mirror of
https://github.com/securego/gosec.git
synced 2025-01-12 04:45:53 +00:00
fix: create a separate type for flag that has validation (#692)
This commit is contained in:
parent
1978a52ff4
commit
efbefc6930
3 changed files with 74 additions and 3 deletions
|
@ -23,6 +23,8 @@ import (
|
||||||
"sort"
|
"sort"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
"github.com/securego/gosec/v2/cmd/vflag"
|
||||||
|
|
||||||
"github.com/securego/gosec/v2"
|
"github.com/securego/gosec/v2"
|
||||||
"github.com/securego/gosec/v2/report"
|
"github.com/securego/gosec/v2/report"
|
||||||
"github.com/securego/gosec/v2/rules"
|
"github.com/securego/gosec/v2/rules"
|
||||||
|
@ -94,14 +96,13 @@ var (
|
||||||
flagRulesInclude = flag.String("include", "", "Comma separated list of rules IDs to include. (see rule list)")
|
flagRulesInclude = flag.String("include", "", "Comma separated list of rules IDs to include. (see rule list)")
|
||||||
|
|
||||||
// rules to explicitly exclude
|
// rules to explicitly exclude
|
||||||
flagRulesExclude = flag.String("exclude", "", "Comma separated list of rules IDs to exclude. (see rule list)")
|
flagRulesExclude = vflag.ValidatedFlag{}
|
||||||
|
|
||||||
// rules to explicitly exclude
|
// rules to explicitly exclude
|
||||||
flagExcludeGenerated = flag.Bool("exclude-generated", false, "Exclude generated files")
|
flagExcludeGenerated = flag.Bool("exclude-generated", false, "Exclude generated files")
|
||||||
|
|
||||||
// log to file or stderr
|
// log to file or stderr
|
||||||
flagLogfile = flag.String("log", "", "Log messages to file rather than stderr")
|
flagLogfile = flag.String("log", "", "Log messages to file rather than stderr")
|
||||||
|
|
||||||
// sort the issues by severity
|
// sort the issues by severity
|
||||||
flagSortIssues = flag.Bool("sort", true, "Sort issues by severity")
|
flagSortIssues = flag.Bool("sort", true, "Sort issues by severity")
|
||||||
|
|
||||||
|
@ -293,6 +294,9 @@ func main() {
|
||||||
fmt.Fprintf(os.Stderr, "\nError: failed to exclude the %q directory from scan", ".git")
|
fmt.Fprintf(os.Stderr, "\nError: failed to exclude the %q directory from scan", ".git")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// set for exclude
|
||||||
|
flag.Var(&flagRulesExclude, "exclude", "Comma separated list of rules IDs to exclude. (see rule list)")
|
||||||
|
|
||||||
// Parse command line arguments
|
// Parse command line arguments
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
||||||
|
@ -342,7 +346,7 @@ func main() {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Load enabled rule definitions
|
// Load enabled rule definitions
|
||||||
ruleDefinitions := loadRules(*flagRulesInclude, *flagRulesExclude)
|
ruleDefinitions := loadRules(*flagRulesInclude, flagRulesExclude.String())
|
||||||
if len(ruleDefinitions) == 0 {
|
if len(ruleDefinitions) == 0 {
|
||||||
logger.Fatal("No rules are configured")
|
logger.Fatal("No rules are configured")
|
||||||
}
|
}
|
||||||
|
|
25
cmd/vflag/flag.go
Normal file
25
cmd/vflag/flag.go
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
package vflag
|
||||||
|
|
||||||
|
import (
|
||||||
|
"errors"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
// ValidatedFlag cli string type
|
||||||
|
type ValidatedFlag struct {
|
||||||
|
Value string
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f *ValidatedFlag) String() string {
|
||||||
|
return f.Value
|
||||||
|
}
|
||||||
|
|
||||||
|
// Set will be called for flag that is of validateFlag type
|
||||||
|
func (f *ValidatedFlag) Set(value string) error {
|
||||||
|
if strings.Contains(value, "-") {
|
||||||
|
return errors.New("flag value cannot start with -")
|
||||||
|
}
|
||||||
|
|
||||||
|
f.Value = value
|
||||||
|
return nil
|
||||||
|
}
|
42
flag_test.go
Normal file
42
flag_test.go
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
package gosec_test
|
||||||
|
|
||||||
|
import (
|
||||||
|
"flag"
|
||||||
|
"os"
|
||||||
|
|
||||||
|
. "github.com/onsi/ginkgo"
|
||||||
|
. "github.com/onsi/gomega"
|
||||||
|
"github.com/securego/gosec/v2/cmd/vflag"
|
||||||
|
)
|
||||||
|
|
||||||
|
var _ = Describe("Cli", func() {
|
||||||
|
Context("vflag test", func() {
|
||||||
|
It("value must be empty as parameter value contains invalid character", func() {
|
||||||
|
os.Args = []string{"gosec", "-test1=-incorrect"}
|
||||||
|
f := vflag.ValidatedFlag{}
|
||||||
|
flag.Var(&f, "test1", "")
|
||||||
|
flag.CommandLine.Init("test1", flag.ContinueOnError)
|
||||||
|
flag.Parse()
|
||||||
|
Expect(flag.Parsed()).Should(Equal(true))
|
||||||
|
Expect(f.Value).Should(Equal(``))
|
||||||
|
})
|
||||||
|
It("value must be empty as parameter value contains invalid character without equal sign", func() {
|
||||||
|
os.Args = []string{"gosec", "-test2= -incorrect"}
|
||||||
|
f := vflag.ValidatedFlag{}
|
||||||
|
flag.Var(&f, "test2", "")
|
||||||
|
flag.CommandLine.Init("test2", flag.ContinueOnError)
|
||||||
|
flag.Parse()
|
||||||
|
Expect(flag.Parsed()).Should(Equal(true))
|
||||||
|
Expect(f.Value).Should(Equal(``))
|
||||||
|
})
|
||||||
|
It("value must not be empty as parameter value contains valid character", func() {
|
||||||
|
os.Args = []string{"gosec", "-test3=correct"}
|
||||||
|
f := vflag.ValidatedFlag{}
|
||||||
|
flag.Var(&f, "test3", "")
|
||||||
|
flag.CommandLine.Init("test3", flag.ContinueOnError)
|
||||||
|
flag.Parse()
|
||||||
|
Expect(flag.Parsed()).Should(Equal(true))
|
||||||
|
Expect(f.Value).Should(Equal(`correct`))
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
Loading…
Reference in a new issue