mirror of
https://github.com/securego/gosec.git
synced 2025-12-07 23:03:32 +02:00
Improve the G307 rule
* Add G307 sample code. The sample should reflect a defered close that leads to data loss. Due to IDE auto-complete people tend at least log errors, but not really care about handling. * Add more G307 sample code. Propose a way to implement * Remove unused code. Add example that should not return an error but does * Remove test for synced closed file for now. Will add this later Co-authored-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
Lars
GitHub
@@ -1984,7 +1984,6 @@ func main() {
|
||||
{[]string{`package main
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
@@ -2016,16 +2015,86 @@ func main() {
|
||||
defer check(err)
|
||||
fmt.Printf("wrote %d bytes\n", n2)
|
||||
|
||||
n3, err := f.WriteString("writes\n")
|
||||
fmt.Printf("wrote %d bytes\n", n3)
|
||||
}`}, 1, gosec.NewConfig()},
|
||||
{[]string{`package main
|
||||
|
||||
f.Sync()
|
||||
import (
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"os"
|
||||
)
|
||||
|
||||
w := bufio.NewWriter(f)
|
||||
n4, err := w.WriteString("buffered\n")
|
||||
fmt.Printf("wrote %d bytes\n", n4)
|
||||
func check(e error) {
|
||||
if e != nil {
|
||||
panic(e)
|
||||
}
|
||||
}
|
||||
|
||||
w.Flush()
|
||||
func main() {
|
||||
|
||||
d1 := []byte("hello\ngo\n")
|
||||
err := ioutil.WriteFile("/tmp/dat1", d1, 0744)
|
||||
check(err)
|
||||
|
||||
allowed := ioutil.WriteFile("/tmp/dat1", d1, 0600)
|
||||
check(allowed)
|
||||
|
||||
f, err := os.Create("/tmp/dat2")
|
||||
check(err)
|
||||
|
||||
defer func() {
|
||||
if err := f.Close(); err != nil {
|
||||
log.Println(err)
|
||||
}
|
||||
}()
|
||||
|
||||
d2 := []byte{115, 111, 109, 101, 10}
|
||||
n2, err := f.Write(d2)
|
||||
|
||||
defer check(err)
|
||||
fmt.Printf("wrote %d bytes\n", n2)
|
||||
|
||||
}`}, 1, gosec.NewConfig()},
|
||||
{[]string{`package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"os"
|
||||
)
|
||||
|
||||
func check(e error) {
|
||||
if e != nil {
|
||||
panic(e)
|
||||
}
|
||||
}
|
||||
|
||||
func main() {
|
||||
|
||||
d1 := []byte("hello\ngo\n")
|
||||
err := ioutil.WriteFile("/tmp/dat1", d1, 0744)
|
||||
check(err)
|
||||
|
||||
allowed := ioutil.WriteFile("/tmp/dat1", d1, 0600)
|
||||
check(allowed)
|
||||
|
||||
f, err := os.Create("/tmp/dat2")
|
||||
check(err)
|
||||
|
||||
defer func() {
|
||||
err := f.Close()
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
}
|
||||
}()
|
||||
|
||||
d2 := []byte{115, 111, 109, 101, 10}
|
||||
n2, err := f.Write(d2)
|
||||
|
||||
defer check(err)
|
||||
fmt.Printf("wrote %d bytes\n", n2)
|
||||
|
||||
}`}, 1, gosec.NewConfig()},
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user