From a2397580b6e85327a0146940f80fdf515670588a Mon Sep 17 00:00:00 2001 From: Cosmin Cojocar Date: Wed, 18 Oct 2023 15:00:50 +0200 Subject: [PATCH] Fix data race in the analyzer Signed-off-by: Cosmin Cojocar --- Makefile | 3 +++ analyzer.go | 5 +++++ 2 files changed, 8 insertions(+) diff --git a/Makefile b/Makefile index 61dad21..954ecba 100644 --- a/Makefile +++ b/Makefile @@ -64,6 +64,9 @@ test-coverage: install-test-deps build: go build -o $(BIN) ./cmd/gosec/ +build-race: + go build -race -o $(BIN) ./cmd/gosec/ + clean: rm -rf build vendor dist coverage.txt rm -f release image $(BIN) diff --git a/analyzer.go b/analyzer.go index 416fb21..1fd1f56 100644 --- a/analyzer.go +++ b/analyzer.go @@ -184,6 +184,7 @@ type Analyzer struct { trackSuppressions bool concurrency int analyzerList []*analysis.Analyzer + mu sync.Mutex } // NewAnalyzer builds a new analyzer. @@ -324,7 +325,9 @@ func (gosec *Analyzer) load(pkgPath string, conf *packages.Config) ([]*packages. // step 1/3 create build context. buildD := build.Default // step 2/3: add build tags to get env dependent files into basePackage. + gosec.mu.Lock() buildD.BuildTags = conf.BuildFlags + gosec.mu.Unlock() basePackage, err := buildD.ImportDir(pkgPath, build.ImportComment) if err != nil { return []*packages.Package{}, fmt.Errorf("importing dir %q: %w", pkgPath, err) @@ -348,7 +351,9 @@ func (gosec *Analyzer) load(pkgPath string, conf *packages.Config) ([]*packages. } // step 3/3 remove build tags from conf to proceed build correctly. + gosec.mu.Lock() conf.BuildFlags = nil + defer gosec.mu.Unlock() pkgs, err := packages.Load(conf, packageFiles...) if err != nil { return []*packages.Package{}, fmt.Errorf("loading files from package %q: %w", pkgPath, err)