diff --git a/rules/go/lang/hardcoded_database_password.yml b/rules/go/lang/hardcoded_mysql_database_password.yml similarity index 74% rename from rules/go/lang/hardcoded_database_password.yml rename to rules/go/lang/hardcoded_mysql_database_password.yml index ed9160879..580812c73 100644 --- a/rules/go/lang/hardcoded_database_password.yml +++ b/rules/go/lang/hardcoded_mysql_database_password.yml @@ -3,7 +3,7 @@ patterns: $.Config{$Passwd: $} filters: - variable: SQL - detection: go_lang_hardcoded_database_password_mysql_init + detection: go_lang_hardcoded_mysql_database_password_init scope: cursor - variable: STRING_LITERAL detection: string_literal @@ -12,20 +12,20 @@ patterns: $.Open($<_>, $) filters: - variable: INIT - detection: go_lang_hardcoded_database_password_init + detection: go_lang_hardcoded_mysql_database_password_sql_init scope: cursor - variable: STRING string_regex: \A\w+:.+@.*\z scope: cursor auxiliary: - - id: go_lang_hardcoded_database_password_mysql_init + - id: go_lang_hardcoded_mysql_database_password_init patterns: - import $"github.com/go-sql-driver/mysql" - | import ( $"github.com/go-sql-driver/mysql" ) - - id: go_lang_hardcoded_database_password_init + - id: go_lang_hardcoded_mysql_database_password_sql_init patterns: - import $"database/sql" - | @@ -35,7 +35,7 @@ auxiliary: languages: - go metadata: - description: "Usage of hard-coded database password" + description: "Usage of hard-coded MySQL database password" remediation_message: | ## Description @@ -45,5 +45,5 @@ metadata: - [OWASP hardcoded passwords](https://owasp.org/www-community/vulnerabilities/Use_of_hard-coded_password) cwe_id: - 259 - id: go_lang_hardcoded_database_password - documentation_url: https://docs.bearer.com/reference/rules/go_lang_hardcoded_database_password + id: go_lang_hardcoded_mysql_database_password + documentation_url: https://docs.bearer.com/reference/rules/go_lang_hardcoded_mysql_database_password diff --git a/tests/go/lang/hardcoded_database_password/test.js b/tests/go/lang/hardcoded_mysql_database_password/test.js similarity index 100% rename from tests/go/lang/hardcoded_database_password/test.js rename to tests/go/lang/hardcoded_mysql_database_password/test.js diff --git a/tests/go/lang/hardcoded_database_password/testdata/main.go b/tests/go/lang/hardcoded_mysql_database_password/testdata/main.go similarity index 88% rename from tests/go/lang/hardcoded_database_password/testdata/main.go rename to tests/go/lang/hardcoded_mysql_database_password/testdata/main.go index dfa35b4e4..a8dc09229 100644 --- a/tests/go/lang/hardcoded_database_password/testdata/main.go +++ b/tests/go/lang/hardcoded_mysql_database_password/testdata/main.go @@ -1,4 +1,4 @@ -// Use bearer:expected go_lang_hardcoded_database_password to flag expected findings +// Use of bearer:expected go_lang_hardcoded_mysql_database_password to flag expected findings package main import ( @@ -20,7 +20,7 @@ func bad1() { dsn := fmt.Sprintf("%s:%s@tcp(localhost:%d)/%s?charset=utf8", dbUser, dbPassword, port, dbName) // Connect to the database - // bearer:expected go_lang_hardcoded_database_password + // bearer:expected go_lang_hardcoded_mysql_database_password db, err := sql.Open("mysql", dsn) if err != nil { panic(err) @@ -34,7 +34,7 @@ func bad1() { func bad1() { cfg := mysql.Config{ User: "user", - // bearer:expected go_lang_hardcoded_database_password + // bearer:expected go_lang_hardcoded_mysql_database_password Passwd: "password", Net: "tcp", Addr: "127.0.0.1:3306",