test(g304): add samples for var perm and var flag with cleaned path\n\n- Ensure G304 does not fire when only non-path args (flag/perm) are variables\n- Both samples use filepath.Clean on the path arg\n- Rules suite remains green (42 passed)

2026-01-15 01:33:41 +08:00 · 2025-09-12 13:26:26 +05:30
parent 79f835d9c7
commit e6218c83ec
1 changed files with 42 additions and 0 deletions
--- a/testutils/g304_samples.go
+++ b/testutils/g304_samples.go
@@ -301,5 +301,47 @@ func main() {
 package main

 var THEWD string
+`}, 0, gosec.NewConfig()},
+	{[]string{`
+package main
+
+import (
+	"os"
+	"path/filepath"
+)
+
+func open(fn string, perm os.FileMode) {
+	fh, err := os.OpenFile(filepath.Clean(fn), os.O_RDONLY, perm)
+	if err != nil {
+		panic(err)
+	}
+	defer fh.Close()
+}
+
+func main() {
+	fn := "filename"
+	open(fn, 0o600)
+}
+`}, 0, gosec.NewConfig()},
+	{[]string{`
+package main
+
+import (
+	"os"
+	"path/filepath"
+)
+
+func open(fn string, flag int) {
+	fh, err := os.OpenFile(filepath.Clean(fn), flag, 0o600)
+	if err != nil {
+		panic(err)
+	}
+	defer fh.Close()
+}
+
+func main() {
+	fn := "filename"
+	open(fn, os.O_RDONLY)
+}
 `}, 0, gosec.NewConfig()},
 }