1
0
mirror of https://github.com/securego/gosec.git synced 2025-01-20 02:59:51 +02:00

Fix the configuration parsing for hardcoded credentials

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
Cosmin Cojocar 2020-04-15 16:10:21 +02:00 committed by Cosmin Cojocar
parent c58f3563d3
commit 802292c54f

View File

@ -105,31 +105,39 @@ func NewHardcodedCredentials(id string, conf gosec.Config) (gosec.Rule, []ast.No
ignoreEntropy := false ignoreEntropy := false
var truncateString = 16 var truncateString = 16
if val, ok := conf["G101"]; ok { if val, ok := conf["G101"]; ok {
conf := val.(map[string]string) conf := val.(map[string]interface{})
if configPattern, ok := conf["pattern"]; ok { if configPattern, ok := conf["pattern"]; ok {
pattern = configPattern if cfgPattern, ok := configPattern.(string); ok {
pattern = cfgPattern
}
} }
if configIgnoreEntropy, ok := conf["ignore_entropy"]; ok { if configIgnoreEntropy, ok := conf["ignore_entropy"]; ok {
if parsedBool, err := strconv.ParseBool(configIgnoreEntropy); err == nil { if cfgIgnoreEntropy, ok := configIgnoreEntropy.(bool); ok {
ignoreEntropy = parsedBool ignoreEntropy = cfgIgnoreEntropy
} }
} }
if configEntropyThreshold, ok := conf["entropy_threshold"]; ok { if configEntropyThreshold, ok := conf["entropy_threshold"]; ok {
if parsedNum, err := strconv.ParseFloat(configEntropyThreshold, 64); err == nil { if cfgEntropyThreshold, ok := configEntropyThreshold.(string); ok {
if parsedNum, err := strconv.ParseFloat(cfgEntropyThreshold, 64); err == nil {
entropyThreshold = parsedNum entropyThreshold = parsedNum
} }
} }
}
if configCharThreshold, ok := conf["per_char_threshold"]; ok { if configCharThreshold, ok := conf["per_char_threshold"]; ok {
if parsedNum, err := strconv.ParseFloat(configCharThreshold, 64); err == nil { if cfgCharThreshold, ok := configCharThreshold.(string); ok {
if parsedNum, err := strconv.ParseFloat(cfgCharThreshold, 64); err == nil {
perCharThreshold = parsedNum perCharThreshold = parsedNum
} }
} }
}
if configTruncate, ok := conf["truncate"]; ok { if configTruncate, ok := conf["truncate"]; ok {
if parsedInt, err := strconv.Atoi(configTruncate); err == nil { if cfgTruncate, ok := configTruncate.(string); ok {
if parsedInt, err := strconv.Atoi(cfgTruncate); err == nil {
truncateString = parsedInt truncateString = parsedInt
} }
} }
} }
}
return &credentials{ return &credentials{
pattern: regexp.MustCompile(pattern), pattern: regexp.MustCompile(pattern),