mirror of
https://github.com/securego/gosec.git
synced 2025-01-12 04:45:53 +00:00
Initialize fresh import info for each file
The import information was being persisted between files. This was causing false positives. Fixes #87
This commit is contained in:
parent
c7bb2dd3b7
commit
ca42de24ba
2 changed files with 21 additions and 5 deletions
|
@ -34,6 +34,14 @@ type ImportInfo struct {
|
|||
InitOnly map[string]bool
|
||||
}
|
||||
|
||||
func NewImportInfo() *ImportInfo {
|
||||
return &ImportInfo{
|
||||
make(map[string]string),
|
||||
make(map[string]string),
|
||||
make(map[string]bool),
|
||||
}
|
||||
}
|
||||
|
||||
// The Context is populated with data parsed from the source code as it is scanned.
|
||||
// It is passed through to all rule functions as they are called. Rules may use
|
||||
// this data in conjunction withe the encoutered AST node.
|
||||
|
@ -92,11 +100,7 @@ func NewAnalyzer(conf map[string]interface{}, logger *log.Logger) Analyzer {
|
|||
nil,
|
||||
nil,
|
||||
nil,
|
||||
&ImportInfo{
|
||||
make(map[string]string),
|
||||
make(map[string]string),
|
||||
make(map[string]bool),
|
||||
},
|
||||
nil,
|
||||
},
|
||||
logger: logger,
|
||||
}
|
||||
|
@ -130,6 +134,7 @@ func (gas *Analyzer) process(filename string, source interface{}) error {
|
|||
return err
|
||||
}
|
||||
|
||||
gas.context.Imports = NewImportInfo()
|
||||
for _, pkg := range gas.context.Pkg.Imports() {
|
||||
gas.context.Imports.Imported[pkg.Path()] = pkg.Name()
|
||||
}
|
||||
|
|
|
@ -15,6 +15,7 @@
|
|||
package rules
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"go/ast"
|
||||
|
||||
gas "github.com/GoASTScanner/gas/core"
|
||||
|
@ -28,6 +29,16 @@ type WeakRand struct {
|
|||
|
||||
func (w *WeakRand) Match(n ast.Node, c *gas.Context) (*gas.Issue, error) {
|
||||
if _, matched := gas.MatchCallByPackage(n, c, w.packagePath, w.funcName); matched {
|
||||
fmt.Println("Imported:")
|
||||
for k, v := range c.Imports.Imported {
|
||||
fmt.Printf("%s => %s\n", k, v)
|
||||
}
|
||||
fmt.Println("Aliased:")
|
||||
for k, v := range c.Imports.Aliased {
|
||||
fmt.Printf("%s => %s\n", k, v)
|
||||
}
|
||||
fmt.Println("----------------------------------------")
|
||||
|
||||
return gas.NewIssue(c, n, w.What, w.Severity, w.Confidence), nil
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue