Include suggested changes from review.

Porcupiney Hairs · Porcupiney Hairs · commit 361b7037c6f2 · 2022-06-02T19:11:44.000+05:30
diff --git a/go/ql/test/experimental/CWE-321/main.go b/go/ql/test/experimental/CWE-321/main.go
@@ -113,14 +113,6 @@ func lejwt2() (interface{}, error) {
 	return le.New(sharedKeyglobal) // BAD
 }
 
-func BarrierGuardTest() (interface{}, error) {
-	sharedKey := ""
-	if sharedKey != "" {
-		return le.New([]byte(sharedKey)) // GOOD
-	}
-	return "", nil
-}
-
 func main() {
 	return
 }
diff --git a/go/ql/test/experimental/CWE-321/sanitizer.go b/go/ql/test/experimental/CWE-321/sanitizer.go
@@ -13,7 +13,7 @@ import (
 	cristal "github.com/cristalhq/jwt/v3"
 )
 
-func cristalhq() (interface{}, error) {
+func check_ok() (interface{}, error) {
 	key := []byte(`key`)
 	return cristal.NewSignerHS(cristal.HS256, key) // BAD
 }
@@ -40,6 +40,7 @@ func GenerateCryptoString2(n int) (string, error) {
 	}
 	return string(ret), nil
 }
+
 func GenerateRandomString3(size int) string {
 	const characters = `0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz`
 	var bytes = make([]byte, size)
@@ -72,45 +73,44 @@ func RandString(length int64) string {
 
 	return string(result)
 }
-func genKey(size int) (string, error) {
-	err := errors.New("size too small")
-	return "", err
-}
-func test1() {
+
+func randIntSanitizerModulo_test() (interface{}, error) {
 	key := GenerateRandomString(32)
-	return cristal.NewSignerHS(cristal.HS256, key) // GOOD
+	return cristal.NewSignerHS(cristal.HS256, []byte(key)) // GOOD
 }
 
-func test2() {
+func randIntSanitizer_test() (interface{}, error) {
 	key2, _ := GenerateCryptoString2(32)
-	return cristal.NewSignerHS(cristal.HS256, key2) // GOOD
+	return cristal.NewSignerHS(cristal.HS256, []byte(key2)) // GOOD
 }
 
-func test3() {
+func formattingSanitizer_test() (interface{}, error) {
 	key3 := RandAuthToken()
-	return cristal.NewSignerHS(cristal.HS256, key3) // GOOD
+	return cristal.NewSignerHS(cristal.HS256, []byte(key3)) // GOOD
 }
 
-func test4() (interface{}, error) {
-	key4, err := genKey(21)
-	if err != nil {
-		return nil, err
-	}
+func genKey() (string, error) {
+	k := "asd"
+	e := errors.New("no key")
+	return k, e
+}
 
-	return cristal.NewSignerHS(cristal.HS256, key4) // BAD
+func emptyErrorSanitizer_test() (interface{}, error) {
+	key4, _ := genKey()
+	return cristal.NewSignerHS(cristal.HS256, []byte(key4)) // GOOD
 }
 
-func test5() (interface{}, error) {
-	temp := "test"
-	if temp != "test" {
-		return cristal.NewSignerHS(cristal.HS256, []byte(temp)), nil // GOOD
-	} else {
-		return nil, nil
+func compareSanitizerTest() (interface{}, error) {
+	key5 := ""
+	if key5 != "" {
+		return cristal.NewSignerHS(cristal.HS256, []byte(key5)) // GOOD
 	}
+	return "", nil
 }
-func test6() {
-	key := GenerateRandomString3(32)
-	return cristal.NewSignerHS(cristal.HS256, key) // GOOD
+
+func randReadSanitizer_test() (interface{}, error) {
+	key6 := GenerateRandomString3(32)
+	return cristal.NewSignerHS(cristal.HS256, []byte(key6)) // GOOD
 }
 
 func main() {

Original file line number	Diff line number	Diff line change
`@@ -113,14 +113,6 @@ func lejwt2() (interface{}, error) {`
`113`	`113`	`return le.New(sharedKeyglobal) // BAD`
`114`	`114`	`}`
`115`	`115`
`116`		`-func BarrierGuardTest() (interface{}, error) {`
`117`		`- sharedKey := ""`
`118`		`- if sharedKey != "" {`
`119`		`- return le.New([]byte(sharedKey)) // GOOD`
`120`		`- }`
`121`		`- return "", nil`
`122`		`-}`
`123`		`-`
`124`	`116`	`func main() {`
`125`	`117`	`return`
`126`	`118`	`}`