alpTom/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2026-01-15 09:53:40 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: alpTom:v2.22.6
Branches Tags
alpTom:master alpTom:update_go alpTom:fix-crash-hardcoded-nonce alpTom:update-go alpTom:update-action alpTom:update-cosign alpTom:go1_24 alpTom:ai-api-key-env
alpTom:v2.22.11 alpTom:v2.22.10 alpTom:v2.22.9 alpTom:v2.22.8 alpTom:v2.22.7 alpTom:v2.22.6 alpTom:v2.22.5 alpTom:v2.22.4 alpTom:v2.22.3 alpTom:v2.22.2 alpTom:v2.22.1 alpTom:v2.22.0 alpTom:v2.21.4 alpTom:v2.21.3 alpTom:v2.21.2 alpTom:v2.21.1 alpTom:v2.21.0 alpTom:v2.20.0 alpTom:v2.19.0 alpTom:v2.18.2 alpTom:v2.18.1 alpTom:v2.18.0 alpTom:v2.17.0 alpTom:v2.16.0 alpTom:v2.15.0 alpTom:v2.14.0 alpTom:v2.13.1 alpTom:v2.13.0 alpTom:v2.12.0 alpTom:v2.11.0 alpTom:v2.10.0 alpTom:v2.9.6 alpTom:v2.9.5 alpTom:v2.9.4 alpTom:v2.9.3 alpTom:v2.9.2 alpTom:v2.9.1 alpTom:v2.9.0 alpTom:v2.8.1 alpTom:v2.8.0 alpTom:v2.7.0 alpTom:v2.6.1 alpTom:v2.6.0 alpTom:v2.5.0 alpTom:v2.4.0 alpTom:v2.3.0 alpTom:v2.2.0 alpTom:v2.1.0 alpTom:2.0.0 alpTom:1.3.0 alpTom:1.2.0 alpTom:1.1.0 alpTom:1.0.0
...
compare: alpTom:v2.22.7
Branches Tags
alpTom:master alpTom:update_go alpTom:fix-crash-hardcoded-nonce alpTom:update-go alpTom:update-action alpTom:update-cosign alpTom:go1_24 alpTom:ai-api-key-env
alpTom:v2.22.11 alpTom:v2.22.10 alpTom:v2.22.9 alpTom:v2.22.8 alpTom:v2.22.7 alpTom:v2.22.6 alpTom:v2.22.5 alpTom:v2.22.4 alpTom:v2.22.3 alpTom:v2.22.2 alpTom:v2.22.1 alpTom:v2.22.0 alpTom:v2.21.4 alpTom:v2.21.3 alpTom:v2.21.2 alpTom:v2.21.1 alpTom:v2.21.0 alpTom:v2.20.0 alpTom:v2.19.0 alpTom:v2.18.2 alpTom:v2.18.1 alpTom:v2.18.0 alpTom:v2.17.0 alpTom:v2.16.0 alpTom:v2.15.0 alpTom:v2.14.0 alpTom:v2.13.1 alpTom:v2.13.0 alpTom:v2.12.0 alpTom:v2.11.0 alpTom:v2.10.0 alpTom:v2.9.6 alpTom:v2.9.5 alpTom:v2.9.4 alpTom:v2.9.3 alpTom:v2.9.2 alpTom:v2.9.1 alpTom:v2.9.0 alpTom:v2.8.1 alpTom:v2.8.0 alpTom:v2.7.0 alpTom:v2.6.1 alpTom:v2.6.0 alpTom:v2.5.0 alpTom:v2.4.0 alpTom:v2.3.0 alpTom:v2.2.0 alpTom:v2.1.0 alpTom:2.0.0 alpTom:1.3.0 alpTom:1.2.0 alpTom:1.1.0 alpTom:1.0.0

2 Commits
v2.22.6 ... v2.22.7

Author SHA1 Message Date
Cosmin Cojocar
32975f4bab Fix crash in hardcoded_nonce analyzer 
Change-Id: If5ed3709d6e1ddced1be555477dd0f5451aab901
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-07-21 15:19:49 +00:00
Cosmin Cojocar
6ea6b35e61 Update go action to use release v2.22.6 
Change-Id: I9081035b07d8b254034468af77d65d48c7c06ecb
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
 2025-07-21 10:49:17 +00:00
2 changed files with 11 additions and 3 deletions
Expand all files Collapse all files

2
action.yml
View File

@@ -10,7 +10,7 @@ inputs:
runs:
using: 'docker'
image: 'docker://securego/gosec:2.22.5'
image: 'docker://securego/gosec:2.22.6'
args:
- ${{ inputs.args }}

12
analyzers/hardcoded_nonce.go
View File

@@ -197,12 +197,20 @@ func isFuncContainsCryptoRand(funcCall *ssa.Function) (bool, error) {
}
func addToVarsMap(value ssa.Value, mapToAddTo map[string]*ssa.Value) {
key := value.Name() + value.Type().String() + value.String() + value.Parent().String()
var parent string
if value.Parent() != nil {
parent = value.Parent().String()
}
key := value.Name() + value.Type().String() + value.String() + parent
mapToAddTo[key] = &value
}
func isContainedInMap(value ssa.Value, mapToCheck map[string]*ssa.Value) bool {
key := value.Name() + value.Type().String() + value.String() + value.Parent().String()
var parent string
if value.Parent() != nil {
parent = value.Parent().String()
}
key := value.Name() + value.Type().String() + value.String() + parent
_, contained := mapToCheck[key]
return contained
}