Allow rules to register against multiple ast nodes

Update the AddRule interface to allow rules to register interest in multiple ast.Nodes. Adds more flexibility to how rules can work, and was needed to fix the hard coded credentials test specifically.
2025-11-25 22:22:17 +02:00 · 2016-11-13 12:55:31 -08:00
parent c6587df4a5
commit bf103da519
16 changed files with 69 additions and 102 deletions
--- a/rules/sql.go
+++ b/rules/sql.go
@@ -56,8 +56,8 @@ func (s *SqlStrConcat) Match(n ast.Node, c *gas.Context) (*gas.Issue, error) {
 	return nil, nil
 }

-func NewSqlStrConcat(conf map[string]interface{}) (r gas.Rule, n ast.Node) {
-	r = &SqlStrConcat{
+func NewSqlStrConcat(conf map[string]interface{}) (gas.Rule, []ast.Node) {
+	return &SqlStrConcat{
 		SqlStatement: SqlStatement{
 			pattern: regexp.MustCompile(`(?)(SELECT|DELETE|INSERT|UPDATE|INTO|FROM|WHERE) `),
 			MetaData: gas.MetaData{
@@ -66,9 +66,7 @@ func NewSqlStrConcat(conf map[string]interface{}) (r gas.Rule, n ast.Node) {
 				What:       "SQL string concatenation",
 			},
 		},
-	}
-	n = (*ast.BinaryExpr)(nil)
-	return
+	}, []ast.Node{(*ast.BinaryExpr)(nil)}
 }

 type SqlStrFormat struct {
@@ -86,8 +84,8 @@ func (s *SqlStrFormat) Match(n ast.Node, c *gas.Context) (gi *gas.Issue, err err
 	return nil, nil
 }

-func NewSqlStrFormat(conf map[string]interface{}) (r gas.Rule, n ast.Node) {
-	r = &SqlStrFormat{
+func NewSqlStrFormat(conf map[string]interface{}) (gas.Rule, []ast.Node) {
+	return &SqlStrFormat{
 		call: regexp.MustCompile(`^fmt\.Sprintf$`),
 		SqlStatement: SqlStatement{
 			pattern: regexp.MustCompile("(?)(SELECT|DELETE|INSERT|UPDATE|INTO|FROM|WHERE) "),
@@ -97,7 +95,5 @@ func NewSqlStrFormat(conf map[string]interface{}) (r gas.Rule, n ast.Node) {
 				What:       "SQL string formatting",
 			},
 		},
-	}
-	n = (*ast.CallExpr)(nil)
-	return
+	}, []ast.Node{(*ast.CallExpr)(nil)}
 }