add check scripts, improve code, add nosec tag.

For-ACGN · For-ACGN · commit b3563c96b60a · 2021-12-18T15:24:44.000+08:00
diff --git a/check.bat b/check.bat
@@ -0,0 +1,4 @@
+golint -set_exit_status -min_confidence 0.3 ./...
+gocyclo -avg -over 15 .
+golangci-lint run ./...
+gosec -quiet ./...
diff --git a/check.sh b/check.sh
@@ -0,0 +1,4 @@
+golint -set_exit_status -min_confidence 0.3 ./...
+gocyclo -avg -over 15 .
+golangci-lint run ./...
+gosec -quiet ./...
diff --git a/http.go b/http.go
@@ -40,7 +40,7 @@ func (h *httpHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 
 	// prevent arbitrary file read
 	path := sections[2]
-	if strings.Index(path, "../") != -1 || strings.Index(path, "/..") != -1 {
+	if strings.Contains(path, "../") || strings.Contains(path, "/..") {
 		h.logger.Println("[warning]", "found slash in url:", r.RequestURI)
 		return
 	}
diff --git a/log4shell.go b/log4shell.go
@@ -98,12 +98,12 @@ func New(cfg *Config) (*Server, error) {
 		}
 		tlsConfig = &tls.Config{
 			Certificates: []tls.Certificate{*cert},
-		}
+		} // #nosec
 		enableTLS = true
 	} else if enableTLS {
 		tlsConfig = &tls.Config{
 			Certificates: []tls.Certificate{cfg.TLSCert},
-		}
+		} // #nosec
 	}
 
 	// generate random string and add it to the http handler
diff --git a/obfuscate.go b/obfuscate.go
@@ -39,7 +39,7 @@ func Obfuscate(raw string) string {
 		// first select section length
 		// use 0-3 is used to prevent include special
 		// string like "jndi", "ldap" and "http"
-		size := rand.Intn(4)
+		size := rand.Intn(4) // #nosec
 		if size > remaining {
 			size = remaining
 		}
@@ -69,10 +69,10 @@ func Obfuscate(raw string) string {
 
 		// generate useless data before section
 		obfuscated.WriteString("${")
-		n := 1 + rand.Intn(3) // 1-3
+		n := 1 + rand.Intn(3) // 1-3 // #nosec
 		for i := 0; i < n; i++ {
-			front := randString(2 + rand.Intn(5))
-			end := randString(2 + rand.Intn(5))
+			front := randString(2 + rand.Intn(5)) // #nosec
+			end := randString(2 + rand.Intn(5))   // #nosec
 
 			obfuscated.WriteString(front)
 			if randBool() {
diff --git a/rand.go b/rand.go
@@ -10,13 +10,13 @@ func init() {
 }
 
 func randBool() bool {
-	return rand.Int63()%2 == 0
+	return rand.Int63()%2 == 0 // #nosec
 }
 
 func randString(n int) string {
 	str := make([]rune, n)
 	for i := 0; i < n; i++ {
-		s := ' ' + 1 + rand.Intn(90)
+		s := ' ' + 1 + rand.Intn(90) // #nosec
 		switch {
 		case s >= '0' && s <= '9':
 		case s >= 'A' && s <= 'Z':

Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,7 @@ func (h httpHandler) ServeHTTP(w http.ResponseWriter, r http.Request) {`
`40`	`40`
`41`	`41`	`// prevent arbitrary file read`
`42`	`42`	`path := sections[2]`
`43`		`- if strings.Index(path, "../") != -1 \|\| strings.Index(path, "/..") != -1 {`
	`43`	`+ if strings.Contains(path, "../") \|\| strings.Contains(path, "/..") {`
`44`	`44`	`h.logger.Println("[warning]", "found slash in url:", r.RequestURI)`
`45`	`45`	`return`
`46`	`46`	`}`
Original file line number	Diff line number	Diff line change
`@@ -98,12 +98,12 @@ func New(cfg Config) (Server, error) {`
`98`	`98`	`}`
`99`	`99`	`tlsConfig = &tls.Config{`
`100`	`100`	`Certificates: []tls.Certificate{*cert},`
`101`		`- }`
	`101`	`+ } // #nosec`
`102`	`102`	`enableTLS = true`
`103`	`103`	`} else if enableTLS {`
`104`	`104`	`tlsConfig = &tls.Config{`
`105`	`105`	`Certificates: []tls.Certificate{cfg.TLSCert},`
`106`		`- }`
	`106`	`+ } // #nosec`
`107`	`107`	`}`
`108`	`108`
`109`	`109`	`// generate random string and add it to the http handler`
Original file line number	Diff line number	Diff line change
`@@ -10,13 +10,13 @@ func init() {`
`10`	`10`	`}`
`11`	`11`
`12`	`12`	`func randBool() bool {`
`13`		`- return rand.Int63()%2 == 0`
	`13`	`+ return rand.Int63()%2 == 0 // #nosec`
`14`	`14`	`}`
`15`	`15`
`16`	`16`	`func randString(n int) string {`
`17`	`17`	`str := make([]rune, n)`
`18`	`18`	`for i := 0; i < n; i++ {`
`19`		`- s := ' ' + 1 + rand.Intn(90)`
	`19`	`+ s := ' ' + 1 + rand.Intn(90) // #nosec`
`20`	`20`	`switch {`
`21`	`21`	`case s >= '0' && s <= '9':`
`22`	`22`	`case s >= 'A' && s <= 'Z':`