-
-
Notifications
You must be signed in to change notification settings - Fork 641
/
Copy pathg103_samples.go
65 lines (55 loc) · 1.19 KB
/
g103_samples.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
package testutils
import "github.com/securego/gosec/v2"
// SampleCodeG103 find instances of unsafe blocks for auditing purposes
var SampleCodeG103 = []CodeSample{
{[]string{`
package main
import (
"fmt"
"unsafe"
)
type Fake struct{}
func (Fake) Good() {}
func main() {
unsafeM := Fake{}
unsafeM.Good()
intArray := [...]int{1, 2}
fmt.Printf("\nintArray: %v\n", intArray)
intPtr := &intArray[0]
fmt.Printf("\nintPtr=%p, *intPtr=%d.\n", intPtr, *intPtr)
addressHolder := uintptr(unsafe.Pointer(intPtr))
intPtr = (*int)(unsafe.Pointer(addressHolder))
fmt.Printf("\nintPtr=%p, *intPtr=%d.\n\n", intPtr, *intPtr)
}
`}, 2, gosec.NewConfig()},
{[]string{`
package main
import (
"fmt"
"unsafe"
)
func main() {
chars := [...]byte{1, 2}
charsPtr := &chars[0]
str := unsafe.String(charsPtr, len(chars))
fmt.Printf("%s\n", str)
ptr := unsafe.StringData(str)
fmt.Printf("ptr: %p\n", ptr)
}
`}, 2, gosec.NewConfig()},
{[]string{`
package main
import (
"fmt"
"unsafe"
)
func main() {
chars := [...]byte{1, 2}
charsPtr := &chars[0]
slice := unsafe.Slice(charsPtr, len(chars))
fmt.Printf("%v\n", slice)
ptr := unsafe.SliceData(slice)
fmt.Printf("ptr: %p\n", ptr)
}
`}, 2, gosec.NewConfig()},
}