Handle the ValueSpec when trying to resolve an AST tree node

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
Cosmin Cojocar 2019-10-04 13:07:53 +02:00 committed by Cosmin Cojocar
parent ea9faae22d
commit c1970ff5c9
2 changed files with 43 additions and 10 deletions

View file

@ -14,10 +14,11 @@
package gosec package gosec
import "go/ast" import (
"go/ast"
)
func resolveIdent(n *ast.Ident, c *Context) bool { func resolveIdent(n *ast.Ident, c *Context) bool {
if n.Obj == nil || n.Obj.Kind != ast.Var { if n.Obj == nil || n.Obj.Kind != ast.Var {
return true return true
} }
@ -27,7 +28,22 @@ func resolveIdent(n *ast.Ident, c *Context) bool {
return false return false
} }
func resolveValueSpec(n *ast.ValueSpec, c *Context) bool {
if len(n.Values) == 0 {
return false
}
for _, value := range n.Values {
if !TryResolve(value, c) {
return false
}
}
return true
}
func resolveAssign(n *ast.AssignStmt, c *Context) bool { func resolveAssign(n *ast.AssignStmt, c *Context) bool {
if len(n.Rhs) == 0 {
return false
}
for _, arg := range n.Rhs { for _, arg := range n.Rhs {
if !TryResolve(arg, c) { if !TryResolve(arg, c) {
return false return false
@ -37,6 +53,9 @@ func resolveAssign(n *ast.AssignStmt, c *Context) bool {
} }
func resolveCompLit(n *ast.CompositeLit, c *Context) bool { func resolveCompLit(n *ast.CompositeLit, c *Context) bool {
if len(n.Elts) == 0 {
return false
}
for _, arg := range n.Elts { for _, arg := range n.Elts {
if !TryResolve(arg, c) { if !TryResolve(arg, c) {
return false return false
@ -61,22 +80,18 @@ func TryResolve(n ast.Node, c *Context) bool {
switch node := n.(type) { switch node := n.(type) {
case *ast.BasicLit: case *ast.BasicLit:
return true return true
case *ast.CompositeLit: case *ast.CompositeLit:
return resolveCompLit(node, c) return resolveCompLit(node, c)
case *ast.Ident: case *ast.Ident:
return resolveIdent(node, c) return resolveIdent(node, c)
case *ast.ValueSpec:
return resolveValueSpec(node, c)
case *ast.AssignStmt: case *ast.AssignStmt:
return resolveAssign(node, c) return resolveAssign(node, c)
case *ast.CallExpr: case *ast.CallExpr:
return resolveCallExpr(node, c) return resolveCallExpr(node, c)
case *ast.BinaryExpr: case *ast.BinaryExpr:
return resolveBinExpr(node, c) return resolveBinExpr(node, c)
} }
return false return false
} }

View file

@ -91,8 +91,26 @@ var _ = Describe("Resolve ast node to concrete value", func() {
Expect(target).ShouldNot(BeNil()) Expect(target).ShouldNot(BeNil())
Expect(gosec.TryResolve(target, ctx)).Should(BeTrue()) Expect(gosec.TryResolve(target, ctx)).Should(BeTrue())
}) })
It("should successfully resolve value spec", func() {
// TODO: It should resolve call expressions var value *ast.ValueSpec
pkg := testutils.NewTestPackage()
defer pkg.Close()
pkg.AddFile("foo.go", `package main; const x = "bar"; func main(){ var y string = x; println(y) }`)
ctx := pkg.CreateContext("foo.go")
v := testutils.NewMockVisitor()
v.Callback = func(n ast.Node, ctx *gosec.Context) bool {
if node, ok := n.(*ast.ValueSpec); ok {
if len(node.Names) == 1 && node.Names[0].Name == "y" {
value = node
}
}
return true
}
v.Context = ctx
ast.Walk(v, ctx.Root)
Expect(value).ShouldNot(BeNil())
Expect(gosec.TryResolve(value, ctx)).Should(BeTrue())
})
}) })