Fix use rule IDs to retrieve the rule config

securego · Mar 28, 2022 · afc9903 · afc9903
1 parent 82eaa12
commit afc9903
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 6 deletions.
diff --git a/rules/directory-traversal.go b/rules/directory-traversal.go
@@ -43,7 +43,7 @@ func (r *traversal) matchCallExpr(assign *ast.CallExpr, ctx *gosec.Context) (*go
 // NewDirectoryTraversal attempts to find the use of http.Dir("/")
 func NewDirectoryTraversal(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
 	pattern := `http\.Dir\("\/"\)|http\.Dir\('\/'\)`
-	if val, ok := conf["G101"]; ok {
+	if val, ok := conf[id]; ok {
 		conf := val.(map[string]interface{})
 		if configPattern, ok := conf["pattern"]; ok {
 			if cfgPattern, ok := configPattern.(string); ok {

diff --git a/rules/errors.go b/rules/errors.go
@@ -89,7 +89,7 @@ func NewNoErrorCheck(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
 	whitelist.Add("hash.Hash", "Write")
 	whitelist.Add("os", "Unsetenv")
 
-	if configured, ok := conf["G104"]; ok {
+	if configured, ok := conf[id]; ok {
 		if whitelisted, ok := configured.(map[string]interface{}); ok {
 			for pkg, funcs := range whitelisted {
 				if funcs, ok := funcs.([]interface{}); ok {

diff --git a/rules/fileperms.go b/rules/fileperms.go
@@ -64,7 +64,7 @@ func (r *filePermissions) Match(n ast.Node, c *gosec.Context) (*gosec.Issue, err
 
 // NewWritePerms creates a rule to detect file Writes with bad permissions.
 func NewWritePerms(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
-	mode := getConfiguredMode(conf, "G306", 0o600)
+	mode := getConfiguredMode(conf, id, 0o600)
 	return &filePermissions{
 		mode:  mode,
 		pkgs:  []string{"io/ioutil", "os"},
@@ -81,7 +81,7 @@ func NewWritePerms(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
 // NewFilePerms creates a rule to detect file creation with a more permissive than configured
 // permission mask.
 func NewFilePerms(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
-	mode := getConfiguredMode(conf, "G302", 0o600)
+	mode := getConfiguredMode(conf, id, 0o600)
 	return &filePermissions{
 		mode:  mode,
 		pkgs:  []string{"os"},
@@ -98,7 +98,7 @@ func NewFilePerms(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
 // NewMkdirPerms creates a rule to detect directory creation with more permissive than
 // configured permission mask.
 func NewMkdirPerms(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
-	mode := getConfiguredMode(conf, "G301", 0o750)
+	mode := getConfiguredMode(conf, id, 0o750)
 	return &filePermissions{
 		mode:  mode,
 		pkgs:  []string{"os"},

diff --git a/rules/hardcoded_credentials.go b/rules/hardcoded_credentials.go
@@ -122,7 +122,7 @@ func NewHardcodedCredentials(id string, conf gosec.Config) (gosec.Rule, []ast.No
 	perCharThreshold := 3.0
 	ignoreEntropy := false
 	truncateString := 16
-	if val, ok := conf["G101"]; ok {
+	if val, ok := conf[id]; ok {
 		conf := val.(map[string]interface{})
 		if configPattern, ok := conf["pattern"]; ok {
 			if cfgPattern, ok := configPattern.(string); ok {