err := os.Create(*flagOutput)
|
output.CreateReport(os.Stdout, *flagFormat, issues, metrics)
|
||||||
if err != nil {
|
}
|
||||||
logger.Fatalf("Couldn't open: %s for writing. Reason - %s", *flagOutput, err)
|
|
||||||
}
|
|
||||||
defer outfile.Close()
|
|
||||||
output.CreateReport(outfile, *flagFormat, &analyzer)
|
|
||||||
} else {
|
|
||||||
output.CreateReport(os.Stdout, *flagFormat, &analyzer)
|
|
||||||
}
|
|
||||||
|
|
||||||
*/
|
|
||||||
|
|
||||||
// Do we have an issue? If so exit 1
|
// Do we have an issue? If so exit 1
|
||||||
if issuesFound {
|
if issuesFound {
|
||||||
|
|
|
||||||
|
|
@ -48,7 +48,16 @@ Summary:
|
||||||
|
|
||||||
`
|
`
|
||||||
|
|
||||||
func CreateReport(w io.Writer, format string, data *gas.Analyzer) error {
|
type reportInfo struct {
|
||||||
|
Issues []*gas.Issue
|
||||||
|
Stats *gas.Metrics
|
||||||
|
}
|
||||||
|
|
||||||
|
func CreateReport(w io.Writer, format string, issues []*gas.Issue, metrics *gas.Metrics) error {
|
||||||
|
data := &reportInfo{
|
||||||
|
Issues: issues,
|
||||||
|
Stats: metrics,
|
||||||
|
}
|
||||||
var err error
|
var err error
|
||||||
switch format {
|
switch format {
|
||||||
case "json":
|
case "json":
|
||||||
|
|
@ -65,7 +74,7 @@ func CreateReport(w io.Writer, format string, data *gas.Analyzer) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func reportJSON(w io.Writer, data *gas.Analyzer) error {
|
func reportJSON(w io.Writer, data *reportInfo) error {
|
||||||
raw, err := json.MarshalIndent(data, "", "\t")
|
raw, err := json.MarshalIndent(data, "", "\t")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
|
|
@ -78,7 +87,7 @@ func reportJSON(w io.Writer, data *gas.Analyzer) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func reportCSV(w io.Writer, data *gas.Analyzer) error {
|
func reportCSV(w io.Writer, data *reportInfo) error {
|
||||||
out := csv.NewWriter(w)
|
out := csv.NewWriter(w)
|
||||||
defer out.Flush()
|
defer out.Flush()
|
||||||
for _, issue := range data.Issues {
|
for _, issue := range data.Issues {
|
||||||
|
|
@ -97,7 +106,7 @@ func reportCSV(w io.Writer, data *gas.Analyzer) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func reportFromPlaintextTemplate(w io.Writer, reportTemplate string, data *gas.Analyzer) error {
|
func reportFromPlaintextTemplate(w io.Writer, reportTemplate string, data *reportInfo) error {
|
||||||
t, e := plainTemplate.New("gas").Parse(reportTemplate)
|
t, e := plainTemplate.New("gas").Parse(reportTemplate)
|
||||||
if e != nil {
|
if e != nil {
|
||||||
return e
|
return e
|
||||||
|
|
@ -106,7 +115,7 @@ func reportFromPlaintextTemplate(w io.Writer, reportTemplate string, data *gas.A
|
||||||
return t.Execute(w, data)
|
return t.Execute(w, data)
|
||||||
}
|
}
|
||||||
|
|
||||||
func reportFromHTMLTemplate(w io.Writer, reportTemplate string, data *gas.Analyzer) error {
|
func reportFromHTMLTemplate(w io.Writer, reportTemplate string, data *reportInfo) error {
|
||||||
t, e := htmlTemplate.New("gas").Parse(reportTemplate)
|
t, e := htmlTemplate.New("gas").Parse(reportTemplate)
|
||||||
if e != nil {
|
if e != nil {
|
||||||
return e
|
return e
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue