mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 12:05:52 +00:00
Change unit tests to check for one thing (#381)
The unit tests should check for a single thing at a time. This was not true for some the tests. Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
This commit is contained in:
parent
7dbc65b199
commit
b504783a71
1 changed files with 109 additions and 22 deletions
|
@ -788,36 +788,123 @@ func main() {
|
||||||
// SampleCodeG301 - mkdir permission check
|
// SampleCodeG301 - mkdir permission check
|
||||||
SampleCodeG301 = []CodeSample{{[]string{`
|
SampleCodeG301 = []CodeSample{{[]string{`
|
||||||
package main
|
package main
|
||||||
import "os"
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
)
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
os.Mkdir("/tmp/mydir", 0777)
|
err := os.Mkdir("/tmp/mydir", 0777)
|
||||||
os.Mkdir("/tmp/mydir", 0600)
|
if err != nil {
|
||||||
os.MkdirAll("/tmp/mydir/mysubidr", 0775)
|
fmt.Println("Error when creating a directory!")
|
||||||
}`}, 2, gosec.NewConfig()}}
|
return
|
||||||
|
}
|
||||||
|
}`}, 1, gosec.NewConfig()}, {[]string{`
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
err := os.MkdirAll("/tmp/mydir", 0777)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println("Error when creating a directory!")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}`}, 1, gosec.NewConfig()}, {[]string{`
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
err := os.Mkdir("/tmp/mydir", 0600)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println("Error when creating a directory!")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}`}, 0, gosec.NewConfig()}}
|
||||||
|
|
||||||
// SampleCodeG302 - file create / chmod permissions check
|
// SampleCodeG302 - file create / chmod permissions check
|
||||||
SampleCodeG302 = []CodeSample{{[]string{`
|
SampleCodeG302 = []CodeSample{{[]string{`
|
||||||
package main
|
package main
|
||||||
import "os"
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
)
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
os.Chmod("/tmp/somefile", 0777)
|
err := os.Chmod("/tmp/somefile", 0777)
|
||||||
os.Chmod("/tmp/someotherfile", 0600)
|
if err != nil {
|
||||||
os.OpenFile("/tmp/thing", os.O_CREATE|os.O_WRONLY, 0666)
|
fmt.Println("Error when changing file permissions!")
|
||||||
os.OpenFile("/tmp/thing", os.O_CREATE|os.O_WRONLY, 0600)
|
return
|
||||||
}`}, 2, gosec.NewConfig()}}
|
}
|
||||||
|
}`}, 1, gosec.NewConfig()}, {[]string{`
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
_, err := os.OpenFile("/tmp/thing", os.O_CREATE|os.O_WRONLY, 0666)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println("Error opening a file!")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}`}, 1, gosec.NewConfig()}, {[]string{`
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
err := os.Chmod("/tmp/mydir", 0400)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println("Error")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}`}, 0, gosec.NewConfig()}, {[]string{`
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
_, err := os.OpenFile("/tmp/thing", os.O_CREATE|os.O_WRONLY, 0600)
|
||||||
|
if err != nil {
|
||||||
|
fmt.Println("Error opening a file!")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
`}, 0, gosec.NewConfig()}}
|
||||||
|
|
||||||
// SampleCodeG303 - bad tempfile permissions & hardcoded shared path
|
// SampleCodeG303 - bad tempfile permissions & hardcoded shared path
|
||||||
SampleCodeG303 = []CodeSample{{[]string{`
|
SampleCodeG303 = []CodeSample{{[]string{`
|
||||||
package samples
|
package samples
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"os"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
file1, _ := os.Create("/tmp/demo1")
|
err := ioutil.WriteFile("/tmp/demo2", []byte("This is some data"), 0644)
|
||||||
defer file1.Close()
|
if err != nil {
|
||||||
ioutil.WriteFile("/tmp/demo2", []byte("This is some data"), 0644)
|
fmt.Println("Error while writing!")
|
||||||
}`}, 2, gosec.NewConfig()}}
|
}
|
||||||
|
}`}, 1, gosec.NewConfig()}}
|
||||||
|
|
||||||
// SampleCodeG304 - potential file inclusion vulnerability
|
// SampleCodeG304 - potential file inclusion vulnerability
|
||||||
SampleCodeG304 = []CodeSample{{[]string{`
|
SampleCodeG304 = []CodeSample{{[]string{`
|
||||||
|
@ -828,12 +915,12 @@ import (
|
||||||
"log"
|
"log"
|
||||||
)
|
)
|
||||||
func main() {
|
func main() {
|
||||||
f := os.Getenv("tainted_file")
|
f := os.Getenv("tainted_file")
|
||||||
body, err := ioutil.ReadFile(f)
|
body, err := ioutil.ReadFile(f)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("Error: %v\n", err)
|
log.Printf("Error: %v\n", err)
|
||||||
}
|
}
|
||||||
log.Print(body)
|
log.Print(body)
|
||||||
|
|
||||||
}`}, 1, gosec.NewConfig()}, {[]string{`
|
}`}, 1, gosec.NewConfig()}, {[]string{`
|
||||||
package main
|
package main
|
||||||
|
|
Loading…
Reference in a new issue