From e57efa84824cc4d9ce187c45c43c7df38b4245a1 Mon Sep 17 00:00:00 2001 From: Cosmin Cojocar Date: Tue, 16 Nov 2021 21:41:26 +0100 Subject: [PATCH] Fix a panic in suproc rule when the declaration of the variable is not available in the AST (#728) --- rules/subproc.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/rules/subproc.go b/rules/subproc.go index 53f8eb8..5d7cadd 100644 --- a/rules/subproc.go +++ b/rules/subproc.go @@ -55,6 +55,10 @@ func (r *subprocess) Match(n ast.Node, c *gosec.Context) (*gosec.Issue, error) { // .. indeed it is a variable then processing is different than a normal // field assignment if variable { + // skip the check when the declaration is not available + if ident.Obj == nil { + continue + } switch ident.Obj.Decl.(type) { case *ast.AssignStmt: _, assignment := ident.Obj.Decl.(*ast.AssignStmt)