text

package

v1.0.2 Latest Latest Go to latest Published: Jun 9, 2022 License: Apache-2.0 Imports: 9 Imported by: 27

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/ZupIT/horusec-engine

Links

Open Source Insights

Documentation ¶

Index ¶

type File
- func NewTextFile(relativeFilePath string, content []byte) (*File, error)
- func (f *File) ExtractSample(findingIndex int) string
- func (f *File) FindLineAndColumn(findingIndex int) (line, column int)
type MatchType
type Rule
- func (r *Rule) Run(path string) ([]engine.Finding, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type File ¶ added in v1.0.0

type File struct {
	// AbsolutePath holds the complete path to the file (e.g. /home/user/myProject/router/handler.js)
	AbsolutePath string
	RelativePath string // RelativePath holds the raw path relative to the root folder of the project
	Content      []byte // Content holds all the file content
	Name         string // Name holds only the single name of the file (e.g. handler.js)
	// contains filtered or unexported fields
}

File represents a file to be analyzed

func NewTextFile ¶

func NewTextFile(relativeFilePath string, content []byte) (*File, error)

NewTextFile create a new text file with all necessary info filled

func (*File) ExtractSample ¶ added in v1.0.0

func (f *File) ExtractSample(findingIndex int) string

nolint:funlen // todo complex function, needs to be improved ExtractSample search for the vulnerable code using the finding indexes

func (*File) FindLineAndColumn ¶ added in v1.0.0

func (f *File) FindLineAndColumn(findingIndex int) (line, column int)

nolint:funlen,wsl // todo complex function need to be improved FindLineAndColumn get line and column using the beginning index of the example code

type MatchType ¶

type MatchType int

MatchType represents the possibles match types of the engine

const (
	// OrMatch for each regex that match will report a vulnerability
	OrMatch MatchType = iota

	// Regular do the exact same thing as OrMatch, will be depreciated in the future to simplify engine use
	Regular

	// NotMatch will report any file that don't match the regex expressions
	NotMatch

	// AndMatch need that all regex expressions match to report the vulnerability, it will get the first regex expression
	// the use as base to the reported vulnerability
	AndMatch
)

type Rule ¶ added in v1.0.0

type Rule struct {
	engine.Metadata
	Type        MatchType
	Expressions []*regexp.Regexp
}

Rule represents the vulnerability that should be searched in the file. It contains some predefined information about the vulnerability like the id, name, description, severity, confidence, match type that should be applied and the regular expressions used to match the vulnerable code

func (*Rule) Run ¶ added in v1.0.0

func (r *Rule) Run(path string) ([]engine.Finding, error)

Run start a static code analysis using regular expressions, it will read the file content as bytes and create a text file with it. The text file contains all information needed to find the vulnerable code when the regular expressions match. There's also a validation to ignore binary files

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL