go/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2025-11-25 22:22:17 +02:00
Code Issues Releases Activity

Allow rules to register against multiple ast nodes

Browse Source 
Update the AddRule interface to allow rules to register interest in
multiple ast.Nodes. Adds more flexibility to how rules can work, and was
needed to fix the hard coded credentials test specifically.
This commit is contained in:
Grant Murphy
2016-11-13 12:55:31 -08:00
parent c6587df4a5
commit bf103da519
16 changed files with 69 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
rules/rand.go
View File

@@ -34,8 +34,8 @@ func (w *WeakRand) Match(n ast.Node, c *gas.Context) (*gas.Issue, error) {
return nil, nil
}
func NewWeakRandCheck(conf map[string]interface{}) (r gas.Rule, n ast.Node) {
r = &WeakRand{
func NewWeakRandCheck(conf map[string]interface{}) (gas.Rule, []ast.Node) {
return &WeakRand{
funcName: "Read",
packagePath: "math/rand",
MetaData: gas.MetaData{
@@ -43,7 +43,5 @@ func NewWeakRandCheck(conf map[string]interface{}) (r gas.Rule, n ast.Node) {
Confidence: gas.Medium,
What: "Use of weak random number generator (math/rand instead of crypto/rand)",
},
}
n = (*ast.CallExpr)(nil)
return
}, []ast.Node{(*ast.CallExpr)(nil)}
}