1
0
mirror of https://github.com/securego/gosec.git synced 2025-07-09 00:45:40 +02:00

Enhance the hardcoded credentials rule to check the equality and non-equality of strings

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
Cosmin Cojocar
2020-04-17 15:47:27 +02:00
committed by Cosmin Cojocar
parent a2a40de847
commit fb44007c6e
4 changed files with 50 additions and 2 deletions

View File

@ -69,7 +69,34 @@ const (
)
func main() {
println(ATNStateTokenStart)
}`}, 1, gosec.NewConfig()}}
}`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
var password string
if password == "f62e5bcda4fae4f82370da0c6f20697b8f8447ef" {
fmt.Println("password equality")
}
}`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
var password string
if password != "f62e5bcda4fae4f82370da0c6f20697b8f8447ef" {
fmt.Println("password equality")
}
}`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
var p string
if p != "f62e5bcda4fae4f82370da0c6f20697b8f8447ef" {
fmt.Println("password equality")
}
}`}, 0, gosec.NewConfig()}}
// SampleCodeG102 code snippets for network binding
SampleCodeG102 = []CodeSample{