mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 03:55:54 +00:00
Adding a config block to the analyzer, parsed from JSON
A CLI option can now be given to tell GAS it should parse data from a JSON file. Fatal errors are given if the file is not readable or is not valid JSON.
This commit is contained in:
parent
8261ee58d6
commit
d4367de2e2
17 changed files with 75 additions and 48 deletions
|
@ -15,11 +15,13 @@
|
||||||
package core
|
package core
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"encoding/json"
|
||||||
"go/ast"
|
"go/ast"
|
||||||
"go/importer"
|
"go/importer"
|
||||||
"go/parser"
|
"go/parser"
|
||||||
"go/token"
|
"go/token"
|
||||||
"go/types"
|
"go/types"
|
||||||
|
"io/ioutil"
|
||||||
"log"
|
"log"
|
||||||
"os"
|
"os"
|
||||||
"reflect"
|
"reflect"
|
||||||
|
@ -53,19 +55,33 @@ type Analyzer struct {
|
||||||
logger *log.Logger
|
logger *log.Logger
|
||||||
Issues []Issue `json:"issues"`
|
Issues []Issue `json:"issues"`
|
||||||
Stats Metrics `json:"metrics"`
|
Stats Metrics `json:"metrics"`
|
||||||
|
Config map[string]interface{}
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewAnalyzer(ignoreNosec bool, logger *log.Logger) Analyzer {
|
func NewAnalyzer(ignoreNosec bool, conf *string, logger *log.Logger) Analyzer {
|
||||||
if logger == nil {
|
if logger == nil {
|
||||||
logger = log.New(os.Stdout, "[gas]", 0)
|
logger = log.New(os.Stdout, "[gas]", 0)
|
||||||
}
|
}
|
||||||
return Analyzer{
|
a := Analyzer{
|
||||||
ignoreNosec: ignoreNosec,
|
ignoreNosec: ignoreNosec,
|
||||||
ruleset: make(RuleSet),
|
ruleset: make(RuleSet),
|
||||||
Issues: make([]Issue, 0),
|
Issues: make([]Issue, 0),
|
||||||
context: Context{token.NewFileSet(), nil, nil, nil},
|
context: Context{token.NewFileSet(), nil, nil, nil},
|
||||||
logger: logger,
|
logger: logger,
|
||||||
|
Config: nil,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if conf != nil && *conf != "" { // if we have a config
|
||||||
|
if data, err := ioutil.ReadFile(*conf); err == nil {
|
||||||
|
if err := json.Unmarshal(data, &(a.Config)); err != nil {
|
||||||
|
logger.Fatal("Could not parse JSON config: ", *conf, ": ", err)
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
logger.Fatal("Could not read config file: ", *conf)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return a
|
||||||
}
|
}
|
||||||
|
|
||||||
func (gas *Analyzer) process(filename string, source interface{}) error {
|
func (gas *Analyzer) process(filename string, source interface{}) error {
|
||||||
|
|
4
main.go
4
main.go
|
@ -35,6 +35,8 @@ var flagFormat = flag.String("fmt", "text", "Set output format. Valid options ar
|
||||||
// output file
|
// output file
|
||||||
var flagOutput = flag.String("out", "", "Set output file for results")
|
var flagOutput = flag.String("out", "", "Set output file for results")
|
||||||
|
|
||||||
|
var flagConfig = flag.String("conf", "", "Path to optional config file")
|
||||||
|
|
||||||
var usageText = `
|
var usageText = `
|
||||||
GAS - Go AST Scanner
|
GAS - Go AST Scanner
|
||||||
|
|
||||||
|
@ -99,7 +101,7 @@ func main() {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Setup analyzer
|
// Setup analyzer
|
||||||
analyzer := gas.NewAnalyzer(*flagIgnoreNoSec, logger)
|
analyzer := gas.NewAnalyzer(*flagIgnoreNoSec, flagConfig, logger)
|
||||||
if !rules.overwritten {
|
if !rules.overwritten {
|
||||||
rules.useDefaults()
|
rules.useDefaults()
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,12 +15,13 @@
|
||||||
package rules
|
package rules
|
||||||
|
|
||||||
import (
|
import (
|
||||||
gas "github.com/HewlettPackard/gas/core"
|
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
gas "github.com/HewlettPackard/gas/core"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestBind0000(t *testing.T) {
|
func TestBind0000(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewBindsToAllNetworkInterfaces())
|
analyzer.AddRule(NewBindsToAllNetworkInterfaces())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
@ -41,7 +42,7 @@ func TestBind0000(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestBindEmptyHost(t *testing.T) {
|
func TestBindEmptyHost(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewBindsToAllNetworkInterfaces())
|
analyzer.AddRule(NewBindsToAllNetworkInterfaces())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
|
|
@ -21,7 +21,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestErrorsMulti(t *testing.T) {
|
func TestErrorsMulti(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewNoErrorCheck())
|
analyzer.AddRule(NewNoErrorCheck())
|
||||||
|
|
||||||
issues := gasTestRunner(
|
issues := gasTestRunner(
|
||||||
|
@ -43,7 +43,7 @@ func TestErrorsMulti(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestErrorsSingle(t *testing.T) {
|
func TestErrorsSingle(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewNoErrorCheck())
|
analyzer.AddRule(NewNoErrorCheck())
|
||||||
|
|
||||||
issues := gasTestRunner(
|
issues := gasTestRunner(
|
||||||
|
@ -65,7 +65,7 @@ func TestErrorsSingle(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestErrorsGood(t *testing.T) {
|
func TestErrorsGood(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewNoErrorCheck())
|
analyzer.AddRule(NewNoErrorCheck())
|
||||||
|
|
||||||
issues := gasTestRunner(
|
issues := gasTestRunner(
|
||||||
|
|
|
@ -15,12 +15,13 @@
|
||||||
package rules
|
package rules
|
||||||
|
|
||||||
import (
|
import (
|
||||||
gas "github.com/HewlettPackard/gas/core"
|
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
gas "github.com/HewlettPackard/gas/core"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestChmod(t *testing.T) {
|
func TestChmod(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewChmodPerms())
|
analyzer.AddRule(NewChmodPerms())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
@ -35,7 +36,7 @@ func TestChmod(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestMkdir(t *testing.T) {
|
func TestMkdir(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewMkdirPerms())
|
analyzer.AddRule(NewMkdirPerms())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
|
|
@ -15,12 +15,13 @@
|
||||||
package rules
|
package rules
|
||||||
|
|
||||||
import (
|
import (
|
||||||
gas "github.com/HewlettPackard/gas/core"
|
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
gas "github.com/HewlettPackard/gas/core"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestHardcoded(t *testing.T) {
|
func TestHardcoded(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewHardcodedCredentials())
|
analyzer.AddRule(NewHardcodedCredentials())
|
||||||
|
|
||||||
issues := gasTestRunner(
|
issues := gasTestRunner(
|
||||||
|
|
|
@ -21,7 +21,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestHttpoxy(t *testing.T) {
|
func TestHttpoxy(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewHttpoxyTest())
|
analyzer.AddRule(NewHttpoxyTest())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
|
|
@ -21,7 +21,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestNosec(t *testing.T) {
|
func TestNosec(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewSubproc())
|
analyzer.AddRule(NewSubproc())
|
||||||
|
|
||||||
issues := gasTestRunner(
|
issues := gasTestRunner(
|
||||||
|
@ -39,7 +39,7 @@ func TestNosec(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestNosecBlock(t *testing.T) {
|
func TestNosecBlock(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewSubproc())
|
analyzer.AddRule(NewSubproc())
|
||||||
|
|
||||||
issues := gasTestRunner(
|
issues := gasTestRunner(
|
||||||
|
|
|
@ -21,7 +21,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestRandOk(t *testing.T) {
|
func TestRandOk(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewWeakRandCheck())
|
analyzer.AddRule(NewWeakRandCheck())
|
||||||
|
|
||||||
issues := gasTestRunner(
|
issues := gasTestRunner(
|
||||||
|
@ -38,7 +38,7 @@ func TestRandOk(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestRandBad(t *testing.T) {
|
func TestRandBad(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewWeakRandCheck())
|
analyzer.AddRule(NewWeakRandCheck())
|
||||||
|
|
||||||
issues := gasTestRunner(
|
issues := gasTestRunner(
|
||||||
|
|
|
@ -15,12 +15,13 @@
|
||||||
package rules
|
package rules
|
||||||
|
|
||||||
import (
|
import (
|
||||||
gas "github.com/HewlettPackard/gas/core"
|
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
gas "github.com/HewlettPackard/gas/core"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestRSAKeys(t *testing.T) {
|
func TestRSAKeys(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewWeakKeyStrength())
|
analyzer.AddRule(NewWeakKeyStrength())
|
||||||
|
|
||||||
issues := gasTestRunner(
|
issues := gasTestRunner(
|
||||||
|
|
|
@ -21,7 +21,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestSQLInjectionViaConcatenation(t *testing.T) {
|
func TestSQLInjectionViaConcatenation(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewSqlStrConcat())
|
analyzer.AddRule(NewSqlStrConcat())
|
||||||
|
|
||||||
source := `
|
source := `
|
||||||
|
@ -48,7 +48,7 @@ func TestSQLInjectionViaConcatenation(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestSQLInjectionViaIntepolation(t *testing.T) {
|
func TestSQLInjectionViaIntepolation(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewSqlStrFormat())
|
analyzer.AddRule(NewSqlStrFormat())
|
||||||
|
|
||||||
source := `
|
source := `
|
||||||
|
@ -77,7 +77,7 @@ func TestSQLInjectionViaIntepolation(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestSQLInjectionFalsePositiveA(t *testing.T) {
|
func TestSQLInjectionFalsePositiveA(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewSqlStrConcat())
|
analyzer.AddRule(NewSqlStrConcat())
|
||||||
analyzer.AddRule(NewSqlStrFormat())
|
analyzer.AddRule(NewSqlStrFormat())
|
||||||
|
|
||||||
|
@ -112,7 +112,7 @@ func TestSQLInjectionFalsePositiveA(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestSQLInjectionFalsePositiveB(t *testing.T) {
|
func TestSQLInjectionFalsePositiveB(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewSqlStrConcat())
|
analyzer.AddRule(NewSqlStrConcat())
|
||||||
analyzer.AddRule(NewSqlStrFormat())
|
analyzer.AddRule(NewSqlStrFormat())
|
||||||
|
|
||||||
|
@ -147,7 +147,7 @@ func TestSQLInjectionFalsePositiveB(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestSQLInjectionFalsePositiveC(t *testing.T) {
|
func TestSQLInjectionFalsePositiveC(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewSqlStrConcat())
|
analyzer.AddRule(NewSqlStrConcat())
|
||||||
analyzer.AddRule(NewSqlStrFormat())
|
analyzer.AddRule(NewSqlStrFormat())
|
||||||
|
|
||||||
|
@ -182,7 +182,7 @@ func TestSQLInjectionFalsePositiveC(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestSQLInjectionFalsePositiveD(t *testing.T) {
|
func TestSQLInjectionFalsePositiveD(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewSqlStrConcat())
|
analyzer.AddRule(NewSqlStrConcat())
|
||||||
analyzer.AddRule(NewSqlStrFormat())
|
analyzer.AddRule(NewSqlStrFormat())
|
||||||
|
|
||||||
|
|
|
@ -15,12 +15,13 @@
|
||||||
package rules
|
package rules
|
||||||
|
|
||||||
import (
|
import (
|
||||||
gas "github.com/HewlettPackard/gas/core"
|
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
gas "github.com/HewlettPackard/gas/core"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestSubprocess(t *testing.T) {
|
func TestSubprocess(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewSubproc())
|
analyzer.AddRule(NewSubproc())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
@ -46,7 +47,7 @@ func TestSubprocess(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestSubprocessVar(t *testing.T) {
|
func TestSubprocessVar(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewSubproc())
|
analyzer.AddRule(NewSubproc())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
@ -73,7 +74,7 @@ func TestSubprocessVar(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestSubprocessPath(t *testing.T) {
|
func TestSubprocessPath(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewSubproc())
|
analyzer.AddRule(NewSubproc())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
|
|
@ -15,12 +15,13 @@
|
||||||
package rules
|
package rules
|
||||||
|
|
||||||
import (
|
import (
|
||||||
gas "github.com/HewlettPackard/gas/core"
|
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
gas "github.com/HewlettPackard/gas/core"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestTempfiles(t *testing.T) {
|
func TestTempfiles(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewBadTempFile())
|
analyzer.AddRule(NewBadTempFile())
|
||||||
|
|
||||||
source := `
|
source := `
|
||||||
|
|
|
@ -15,12 +15,13 @@
|
||||||
package rules
|
package rules
|
||||||
|
|
||||||
import (
|
import (
|
||||||
gas "github.com/HewlettPackard/gas/core"
|
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
gas "github.com/HewlettPackard/gas/core"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestTemplateCheckSafe(t *testing.T) {
|
func TestTemplateCheckSafe(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewTemplateCheck())
|
analyzer.AddRule(NewTemplateCheck())
|
||||||
|
|
||||||
source := `
|
source := `
|
||||||
|
@ -47,7 +48,7 @@ func TestTemplateCheckSafe(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestTemplateCheckBadHTML(t *testing.T) {
|
func TestTemplateCheckBadHTML(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewTemplateCheck())
|
analyzer.AddRule(NewTemplateCheck())
|
||||||
|
|
||||||
source := `
|
source := `
|
||||||
|
@ -75,7 +76,7 @@ func TestTemplateCheckBadHTML(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestTemplateCheckBadJS(t *testing.T) {
|
func TestTemplateCheckBadJS(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewTemplateCheck())
|
analyzer.AddRule(NewTemplateCheck())
|
||||||
|
|
||||||
source := `
|
source := `
|
||||||
|
@ -103,7 +104,7 @@ func TestTemplateCheckBadJS(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestTemplateCheckBadURL(t *testing.T) {
|
func TestTemplateCheckBadURL(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewTemplateCheck())
|
analyzer.AddRule(NewTemplateCheck())
|
||||||
|
|
||||||
source := `
|
source := `
|
||||||
|
|
|
@ -21,7 +21,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestInsecureSkipVerify(t *testing.T) {
|
func TestInsecureSkipVerify(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewModernTlsCheck())
|
analyzer.AddRule(NewModernTlsCheck())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
@ -49,7 +49,7 @@ func TestInsecureSkipVerify(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestInsecureMinVersion(t *testing.T) {
|
func TestInsecureMinVersion(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewModernTlsCheck())
|
analyzer.AddRule(NewModernTlsCheck())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
@ -77,7 +77,7 @@ func TestInsecureMinVersion(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestInsecureMaxVersion(t *testing.T) {
|
func TestInsecureMaxVersion(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewModernTlsCheck())
|
analyzer.AddRule(NewModernTlsCheck())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
@ -105,7 +105,7 @@ func TestInsecureMaxVersion(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestInsecureCipherSuite(t *testing.T) {
|
func TestInsecureCipherSuite(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewModernTlsCheck())
|
analyzer.AddRule(NewModernTlsCheck())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
|
|
@ -15,12 +15,13 @@
|
||||||
package rules
|
package rules
|
||||||
|
|
||||||
import (
|
import (
|
||||||
gas "github.com/HewlettPackard/gas/core"
|
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
gas "github.com/HewlettPackard/gas/core"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestUnsafe(t *testing.T) {
|
func TestUnsafe(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewUsingUnsafe())
|
analyzer.AddRule(NewUsingUnsafe())
|
||||||
|
|
||||||
issues := gasTestRunner(`
|
issues := gasTestRunner(`
|
||||||
|
|
|
@ -15,12 +15,13 @@
|
||||||
package rules
|
package rules
|
||||||
|
|
||||||
import (
|
import (
|
||||||
gas "github.com/HewlettPackard/gas/core"
|
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
gas "github.com/HewlettPackard/gas/core"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestMD5(t *testing.T) {
|
func TestMD5(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewImportsWeakCryptography())
|
analyzer.AddRule(NewImportsWeakCryptography())
|
||||||
analyzer.AddRule(NewUsesWeakCryptography())
|
analyzer.AddRule(NewUsesWeakCryptography())
|
||||||
|
|
||||||
|
@ -41,7 +42,7 @@ func TestMD5(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestDES(t *testing.T) {
|
func TestDES(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewImportsWeakCryptography())
|
analyzer.AddRule(NewImportsWeakCryptography())
|
||||||
analyzer.AddRule(NewUsesWeakCryptography())
|
analyzer.AddRule(NewUsesWeakCryptography())
|
||||||
|
|
||||||
|
@ -80,7 +81,7 @@ func TestDES(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestRC4(t *testing.T) {
|
func TestRC4(t *testing.T) {
|
||||||
analyzer := gas.NewAnalyzer(false, nil)
|
analyzer := gas.NewAnalyzer(false, nil, nil)
|
||||||
analyzer.AddRule(NewImportsWeakCryptography())
|
analyzer.AddRule(NewImportsWeakCryptography())
|
||||||
analyzer.AddRule(NewUsesWeakCryptography())
|
analyzer.AddRule(NewUsesWeakCryptography())
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue