gosec: github.com/securego/gosec/testutils Index | Files

package testutils

import "github.com/securego/gosec/testutils"

Index

Package Files

log.go pkg.go source.go visitor.go

Variables

var (
    SampleCodeG101 = []CodeSample{{[]string{"" /* 180 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{"" /* 203 byte string literal not displayed */,
    }, 0, gosec.NewConfig()}, {[]string{"" /* 182 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{"" /* 184 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{"" /* 187 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{`
package main
var password string
func init() {
	password = "f62e5bcda4fae4f82370da0c6f20697b8f8447ef"
}`}, 1, gosec.NewConfig()}, {[]string{`
package main
const (
	ATNStateSomethingElse = 1
	ATNStateTokenStart = 42
)
func main() {
	println(ATNStateTokenStart)
}`}, 0, gosec.NewConfig()}, {[]string{"" /* 135 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}}

    SampleCodeG102 = []CodeSample{

        {[]string{"" /* 158 byte string literal not displayed */,
        }, 1, gosec.NewConfig()},

        {[]string{"" /* 154 byte string literal not displayed */,
        }, 1, gosec.NewConfig()},

        {[]string{"" /* 264 byte string literal not displayed */,
        }, 1, gosec.NewConfig()},

        {[]string{"" /* 268 byte string literal not displayed */,
        }, 1, gosec.NewConfig()},
        {[]string{"" /* 177 byte string literal not displayed */,
        }, 1, gosec.NewConfig()},
    }

    SampleCodeG103 = []CodeSample{
        {[]string{"" /* 500 byte string literal not displayed */,
        }, 3, gosec.NewConfig()}}

    SampleCodeG104 = []CodeSample{
        {[]string{`
package main
import "fmt"
func test() (int,error) {
	return 0, nil
}
func main() {
	v, _ := test()
	fmt.Println(v)
}`}, 0, gosec.NewConfig()}, {[]string{"" /* 306 byte string literal not displayed */,
        }, 2, gosec.NewConfig()}, {[]string{`
package main
import "fmt"
func test() error {
	return nil
}
func main() {
	e := test()
	fmt.Println(e)
}`}, 0, gosec.NewConfig()}, {[]string{"" /* 166 byte string literal not displayed */,

            `
package main
func dummy(){}
`}, 0, gosec.NewConfig()}, {[]string{"" /* 166 byte string literal not displayed */,
        }, 0, gosec.Config{"G104": map[string]interface{}{"io/ioutil": []interface{}{"WriteFile"}}}}}

    SampleCodeG104Audit = []CodeSample{
        {[]string{`
package main
import "fmt"
func test() (int,error) {
	return 0, nil
}
func main() {
	v, _ := test()
	fmt.Println(v)
}`}, 1, gosec.Config{gosec.Globals: map[gosec.GlobalOption]string{gosec.Audit: "enabled"}}}, {[]string{"" /* 306 byte string literal not displayed */,
        }, 3, gosec.Config{gosec.Globals: map[gosec.GlobalOption]string{gosec.Audit: "enabled"}}}, {[]string{`
package main
import "fmt"
func test() error {
	return nil
}
func main() {
	e := test()
	fmt.Println(e)
}`}, 0, gosec.Config{gosec.Globals: map[gosec.GlobalOption]string{gosec.Audit: "enabled"}}}, {[]string{"" /* 166 byte string literal not displayed */,

            `
package main
func dummy(){}
`}, 0, gosec.Config{gosec.Globals: map[gosec.GlobalOption]string{gosec.Audit: "enabled"}}}}

    SampleCodeG105 = []CodeSample{{[]string{"" /* 222 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}}

    SampleCodeG106 = []CodeSample{{[]string{`
package main
import (
        "golang.org/x/crypto/ssh"
)
func main() {
        _ =  ssh.InsecureIgnoreHostKey()
}`}, 1, gosec.NewConfig()}}

    SampleCodeG107 = []CodeSample{{[]string{"" /* 385 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{"" /* 196 byte string literal not displayed */,
    }, 0, gosec.NewConfig()}}

    SampleCodeG201 = []CodeSample{
        {[]string{"" /* 336 byte string literal not displayed */,
        }, 1, gosec.NewConfig()}, {[]string{"" /* 343 byte string literal not displayed */,
        }, 0, gosec.NewConfig()}, {[]string{"" /* 320 byte string literal not displayed */,
        }, 0, gosec.NewConfig()}, {[]string{"" /* 393 byte string literal not displayed */,
        }, 0, gosec.NewConfig()}, {[]string{"" /* 317 byte string literal not displayed */,
        }, 0, gosec.NewConfig()}, {[]string{`
package main
import (
	"fmt"
)

func main(){
	fmt.Sprintln()
}`}, 0, gosec.NewConfig()}}

    SampleCodeG202 = []CodeSample{
        {[]string{"" /* 264 byte string literal not displayed */,
        }, 1, gosec.NewConfig()}, {[]string{"" /* 299 byte string literal not displayed */,
        }, 0, gosec.NewConfig()}, {[]string{"" /* 310 byte string literal not displayed */,
        }, 0, gosec.NewConfig()}, {[]string{`
package main
const gender = "M"
`, "" /* 337 byte string literal not displayed */,
        }, 0, gosec.NewConfig()}}

    SampleCodeG203 = []CodeSample{
        {[]string{"" /* 430 byte string literal not displayed */,
        }, 0, gosec.NewConfig()}, {[]string{
            "" /* 435 byte string literal not displayed */,
        }, 1, gosec.NewConfig()}, {[]string{
            "" /* 293 byte string literal not displayed */,
        }, 1, gosec.NewConfig()}, {[]string{
            "" /* 294 byte string literal not displayed */,
        }, 1, gosec.NewConfig()}}

    SampleCodeG204 = []CodeSample{{[]string{`
package main
import "syscall"
func main() {
	syscall.Exec("/bin/cat", []string{ "/etc/passwd" }, nil)
}`}, 1, gosec.NewConfig()}, {[]string{"" /* 275 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{"" /* 233 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{"" /* 313 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}}

    SampleCodeG301 = []CodeSample{{[]string{"" /* 145 byte string literal not displayed */,
    }, 2, gosec.NewConfig()}}

    SampleCodeG302 = []CodeSample{{[]string{"" /* 230 byte string literal not displayed */,
    }, 2, gosec.NewConfig()}}

    SampleCodeG303 = []CodeSample{{[]string{"" /* 189 byte string literal not displayed */,
    }, 2, gosec.NewConfig()}}

    SampleCodeG304 = []CodeSample{{[]string{"" /* 195 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{"" /* 455 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{"" /* 226 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{"" /* 486 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{"" /* 355 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}}

    SampleCodeG305 = []CodeSample{{[]string{"" /* 775 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{"" /* 818 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}}

    SampleCodeG401 = []CodeSample{
        {[]string{"" /* 276 byte string literal not displayed */,
        }, 1, gosec.NewConfig()}}

    SampleCodeG401b = []CodeSample{
        {[]string{"" /* 278 byte string literal not displayed */,
        }, 1, gosec.NewConfig()}}

    SampleCodeG402 = []CodeSample{{[]string{"" /* 306 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{
        "" /* 300 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {[]string{"" /* 297 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}, {
        []string{"" /* 412 byte string literal not displayed */,
        }, 1, gosec.NewConfig()}}

    SampleCodeG403 = []CodeSample{
        {[]string{"" /* 207 byte string literal not displayed */,
        }, 1, gosec.NewConfig()}}

    SampleCodeG404 = []CodeSample{
        {[]string{`
package main
import "crypto/rand"
func main() {
	good, _ := rand.Read(nil)
	println(good)
}`}, 0, gosec.NewConfig()}, {[]string{`
package main
import "math/rand"
func main() {
	bad := rand.Int()
	println(bad)
}`}, 1, gosec.NewConfig()}, {[]string{"" /* 150 byte string literal not displayed */,
        }, 0, gosec.NewConfig()}}

    SampleCodeG501 = []CodeSample{
        {[]string{"" /* 156 byte string literal not displayed */,
        }, 1, gosec.NewConfig()}}

    SampleCodeG502 = []CodeSample{
        {[]string{"" /* 587 byte string literal not displayed */,
        }, 1, gosec.NewConfig()}}

    SampleCodeG503 = []CodeSample{{[]string{"" /* 368 byte string literal not displayed */,
    }, 1, gosec.NewConfig()}}

    SampleCodeG504 = []CodeSample{{[]string{`
package main
import (
	"net/http/cgi"
	"net/http"
 )
func main() {
	cgi.Serve(http.FileServer(http.Dir("/usr/share/doc")))
}`}, 1, gosec.NewConfig()}}

    SampleCodeG505 = []CodeSample{
        {[]string{"" /* 158 byte string literal not displayed */,
        }, 1, gosec.NewConfig()}}

    SampleCode601 = []CodeSample{{[]string{`
// +build tag

package main
func main() {
  fmt.Println("no package imported error")
}`}, 1, gosec.NewConfig()}}
)

func NewLogger Uses

func NewLogger() (*log.Logger, *bytes.Buffer)

NewLogger returns a logger and the buffer that it will be written to

type CodeSample Uses

type CodeSample struct {
    Code   []string
    Errors int
    Config gosec.Config
}

CodeSample encapsulates a snippet of source code that compiles, and how many errors should be detected

type MockVisitor Uses

type MockVisitor struct {
    Context  *gosec.Context
    Callback func(n ast.Node, ctx *gosec.Context) bool
}

MockVisitor is useful for stubbing out ast.Visitor with callback and looking for specific conditions to exist.

func NewMockVisitor Uses

func NewMockVisitor() *MockVisitor

NewMockVisitor creates a new empty struct, the Context and Callback must be set manually. See call_list_test.go for an example.

func (*MockVisitor) Visit Uses

func (v *MockVisitor) Visit(n ast.Node) ast.Visitor

Visit satisfies the ast.Visitor interface

type TestPackage Uses

type TestPackage struct {
    Path  string
    Files map[string]string
    // contains filtered or unexported fields
}

TestPackage is a mock package for testing purposes

func NewTestPackage Uses

func NewTestPackage() *TestPackage

NewTestPackage will create a new and empty package. Must call Close() to cleanup auxiliary files

func (*TestPackage) AddFile Uses

func (p *TestPackage) AddFile(filename, content string)

AddFile inserts the filename and contents into the package contents

func (*TestPackage) Build Uses

func (p *TestPackage) Build() error

Build ensures all files are persisted to disk and built

func (*TestPackage) Close Uses

func (p *TestPackage) Close()

Close will delete the package and all files in that directory

func (*TestPackage) CreateContext Uses

func (p *TestPackage) CreateContext(filename string) *gosec.Context

CreateContext builds a context out of supplied package context

func (*TestPackage) Pkgs Uses

func (p *TestPackage) Pkgs() []*packages.Package

Pkgs returns the current built packages

Package testutils imports 11 packages (graph). Updated 2019-07-20. Refresh now. Tools for package owners.