Merge pull request #91 from GoASTScanner/experimental

Update unsafe rule to match package explicitly
This commit is contained in:
Grant Murphy 2016-11-15 14:00:59 -08:00 committed by GitHub
commit d30c5cde36
2 changed files with 11 additions and 6 deletions

View file

@ -138,7 +138,6 @@ func (gas *Analyzer) process(filename string, source interface{}) error {
for _, pkg := range gas.context.Pkg.Imports() { for _, pkg := range gas.context.Pkg.Imports() {
gas.context.Imports.Imported[pkg.Path()] = pkg.Name() gas.context.Imports.Imported[pkg.Path()] = pkg.Name()
} }
ast.Walk(gas, root) ast.Walk(gas, root)
gas.Stats.NumFiles++ gas.Stats.NumFiles++
} }
@ -203,8 +202,8 @@ func (gas *Analyzer) Visit(n ast.Node) ast.Visitor {
// Track aliased and initialization imports // Track aliased and initialization imports
if imported, ok := n.(*ast.ImportSpec); ok { if imported, ok := n.(*ast.ImportSpec); ok {
if imported.Name != nil {
path := strings.Trim(imported.Path.Value, `"`) path := strings.Trim(imported.Path.Value, `"`)
if imported.Name != nil {
if imported.Name.Name == "_" { if imported.Name.Name == "_" {
// Initialization import // Initialization import
gas.context.Imports.InitOnly[path] = true gas.context.Imports.InitOnly[path] = true
@ -213,7 +212,12 @@ func (gas *Analyzer) Visit(n ast.Node) ast.Visitor {
gas.context.Imports.Aliased[path] = imported.Name.Name gas.context.Imports.Aliased[path] = imported.Name.Name
} }
} }
// unsafe is not included in Package.Imports()
if path == "unsafe" {
gas.context.Imports.Imported[path] = path
} }
}
if val, ok := gas.ruleset[reflect.TypeOf(n)]; ok { if val, ok := gas.ruleset[reflect.TypeOf(n)]; ok {
for _, rule := range val { for _, rule := range val {
ret, err := rule.Match(n, &gas.context) ret, err := rule.Match(n, &gas.context)

View file

@ -17,16 +17,16 @@ package rules
import ( import (
gas "github.com/GoASTScanner/gas/core" gas "github.com/GoASTScanner/gas/core"
"go/ast" "go/ast"
"regexp"
) )
type UsingUnsafe struct { type UsingUnsafe struct {
gas.MetaData gas.MetaData
pattern *regexp.Regexp pkg string
calls []string
} }
func (r *UsingUnsafe) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error) { func (r *UsingUnsafe) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err error) {
if node := gas.MatchCall(n, r.pattern); node != nil { if _, matches := gas.MatchCallByPackage(n, c, r.pkg, r.calls...); matches {
return gas.NewIssue(c, n, r.What, r.Severity, r.Confidence), nil return gas.NewIssue(c, n, r.What, r.Severity, r.Confidence), nil
} }
return nil, nil return nil, nil
@ -34,7 +34,8 @@ func (r *UsingUnsafe) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err erro
func NewUsingUnsafe(conf map[string]interface{}) (gas.Rule, []ast.Node) { func NewUsingUnsafe(conf map[string]interface{}) (gas.Rule, []ast.Node) {
return &UsingUnsafe{ return &UsingUnsafe{
pattern: regexp.MustCompile(`unsafe\..*`), pkg: "unsafe",
calls: []string{"Alignof", "Offsetof", "Sizeof", "Pointer"},
MetaData: gas.MetaData{ MetaData: gas.MetaData{
What: "Use of unsafe calls should be audited", What: "Use of unsafe calls should be audited",
Severity: gas.Low, Severity: gas.Low,