mirror of
https://github.com/securego/gosec.git
synced 2024-11-06 03:55:50 +00:00
709ed1ba65
Currently, rule G204 warns you about every single use of the functions syscall.Exec, os.exec.CommandContext and os.Exec.Command. This can create false positives and it's not accurate because you can use those functions with perfectly secure arguments like hardcoded strings for example. With this change, G204 will warn you in 3 cases when passing arguments to a function which starts a new process the arguments: 1) are variables initialized by calling another function 2) are functions 3) are command-line arguments or environmental variables Closes: https://github.com/securego/gosec/issues/338 Signed-off-by: Martin Vrachev <mvrachev@vmware.com> |
||
---|---|---|
.. | ||
archive.go | ||
bind.go | ||
blacklist.go | ||
errors.go | ||
fileperms.go | ||
hardcoded_credentials.go | ||
rand.go | ||
readfile.go | ||
rsa.go | ||
rulelist.go | ||
rules_suite_test.go | ||
rules_test.go | ||
sql.go | ||
ssh.go | ||
ssrf.go | ||
subproc.go | ||
tempfiles.go | ||
templates.go | ||
tls.go | ||
tls_config.go | ||
unsafe.go | ||
weakcrypto.go |