2021-10-09 18:01:27 +08:00
|
|
|
// Licensed to the LF AI & Data foundation under one
|
|
|
|
|
// or more contributor license agreements. See the NOTICE file
|
|
|
|
|
// distributed with this work for additional information
|
|
|
|
|
// regarding copyright ownership. The ASF licenses this file
|
|
|
|
|
// to you under the Apache License, Version 2.0 (the
|
|
|
|
|
// "License"); you may not use this file except in compliance
|
2020-11-03 11:25:47 +08:00
|
|
|
// with the License. You may obtain a copy of the License at
|
|
|
|
|
//
|
2021-10-09 18:01:27 +08:00
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
2020-11-03 11:25:47 +08:00
|
|
|
//
|
2021-10-09 18:01:27 +08:00
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
|
// limitations under the License.
|
2020-11-03 11:25:47 +08:00
|
|
|
|
|
|
|
|
package gorules
|
|
|
|
|
|
2022-05-06 17:43:51 +08:00
|
|
|
import (
|
2022-06-10 14:58:07 +08:00
|
|
|
"github.com/quasilyte/go-ruleguard/dsl"
|
2022-05-06 17:43:51 +08:00
|
|
|
)
|
2020-11-03 11:25:47 +08:00
|
|
|
|
|
|
|
|
// This is a collection of rules for ruleguard: https://github.com/quasilyte/go-ruleguard
|
|
|
|
|
|
|
|
|
|
// Remove extra conversions: mdempsky/unconvert
|
2022-06-10 14:58:07 +08:00
|
|
|
func unconvert(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("int($x)").Where(m["x"].Type.Is("int") && !m["x"].Const).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
|
|
|
|
|
m.Match("float32($x)").Where(m["x"].Type.Is("float32") && !m["x"].Const).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
m.Match("float64($x)").Where(m["x"].Type.Is("float64") && !m["x"].Const).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
|
|
|
|
|
// m.Match("byte($x)").Where(m["x"].Type.Is("byte")).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
// m.Match("rune($x)").Where(m["x"].Type.Is("rune")).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
m.Match("bool($x)").Where(m["x"].Type.Is("bool") && !m["x"].Const).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
|
|
|
|
|
m.Match("int8($x)").Where(m["x"].Type.Is("int8") && !m["x"].Const).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
m.Match("int16($x)").Where(m["x"].Type.Is("int16") && !m["x"].Const).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
m.Match("int32($x)").Where(m["x"].Type.Is("int32") && !m["x"].Const).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
m.Match("int64($x)").Where(m["x"].Type.Is("int64") && !m["x"].Const).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
|
|
|
|
|
m.Match("uint8($x)").Where(m["x"].Type.Is("uint8") && !m["x"].Const).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
m.Match("uint16($x)").Where(m["x"].Type.Is("uint16") && !m["x"].Const).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
m.Match("uint32($x)").Where(m["x"].Type.Is("uint32") && !m["x"].Const).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
m.Match("uint64($x)").Where(m["x"].Type.Is("uint64") && !m["x"].Const).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
|
|
|
|
|
m.Match("time.Duration($x)").Where(m["x"].Type.Is("time.Duration") && !m["x"].Text.Matches("^[0-9]*$")).Report("unnecessary conversion").Suggest("$x")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Don't use == or != with time.Time
|
|
|
|
|
// https://github.com/dominikh/go-tools/issues/47 : Wontfix
|
2022-06-10 14:58:07 +08:00
|
|
|
func timeeq(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("$t0 == $t1").Where(m["t0"].Type.Is("time.Time")).Report("using == with time.Time")
|
|
|
|
|
m.Match("$t0 != $t1").Where(m["t0"].Type.Is("time.Time")).Report("using != with time.Time")
|
2021-01-13 13:36:27 +08:00
|
|
|
m.Match(`map[$k]$v`).Where(m["k"].Type.Is("time.Time")).Report("map with time.Time keys are easy to misuse")
|
2020-11-03 11:25:47 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// err but no an error
|
2022-06-10 14:58:07 +08:00
|
|
|
func errnoterror(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
// Would be easier to check for all err identifiers instead, but then how do we get the type from m[] ?
|
|
|
|
|
|
|
|
|
|
m.Match(
|
|
|
|
|
"if $*_, err := $x; $err != nil { $*_ } else if $_ { $*_ }",
|
|
|
|
|
"if $*_, err := $x; $err != nil { $*_ } else { $*_ }",
|
|
|
|
|
"if $*_, err := $x; $err != nil { $*_ }",
|
|
|
|
|
|
|
|
|
|
"if $*_, err = $x; $err != nil { $*_ } else if $_ { $*_ }",
|
|
|
|
|
"if $*_, err = $x; $err != nil { $*_ } else { $*_ }",
|
|
|
|
|
"if $*_, err = $x; $err != nil { $*_ }",
|
|
|
|
|
|
|
|
|
|
"$*_, err := $x; if $err != nil { $*_ } else if $_ { $*_ }",
|
|
|
|
|
"$*_, err := $x; if $err != nil { $*_ } else { $*_ }",
|
|
|
|
|
"$*_, err := $x; if $err != nil { $*_ }",
|
|
|
|
|
|
|
|
|
|
"$*_, err = $x; if $err != nil { $*_ } else if $_ { $*_ }",
|
|
|
|
|
"$*_, err = $x; if $err != nil { $*_ } else { $*_ }",
|
|
|
|
|
"$*_, err = $x; if $err != nil { $*_ }",
|
|
|
|
|
).
|
|
|
|
|
Where(m["err"].Text == "err" && !m["err"].Type.Is("error") && m["x"].Text != "recover()").
|
|
|
|
|
Report("err variable not error type")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Identical if and else bodies
|
2022-06-10 14:58:07 +08:00
|
|
|
func ifbodythenbody(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("if $*_ { $body } else { $body }").
|
|
|
|
|
Report("identical if and else bodies")
|
|
|
|
|
|
|
|
|
|
// Lots of false positives.
|
|
|
|
|
// m.Match("if $*_ { $body } else if $*_ { $body }").
|
|
|
|
|
// Report("identical if and else bodies")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Odd inequality: A - B < 0 instead of !=
|
|
|
|
|
// Too many false positives.
|
|
|
|
|
/*
|
2022-06-10 14:58:07 +08:00
|
|
|
func subtractnoteq(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("$a - $b < 0").Report("consider $a != $b")
|
|
|
|
|
m.Match("$a - $b > 0").Report("consider $a != $b")
|
|
|
|
|
m.Match("0 < $a - $b").Report("consider $a != $b")
|
|
|
|
|
m.Match("0 > $a - $b").Report("consider $a != $b")
|
|
|
|
|
}
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
// Self-assignment
|
2022-06-10 14:58:07 +08:00
|
|
|
func selfassign(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("$x = $x").Report("useless self-assignment")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Odd nested ifs
|
2022-06-10 14:58:07 +08:00
|
|
|
func oddnestedif(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("if $x { if $x { $*_ }; $*_ }",
|
|
|
|
|
"if $x == $y { if $x != $y {$*_ }; $*_ }",
|
|
|
|
|
"if $x != $y { if $x == $y {$*_ }; $*_ }",
|
|
|
|
|
"if $x { if !$x { $*_ }; $*_ }",
|
|
|
|
|
"if !$x { if $x { $*_ }; $*_ }").
|
|
|
|
|
Report("odd nested ifs")
|
|
|
|
|
|
|
|
|
|
m.Match("for $x { if $x { $*_ }; $*_ }",
|
|
|
|
|
"for $x == $y { if $x != $y {$*_ }; $*_ }",
|
|
|
|
|
"for $x != $y { if $x == $y {$*_ }; $*_ }",
|
|
|
|
|
"for $x { if !$x { $*_ }; $*_ }",
|
|
|
|
|
"for !$x { if $x { $*_ }; $*_ }").
|
|
|
|
|
Report("odd nested for/ifs")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// odd bitwise expressions
|
2022-06-10 14:58:07 +08:00
|
|
|
func oddbitwise(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("$x | $x",
|
|
|
|
|
"$x | ^$x",
|
|
|
|
|
"^$x | $x").
|
|
|
|
|
Report("odd bitwise OR")
|
|
|
|
|
|
|
|
|
|
m.Match("$x & $x",
|
|
|
|
|
"$x & ^$x",
|
|
|
|
|
"^$x & $x").
|
|
|
|
|
Report("odd bitwise AND")
|
|
|
|
|
|
|
|
|
|
m.Match("$x &^ $x").
|
|
|
|
|
Report("odd bitwise AND-NOT")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// odd sequence of if tests with return
|
2022-06-10 14:58:07 +08:00
|
|
|
func ifreturn(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("if $x { return $*_ }; if $x {$*_ }").Report("odd sequence of if test")
|
|
|
|
|
m.Match("if $x { return $*_ }; if !$x {$*_ }").Report("odd sequence of if test")
|
|
|
|
|
m.Match("if !$x { return $*_ }; if $x {$*_ }").Report("odd sequence of if test")
|
|
|
|
|
m.Match("if $x == $y { return $*_ }; if $x != $y {$*_ }").Report("odd sequence of if test")
|
|
|
|
|
m.Match("if $x != $y { return $*_ }; if $x == $y {$*_ }").Report("odd sequence of if test")
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func oddifsequence(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
/*
|
|
|
|
|
m.Match("if $x { $*_ }; if $x {$*_ }").Report("odd sequence of if test")
|
2021-01-13 13:36:27 +08:00
|
|
|
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("if $x == $y { $*_ }; if $y == $x {$*_ }").Report("odd sequence of if tests")
|
|
|
|
|
m.Match("if $x != $y { $*_ }; if $y != $x {$*_ }").Report("odd sequence of if tests")
|
2021-01-13 13:36:27 +08:00
|
|
|
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("if $x < $y { $*_ }; if $y > $x {$*_ }").Report("odd sequence of if tests")
|
|
|
|
|
m.Match("if $x <= $y { $*_ }; if $y >= $x {$*_ }").Report("odd sequence of if tests")
|
2021-01-13 13:36:27 +08:00
|
|
|
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("if $x > $y { $*_ }; if $y < $x {$*_ }").Report("odd sequence of if tests")
|
|
|
|
|
m.Match("if $x >= $y { $*_ }; if $y <= $x {$*_ }").Report("odd sequence of if tests")
|
|
|
|
|
*/
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// odd sequence of nested if tests
|
2022-06-10 14:58:07 +08:00
|
|
|
func nestedifsequence(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
/*
|
|
|
|
|
m.Match("if $x < $y { if $x >= $y {$*_ }; $*_ }").Report("odd sequence of nested if tests")
|
|
|
|
|
m.Match("if $x <= $y { if $x > $y {$*_ }; $*_ }").Report("odd sequence of nested if tests")
|
|
|
|
|
m.Match("if $x > $y { if $x <= $y {$*_ }; $*_ }").Report("odd sequence of nested if tests")
|
|
|
|
|
m.Match("if $x >= $y { if $x < $y {$*_ }; $*_ }").Report("odd sequence of nested if tests")
|
|
|
|
|
*/
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// odd sequence of assignments
|
2022-06-10 14:58:07 +08:00
|
|
|
func identicalassignments(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("$x = $y; $y = $x").Report("odd sequence of assignments")
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func oddcompoundop(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("$x += $x + $_",
|
|
|
|
|
"$x += $x - $_").
|
|
|
|
|
Report("odd += expression")
|
|
|
|
|
|
|
|
|
|
m.Match("$x -= $x + $_",
|
|
|
|
|
"$x -= $x - $_").
|
|
|
|
|
Report("odd -= expression")
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func constswitch(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("switch $x { $*_ }", "switch $*_; $x { $*_ }").
|
|
|
|
|
Where(m["x"].Const && !m["x"].Text.Matches(`^runtime\.`)).
|
|
|
|
|
Report("constant switch")
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func oddcomparisons(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match(
|
|
|
|
|
"$x - $y == 0",
|
|
|
|
|
"$x - $y != 0",
|
|
|
|
|
"$x - $y < 0",
|
|
|
|
|
"$x - $y <= 0",
|
|
|
|
|
"$x - $y > 0",
|
|
|
|
|
"$x - $y >= 0",
|
|
|
|
|
"$x ^ $y == 0",
|
|
|
|
|
"$x ^ $y != 0",
|
|
|
|
|
).Report("odd comparison")
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func oddmathbits(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match(
|
|
|
|
|
"64 - bits.LeadingZeros64($x)",
|
|
|
|
|
"32 - bits.LeadingZeros32($x)",
|
|
|
|
|
"16 - bits.LeadingZeros16($x)",
|
|
|
|
|
"8 - bits.LeadingZeros8($x)",
|
|
|
|
|
).Report("odd math/bits expression: use bits.Len*() instead?")
|
|
|
|
|
}
|
|
|
|
|
|
2022-09-15 18:48:32 +08:00
|
|
|
// func floateq(m dsl.Matcher) {
|
|
|
|
|
// m.Match(
|
|
|
|
|
// "$x == $y",
|
|
|
|
|
// "$x != $y",
|
|
|
|
|
// ).
|
|
|
|
|
// Where(m["x"].Type.Is("float32") && !m["x"].Const && !m["y"].Text.Matches("0(.0+)?") && !m.File().Name.Matches("floating_comparision.go")).
|
|
|
|
|
// Report("floating point tested for equality")
|
|
|
|
|
|
|
|
|
|
// m.Match(
|
|
|
|
|
// "$x == $y",
|
|
|
|
|
// "$x != $y",
|
|
|
|
|
// ).
|
|
|
|
|
// Where(m["x"].Type.Is("float64") && !m["x"].Const && !m["y"].Text.Matches("0(.0+)?") && !m.File().Name.Matches("floating_comparision.go")).
|
|
|
|
|
// Report("floating point tested for equality")
|
|
|
|
|
|
|
|
|
|
// m.Match("switch $x { $*_ }", "switch $*_; $x { $*_ }").
|
|
|
|
|
// Where(m["x"].Type.Is("float32")).
|
|
|
|
|
// Report("floating point as switch expression")
|
|
|
|
|
|
|
|
|
|
// m.Match("switch $x { $*_ }", "switch $*_; $x { $*_ }").
|
|
|
|
|
// Where(m["x"].Type.Is("float64")).
|
|
|
|
|
// Report("floating point as switch expression")
|
|
|
|
|
|
|
|
|
|
// }
|
2020-11-03 11:25:47 +08:00
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func badexponent(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match(
|
|
|
|
|
"2 ^ $x",
|
|
|
|
|
"10 ^ $x",
|
|
|
|
|
).
|
|
|
|
|
Report("caret (^) is not exponentiation")
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func floatloop(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match(
|
|
|
|
|
"for $i := $x; $i < $y; $i += $z { $*_ }",
|
|
|
|
|
"for $i = $x; $i < $y; $i += $z { $*_ }",
|
|
|
|
|
).
|
|
|
|
|
Where(m["i"].Type.Is("float64")).
|
|
|
|
|
Report("floating point for loop counter")
|
|
|
|
|
|
|
|
|
|
m.Match(
|
|
|
|
|
"for $i := $x; $i < $y; $i += $z { $*_ }",
|
|
|
|
|
"for $i = $x; $i < $y; $i += $z { $*_ }",
|
|
|
|
|
).
|
|
|
|
|
Where(m["i"].Type.Is("float32")).
|
|
|
|
|
Report("floating point for loop counter")
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func urlredacted(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match(
|
|
|
|
|
"log.Println($x, $*_)",
|
|
|
|
|
"log.Println($*_, $x, $*_)",
|
|
|
|
|
"log.Println($*_, $x)",
|
|
|
|
|
"log.Printf($*_, $x, $*_)",
|
|
|
|
|
"log.Printf($*_, $x)",
|
|
|
|
|
|
|
|
|
|
"log.Println($x, $*_)",
|
|
|
|
|
"log.Println($*_, $x, $*_)",
|
|
|
|
|
"log.Println($*_, $x)",
|
|
|
|
|
"log.Printf($*_, $x, $*_)",
|
|
|
|
|
"log.Printf($*_, $x)",
|
|
|
|
|
).
|
|
|
|
|
Where(m["x"].Type.Is("*url.URL")).
|
|
|
|
|
Report("consider $x.Redacted() when outputting URLs")
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func sprinterr(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match(`fmt.Sprint($err)`,
|
|
|
|
|
`fmt.Sprintf("%s", $err)`,
|
|
|
|
|
`fmt.Sprintf("%v", $err)`,
|
|
|
|
|
).
|
|
|
|
|
Where(m["err"].Type.Is("error")).
|
|
|
|
|
Report("maybe call $err.Error() instead of fmt.Sprint()?")
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-05 20:29:18 +08:00
|
|
|
// disable this check, because it can not apply to generic type
|
|
|
|
|
//func largeloopcopy(m dsl.Matcher) {
|
|
|
|
|
// m.Match(
|
|
|
|
|
// `for $_, $v := range $_ { $*_ }`,
|
|
|
|
|
// ).
|
|
|
|
|
// Where(m["v"].Type.Size > 1024).
|
|
|
|
|
// Report(`loop copies large value each iteration`)
|
|
|
|
|
//}
|
2020-11-03 11:25:47 +08:00
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func joinpath(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match(
|
|
|
|
|
`strings.Join($_, "/")`,
|
|
|
|
|
`strings.Join($_, "\\")`,
|
|
|
|
|
"strings.Join($_, `\\`)",
|
|
|
|
|
).
|
|
|
|
|
Report(`did you mean path.Join() or filepath.Join() ?`)
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func readfull(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match(`$n, $err := io.ReadFull($_, $slice)
|
|
|
|
|
if $err != nil || $n != len($slice) {
|
|
|
|
|
$*_
|
|
|
|
|
}`,
|
|
|
|
|
`$n, $err := io.ReadFull($_, $slice)
|
|
|
|
|
if $n != len($slice) || $err != nil {
|
|
|
|
|
$*_
|
|
|
|
|
}`,
|
|
|
|
|
`$n, $err = io.ReadFull($_, $slice)
|
|
|
|
|
if $err != nil || $n != len($slice) {
|
|
|
|
|
$*_
|
|
|
|
|
}`,
|
|
|
|
|
`$n, $err = io.ReadFull($_, $slice)
|
|
|
|
|
if $n != len($slice) || $err != nil {
|
|
|
|
|
$*_
|
|
|
|
|
}`,
|
|
|
|
|
`if $n, $err := io.ReadFull($_, $slice); $n != len($slice) || $err != nil {
|
|
|
|
|
$*_
|
|
|
|
|
}`,
|
|
|
|
|
`if $n, $err := io.ReadFull($_, $slice); $err != nil || $n != len($slice) {
|
|
|
|
|
$*_
|
|
|
|
|
}`,
|
|
|
|
|
`if $n, $err = io.ReadFull($_, $slice); $n != len($slice) || $err != nil {
|
|
|
|
|
$*_
|
|
|
|
|
}`,
|
|
|
|
|
`if $n, $err = io.ReadFull($_, $slice); $err != nil || $n != len($slice) {
|
|
|
|
|
$*_
|
|
|
|
|
}`,
|
|
|
|
|
).Report("io.ReadFull() returns err == nil iff n == len(slice)")
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func nilerr(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match(
|
|
|
|
|
`if err == nil { return err }`,
|
|
|
|
|
`if err == nil { return $*_, err }`,
|
|
|
|
|
).
|
|
|
|
|
Report(`return nil error instead of nil value`)
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func mailaddress(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match(
|
|
|
|
|
"fmt.Sprintf(`\"%s\" <%s>`, $NAME, $EMAIL)",
|
|
|
|
|
"fmt.Sprintf(`\"%s\"<%s>`, $NAME, $EMAIL)",
|
|
|
|
|
"fmt.Sprintf(`%s <%s>`, $NAME, $EMAIL)",
|
|
|
|
|
"fmt.Sprintf(`%s<%s>`, $NAME, $EMAIL)",
|
|
|
|
|
`fmt.Sprintf("\"%s\"<%s>", $NAME, $EMAIL)`,
|
|
|
|
|
`fmt.Sprintf("\"%s\" <%s>", $NAME, $EMAIL)`,
|
|
|
|
|
`fmt.Sprintf("%s<%s>", $NAME, $EMAIL)`,
|
|
|
|
|
`fmt.Sprintf("%s <%s>", $NAME, $EMAIL)`,
|
|
|
|
|
).
|
|
|
|
|
Report("use net/mail Address.String() instead of fmt.Sprintf()").
|
|
|
|
|
Suggest("(&mail.Address{Name:$NAME, Address:$EMAIL}).String()")
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func errnetclosed(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match(
|
|
|
|
|
`strings.Contains($err.Error(), $text)`,
|
|
|
|
|
).
|
|
|
|
|
Where(m["text"].Text.Matches("\".*closed network connection.*\"")).
|
|
|
|
|
Report(`String matching against error texts is fragile; use net.ErrClosed instead`).
|
|
|
|
|
Suggest(`errors.Is($err, net.ErrClosed)`)
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func httpheaderadd(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match(
|
|
|
|
|
`$H.Add($KEY, $VALUE)`,
|
|
|
|
|
).
|
|
|
|
|
Where(m["H"].Type.Is("http.Header")).
|
|
|
|
|
Report("use http.Header.Set method instead of Add to overwrite all existing header values").
|
|
|
|
|
Suggest(`$H.Set($KEY, $VALUE)`)
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func hmacnew(m dsl.Matcher) {
|
2020-11-03 11:25:47 +08:00
|
|
|
m.Match("hmac.New(func() hash.Hash { return $x }, $_)",
|
|
|
|
|
`$f := func() hash.Hash { return $x }
|
|
|
|
|
$*_
|
|
|
|
|
hmac.New($f, $_)`,
|
|
|
|
|
).Where(m["x"].Pure).
|
|
|
|
|
Report("invalid hash passed to hmac.New()")
|
|
|
|
|
}
|
2021-01-13 13:36:27 +08:00
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func writestring(m dsl.Matcher) {
|
2021-01-13 13:36:27 +08:00
|
|
|
m.Match(`io.WriteString($w, string($b))`).
|
|
|
|
|
Where(m["b"].Type.Is("[]byte")).
|
|
|
|
|
Suggest("$w.Write($b)")
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-10 14:58:07 +08:00
|
|
|
func badlock(m dsl.Matcher) {
|
2021-01-13 13:36:27 +08:00
|
|
|
// Shouldn't give many false positives without type filter
|
|
|
|
|
// as Lock+Unlock pairs in combination with defer gives us pretty
|
|
|
|
|
// a good chance to guess correctly. If we constrain the type to sync.Mutex
|
|
|
|
|
// then it'll be harder to match embedded locks and custom methods
|
|
|
|
|
// that may forward the call to the sync.Mutex (or other synchronization primitive).
|
|
|
|
|
|
|
|
|
|
m.Match(`$mu.Lock(); defer $mu.RUnlock()`).Report(`maybe $mu.RLock() was intended?`)
|
|
|
|
|
m.Match(`$mu.RLock(); defer $mu.Unlock()`).Report(`maybe $mu.Lock() was intended?`)
|
2021-01-19 11:37:16 +08:00
|
|
|
}
|
