mirror of
https://github.com/securego/gosec.git
synced 2024-11-05 11:35:51 +00:00
Handle the ValueSpec when trying to resolve an AST tree node
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
Cosmin Cojocar
Cosmin Cojocar
parent
ea9faae22d
commit
c1970ff5c9
2 changed files with 43 additions and 10 deletions
31
resolve.go
31
resolve.go
|
|
@ -14,10 +14,11 @@
|
|||
|
||||
package gosec
|
||||
|
||||
import "go/ast"
|
||||
import (
|
||||
"go/ast"
|
||||
)
|
||||
|
||||
func resolveIdent(n *ast.Ident, c *Context) bool {
|
||||
|
||||
if n.Obj == nil || n.Obj.Kind != ast.Var {
|
||||
return true
|
||||
}
|
||||
|
|
@ -27,7 +28,22 @@ func resolveIdent(n *ast.Ident, c *Context) bool {
|
|||
return false
|
||||
}
|
||||
|
||||
func resolveValueSpec(n *ast.ValueSpec, c *Context) bool {
|
||||
if len(n.Values) == 0 {
|
||||
return false
|
||||
}
|
||||
for _, value := range n.Values {
|
||||
if !TryResolve(value, c) {
|
||||
return false
|
||||
}
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
func resolveAssign(n *ast.AssignStmt, c *Context) bool {
|
||||
if len(n.Rhs) == 0 {
|
||||
return false
|
||||
}
|
||||
for _, arg := range n.Rhs {
|
||||
if !TryResolve(arg, c) {
|
||||
return false
|
||||
|
|
@ -37,6 +53,9 @@ func resolveAssign(n *ast.AssignStmt, c *Context) bool {
|
|||
}
|
||||
|
||||
func resolveCompLit(n *ast.CompositeLit, c *Context) bool {
|
||||
if len(n.Elts) == 0 {
|
||||
return false
|
||||
}
|
||||
for _, arg := range n.Elts {
|
||||
if !TryResolve(arg, c) {
|
||||
return false
|
||||
|
|
@ -61,22 +80,18 @@ func TryResolve(n ast.Node, c *Context) bool {
|
|||
switch node := n.(type) {
|
||||
case *ast.BasicLit:
|
||||
return true
|
||||
|
||||
case *ast.CompositeLit:
|
||||
return resolveCompLit(node, c)
|
||||
|
||||
case *ast.Ident:
|
||||
return resolveIdent(node, c)
|
||||
|
||||
case *ast.ValueSpec:
|
||||
return resolveValueSpec(node, c)
|
||||
case *ast.AssignStmt:
|
||||
return resolveAssign(node, c)
|
||||
|
||||
case *ast.CallExpr:
|
||||
return resolveCallExpr(node, c)
|
||||
|
||||
case *ast.BinaryExpr:
|
||||
return resolveBinExpr(node, c)
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
|
|
|||
|
|
@ -91,8 +91,26 @@ var _ = Describe("Resolve ast node to concrete value", func() {
|
|||
Expect(target).ShouldNot(BeNil())
|
||||
Expect(gosec.TryResolve(target, ctx)).Should(BeTrue())
|
||||
})
|
||||
|
||||
// TODO: It should resolve call expressions
|
||||
It("should successfully resolve value spec", func() {
|
||||
var value *ast.ValueSpec
|
||||
pkg := testutils.NewTestPackage()
|
||||
defer pkg.Close()
|
||||
pkg.AddFile("foo.go", `package main; const x = "bar"; func main(){ var y string = x; println(y) }`)
|
||||
ctx := pkg.CreateContext("foo.go")
|
||||
v := testutils.NewMockVisitor()
|
||||
v.Callback = func(n ast.Node, ctx *gosec.Context) bool {
|
||||
if node, ok := n.(*ast.ValueSpec); ok {
|
||||
if len(node.Names) == 1 && node.Names[0].Name == "y" {
|
||||
value = node
|
||||
}
|
||||
}
|
||||
return true
|
||||
}
|
||||
v.Context = ctx
|
||||
ast.Walk(v, ctx.Root)
|
||||
Expect(value).ShouldNot(BeNil())
|
||||
Expect(gosec.TryResolve(value, ctx)).Should(BeTrue())
|
||||
})
|
||||
|
||||
})
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue