alpTom/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2026-01-15 01:33:41 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
gosec/testutils/g101_samples.go

571 lines
9.0 KiB
Go
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package testutils
import "github.com/securego/gosec/v2"
var (
// SampleCodeG101 code snippets for hardcoded credentials
SampleCodeG101 = []CodeSample{
{[]string{`
package main
import "fmt"
func main() {
username := "admin"
password := "f62e5bcda4fae4f82370da0c6f20697b8f8447ef"
fmt.Println("Doing something with: ", username, password)
}
`}, 1, gosec.NewConfig()},
{[]string{`
// Entropy check should not report this error by default
package main
import "fmt"
func main() {
username := "admin"
password := "secret"
fmt.Println("Doing something with: ", username, password)
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
var password = "f62e5bcda4fae4f82370da0c6f20697b8f8447ef"
func main() {
username := "admin"
fmt.Println("Doing something with: ", username, password)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
const password = "f62e5bcda4fae4f82370da0c6f20697b8f8447ef"
func main() {
username := "admin"
fmt.Println("Doing something with: ", username, password)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
const (
username = "user"
password = "f62e5bcda4fae4f82370da0c6f20697b8f8447ef"
)
func main() {
fmt.Println("Doing something with: ", username, password)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
var password string
func init() {
password = "f62e5bcda4fae4f82370da0c6f20697b8f8447ef"
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
const (
ATNStateSomethingElse = 1
ATNStateTokenStart = 42
)
func main() {
println(ATNStateTokenStart)
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
const (
ATNStateTokenStart = "f62e5bcda4fae4f82370da0c6f20697b8f8447ef"
)
func main() {
println(ATNStateTokenStart)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
var password string
if password == "f62e5bcda4fae4f82370da0c6f20697b8f8447ef" {
fmt.Println("password equality")
}
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
var password string
if "f62e5bcda4fae4f82370da0c6f20697b8f8447ef" == password {
fmt.Println("password equality")
}
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
var password string
if password != "f62e5bcda4fae4f82370da0c6f20697b8f8447ef" {
fmt.Println("password equality")
}
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
var password string
if "f62e5bcda4fae4f82370da0c6f20697b8f8447ef" != password {
fmt.Println("password equality")
}
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
var p string
if p != "f62e5bcda4fae4f82370da0c6f20697b8f8447ef" {
fmt.Println("password equality")
}
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
var p string
if "f62e5bcda4fae4f82370da0c6f20697b8f8447ef" != p {
fmt.Println("password equality")
}
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
const (
pw = "KjasdlkjapoIKLlka98098sdf012U/rL2sLdBqOHQUlt5Z6kCgKGDyCFA=="
)
func main() {
fmt.Println(pw)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
var (
pw string
)
func main() {
pw = "KjasdlkjapoIKLlka98098sdf012U/rL2sLdBqOHQUlt5Z6kCgKGDyCFA=="
fmt.Println(pw)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
const (
cred = "KjasdlkjapoIKLlka98098sdf012U/rL2sLdBqOHQUlt5Z6kCgKGDyCFA=="
)
func main() {
fmt.Println(cred)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
var (
cred string
)
func main() {
cred = "KjasdlkjapoIKLlka98098sdf012U/rL2sLdBqOHQUlt5Z6kCgKGDyCFA=="
fmt.Println(cred)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
const (
apiKey = "KjasdlkjapoIKLlka98098sdf012U"
)
func main() {
fmt.Println(apiKey)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
var (
apiKey string
)
func main() {
apiKey = "KjasdlkjapoIKLlka98098sdf012U"
fmt.Println(apiKey)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
const (
bearer = "Bearer: 2lkjdfoiuwer092834kjdwf09"
)
func main() {
fmt.Println(bearer)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
var (
bearer string
)
func main() {
bearer = "Bearer: 2lkjdfoiuwer092834kjdwf09"
fmt.Println(bearer)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
// #nosec G101
const (
ConfigLearnerTokenAuth string = "learner_auth_token_config" // #nosec G101
)
func main() {
fmt.Printf("%s\n", ConfigLearnerTokenAuth)
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
// #nosec G101
const (
ConfigLearnerTokenAuth string = "learner_auth_token_config"
)
func main() {
fmt.Printf("%s\n", ConfigLearnerTokenAuth)
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
const (
ConfigLearnerTokenAuth string = "learner_auth_token_config" // #nosec G101
)
func main() {
fmt.Printf("%s\n", ConfigLearnerTokenAuth)
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
//gosec:disable G101
const (
ConfigLearnerTokenAuth string = "learner_auth_token_config" //gosec:disable G101
)
func main() {
fmt.Printf("%s\n", ConfigLearnerTokenAuth)
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
//gosec:disable G101
const (
ConfigLearnerTokenAuth string = "learner_auth_token_config"
)
func main() {
fmt.Printf("%s\n", ConfigLearnerTokenAuth)
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
const (
ConfigLearnerTokenAuth string = "learner_auth_token_config" //gosec:disable G101
)
func main() {
fmt.Printf("%s\n", ConfigLearnerTokenAuth)
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
type DBConfig struct {
Password string
}
func main() {
_ = DBConfig{
Password: "f62e5bcda4fae4f82370da0c6f20697b8f8447ef",
}
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
type DBConfig struct {
Password string
}
func main() {
_ = &DBConfig{
Password: "f62e5bcda4fae4f82370da0c6f20697b8f8447ef",
}
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
func main() {
_ = struct{ Password string }{
Password: "f62e5bcda4fae4f82370da0c6f20697b8f8447ef",
}
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
func main() {
_ = map[string]string{
"password": "f62e5bcda4fae4f82370da0c6f20697b8f8447ef",
}
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
func main() {
_ = map[string]string{
"apiKey": "f62e5bcda4fae4f82370da0c6f20697b8f8447ef",
}
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
type Config struct {
Username string
Password string
}
func main() {
_ = Config{
Username: "admin",
Password: "f62e5bcda4fae4f82370da0c6f20697b8f8447ef",
}
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
type DBConfig struct {
Password string
}
func main() {
_ = DBConfig{ // #nosec G101
Password: "f62e5bcda4fae4f82370da0c6f20697b8f8447ef",
}
}
`}, 0, gosec.NewConfig()},
// Negatives
{[]string{`
package main
func main() {
_ = struct{ Password string }{
Password: "secret", // low entropy
}
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
func main() {
_ = map[string]string{
"password": "secret", // low entropy
}
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
func main() {
_ = struct{ Username string }{
Username: "f62e5bcda4fae4f82370da0c6f20697b8f8447ef", // non-sensitive key
}
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
func main() {
_ = []string{"f62e5bcda4fae4f82370da0c6f20697b8f8447ef"} // unkeyed no trigger
}
`}, 0, gosec.NewConfig()},
}
// SampleCodeG101Values code snippets for hardcoded credentials
SampleCodeG101Values = []CodeSample{
{[]string{`
package main
import "fmt"
func main() {
customerNameEnvKey := "FOO_CUSTOMER_NAME"
fmt.Println(customerNameEnvKey)
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
txnID := "3637cfcc1eec55a50f78a7c435914583ccbc75a21dec9a0e94dfa077647146d7"
fmt.Println(txnID)
}
`}, 0, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
urlSecret := "https://username:abcdef0123456789abcdef0123456789abcdef01@contoso.com/"
fmt.Println(urlSecret)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
githubToken := "ghp_iR54dhCYg9Tfmoywi9xLmmKZrrnAw438BYh3"
fmt.Println(githubToken)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
awsAccessKeyID := "AKIAI44QH8DHBEXAMPLE"
fmt.Println(awsAccessKeyID)
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
import "fmt"
func main() {
compareGoogleAPI := "test"
if compareGoogleAPI == "AIzajtGS_aJGkoiAmSbXzu9I-1eytAi9Lrlh-vT" {
fmt.Println(compareGoogleAPI)
}
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
func main() {
_ = struct{ SomeKey string }{
SomeKey: "AKIAI44QH8DHBEXAMPLE",
}
}
`}, 1, gosec.NewConfig()},
{[]string{`
package main
func main() {
_ = map[string]string{
"github_token": "ghp_iR54dhCYg9Tfmoywi9xLmmKZrrnAw438BYh3",
}
}
`}, 1, gosec.NewConfig()},
}
)
Reference in New Issue View Git Blame Copy Permalink