text

package

v0.0.0-...-da52ed9 Latest Latest Go to latest Published: Jan 19, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Fotkurz/horusec-engine

Documentation ¶

Index ¶

type File
- func NewTextFile(relativeFilePath string, content []byte) (*File, error)
- func (f *File) ExtractSample(findingIndex int) string
- func (f *File) FindLineAndColumn(findingIndex int) (line, column int)
type MatchType
type Rule
- func (r *Rule) Run(path string) ([]engine.Finding, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

func NewTextFile ¶

func NewTextFile(relativeFilePath string, content []byte) (*File, error)

NewTextFile create a new text file with all necessary info filled

func (*File) ExtractSample ¶

func (f *File) ExtractSample(findingIndex int) string

nolint:funlen // todo complex function, needs to be improved ExtractSample search for the vulnerable code using the finding indexes

func (*File) FindLineAndColumn ¶

func (f *File) FindLineAndColumn(findingIndex int) (line, column int)

nolint:funlen,wsl // todo complex function need to be improved FindLineAndColumn get line and column using the beginning index of the example code

type MatchType ¶

type MatchType int

MatchType represents the possibles match types of the engine

const (
	// OrMatch for each regex that match will report a vulnerability
	OrMatch MatchType = iota

	// Regular do the exact same thing as OrMatch, will be depreciated in the future to simplify engine use
	Regular

	// NotMatch will report any file that don't match the regex expressions
	NotMatch

	// AndMatch need that all regex expressions match to report the vulnerability, it will get the first regex expression
	// the use as base to the reported vulnerability
	AndMatch
)

type Rule ¶

type Rule struct {
	engine.Metadata
	Type        MatchType
	Expressions []*regexp.Regexp
}

Rule represents the vulnerability that should be searched in the file. It contains some predefined information about the vulnerability like the id, name, description, severity, confidence, match type that should be applied and the regular expressions used to match the vulnerable code

func (*Rule) Run ¶

func (r *Rule) Run(path string) ([]engine.Finding, error)

Run start a static code analysis using regular expressions, it will read the file content as bytes and create a text file with it. The text file contains all information needed to find the vulnerable code when the regular expressions match. There's also a validation to ignore binary files

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Documentation ¶

Index ¶

Constants ¶

Variables ¶

Functions ¶

Types ¶

type File ¶

func NewTextFile ¶

func (*File) ExtractSample ¶

func (*File) FindLineAndColumn ¶

type MatchType ¶

type Rule ¶

func (*Rule) Run ¶

Source Files ¶