Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix usage information #41

Merged
merged 1 commit into from
Aug 11, 2016
Merged

Fix usage information #41

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 6 additions & 3 deletions main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,10 @@ USAGE:
$ gas -fmt=json -out=results.json ./...

# Run a specific set of rules (by default all rules will be run):
$ gas -rule=sql -rule=sql ./...
$ gas -include=G101,G203,G401 ./...

# Run all rules except the provided
$ gas -exclude=G101 ./...

`

Expand Down Expand Up @@ -140,10 +143,10 @@ func main() {
flag.Var(&excluded, "skip", "File pattern to exclude from scan")

incRules := ""
flag.StringVar(&incRules, "include", "", "comma sperated list of rules IDs to include, see rule list")
flag.StringVar(&incRules, "include", "", "Comma separated list of rules IDs to include. (see rule list)")

excRules := ""
flag.StringVar(&excRules, "exclude", "", "comma sperated list of rules IDs to exclude, see rule list")
flag.StringVar(&excRules, "exclude", "", "Comma separated list of rules IDs to exclude. (see rule list)")

// Custom commands / utilities to run instead of default analyzer
tools := newUtils()
Expand Down
38 changes: 19 additions & 19 deletions rulelist.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,33 +31,33 @@ type RuleInfo struct {
func GetFullRuleList() map[string]RuleInfo {
return map[string]RuleInfo{
// misc
"G101": RuleInfo{"hardcoded credentials", rules.NewHardcodedCredentials},
"G102": RuleInfo{"bind to all interfaces", rules.NewBindsToAllNetworkInterfaces},
"G103": RuleInfo{"use of unsafe block", rules.NewUsingUnsafe},
"G104": RuleInfo{"errors not checked", rules.NewTemplateCheck},
"G101": RuleInfo{"Look for hardcoded credentials", rules.NewHardcodedCredentials},
"G102": RuleInfo{"Bind to all interfaces", rules.NewBindsToAllNetworkInterfaces},
"G103": RuleInfo{"Audit the use of unsafe block", rules.NewUsingUnsafe},
"G104": RuleInfo{"Audit errors not checked", rules.NewTemplateCheck},

// injection
"G201": RuleInfo{"sql string format", rules.NewSqlStrFormat},
"G202": RuleInfo{"sql string concat", rules.NewSqlStrConcat},
"G203": RuleInfo{"unescaped templates", rules.NewTemplateCheck},
"G204": RuleInfo{"use of exec", rules.NewSubproc},
"G201": RuleInfo{"SQL query construction using format string", rules.NewSqlStrFormat},
"G202": RuleInfo{"SQL query construction using string concatenation", rules.NewSqlStrConcat},
"G203": RuleInfo{"Use of unescaped data in HTML templates", rules.NewTemplateCheck},
"G204": RuleInfo{"Audit use of command execution", rules.NewSubproc},

// filesystem
"G301": RuleInfo{"poor mkdir permissions", rules.NewMkdirPerms},
"G302": RuleInfo{"poor chmod permisions", rules.NewChmodPerms},
"G303": RuleInfo{"predicatable tempfile", rules.NewBadTempFile},
"G301": RuleInfo{"Poor file permissions used when creating a directory", rules.NewMkdirPerms},
"G302": RuleInfo{"Poor file permisions used with chmod", rules.NewChmodPerms},
"G303": RuleInfo{"Creating tempfile using a predictable path", rules.NewBadTempFile},

// crypto
"G401": RuleInfo{"weak crypto", rules.NewUsesWeakCryptography},
"G402": RuleInfo{"bad TLS options", rules.NewIntermediateTlsCheck},
"G403": RuleInfo{"bad RSA key length", rules.NewWeakKeyStrength},
"G404": RuleInfo{"poor random source (rand)", rules.NewWeakRandCheck},
"G401": RuleInfo{"Detect the usage of DES, RC4, or MD5", rules.NewUsesWeakCryptography},
"G402": RuleInfo{"Look for bad TLS connection settings", rules.NewIntermediateTlsCheck},
"G403": RuleInfo{"Ensure minimum RSA key length of 2048 bits", rules.NewWeakKeyStrength},
"G404": RuleInfo{"Insecure random number source (rand)", rules.NewWeakRandCheck},

// blacklist
"G501": RuleInfo{"blacklist: crypto/md5", rules.NewBlacklist_crypto_md5},
"G502": RuleInfo{"blacklist: crypto/des", rules.NewBlacklist_crypto_des},
"G503": RuleInfo{"blacklist: crypto/rc4", rules.NewBlacklist_crypto_rc4},
"G504": RuleInfo{"blacklist: net/http/cgi", rules.NewBlacklist_net_http_cgi},
"G501": RuleInfo{"Import blacklist: crypto/md5", rules.NewBlacklist_crypto_md5},
"G502": RuleInfo{"Import blacklist: crypto/des", rules.NewBlacklist_crypto_des},
"G503": RuleInfo{"Import blacklist: crypto/rc4", rules.NewBlacklist_crypto_rc4},
"G504": RuleInfo{"Import blacklist: net/http/cgi", rules.NewBlacklist_net_http_cgi},
}
}

Expand Down