Skip to content

Commit 616520f

Browse files
ccojocarccojocar
authored
Update the list of unsafe functions detected by the unsafe rule (#1033)
Signed-off-by: Cosmin Cojocar <[email protected]>
1 parent 3952187 commit 616520f

File tree

2 files changed

+44
-11
lines changed

2 files changed

+44
-11
lines changed

rules/unsafe.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@ func (r *usingUnsafe) Match(n ast.Node, c *gosec.Context) (gi *issue.Issue, err
4343
func NewUsingUnsafe(id string, _ gosec.Config) (gosec.Rule, []ast.Node) {
4444
return &usingUnsafe{
4545
pkg: "unsafe",
46-
calls: []string{"Alignof", "Offsetof", "Sizeof", "Pointer"},
46+
calls: []string{"Pointer", "String", "StringData", "Slice", "SliceData"},
4747
MetaData: issue.MetaData{
4848
ID: id,
4949
What: "Use of unsafe calls should be audited",

testutils/source.go

Lines changed: 43 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -436,16 +436,49 @@ type Fake struct{}
436436
func (Fake) Good() {}
437437
438438
func main() {
439-
unsafeM := Fake{}
440-
unsafeM.Good()
441-
intArray := [...]int{1, 2}
442-
fmt.Printf("\nintArray: %v\n", intArray)
443-
intPtr := &intArray[0]
444-
fmt.Printf("\nintPtr=%p, *intPtr=%d.\n", intPtr, *intPtr)
445-
addressHolder := uintptr(unsafe.Pointer(intPtr)) + unsafe.Sizeof(intArray[0])
446-
intPtr = (*int)(unsafe.Pointer(addressHolder))
447-
fmt.Printf("\nintPtr=%p, *intPtr=%d.\n\n", intPtr, *intPtr)
448-
}`}, 3, gosec.NewConfig()},
439+
unsafeM := Fake{}
440+
unsafeM.Good()
441+
intArray := [...]int{1, 2}
442+
fmt.Printf("\nintArray: %v\n", intArray)
443+
intPtr := &intArray[0]
444+
fmt.Printf("\nintPtr=%p, *intPtr=%d.\n", intPtr, *intPtr)
445+
addressHolder := uintptr(unsafe.Pointer(intPtr))
446+
intPtr = (*int)(unsafe.Pointer(addressHolder))
447+
fmt.Printf("\nintPtr=%p, *intPtr=%d.\n\n", intPtr, *intPtr)
448+
}`}, 2, gosec.NewConfig()},
449+
{[]string{`
450+
package main
451+
452+
import (
453+
"fmt"
454+
"unsafe"
455+
)
456+
457+
func main() {
458+
chars := [...]byte{1, 2}
459+
charsPtr := &chars[0]
460+
str := unsafe.String(charsPtr, len(chars))
461+
fmt.Printf("%s\n", str)
462+
ptr := unsafe.StringData(str)
463+
fmt.Printf("ptr: %p\n", ptr)
464+
465+
}`}, 2, gosec.NewConfig()},
466+
{[]string{`
467+
package main
468+
469+
import (
470+
"fmt"
471+
"unsafe"
472+
)
473+
474+
func main() {
475+
chars := [...]byte{1, 2}
476+
charsPtr := &chars[0]
477+
slice := unsafe.Slice(charsPtr, len(chars))
478+
fmt.Printf("%v\n", slice)
479+
ptr := unsafe.SliceData(slice)
480+
fmt.Printf("ptr: %p\n", ptr)
481+
}`}, 2, gosec.NewConfig()},
449482
}
450483

451484
// SampleCodeG104 finds errors that aren't being handled

0 commit comments

Comments
 (0)