Skip to content

Commit

Permalink
Semgrep rules for adapters (prebid#2833)
Browse files Browse the repository at this point in the history
  • Loading branch information
@onkarvhanumante @Peiling-Ding
onkarvhanumante authored and Peiling-Ding committed Jul 6, 2023
1 parent cb0ca03 commit c9ae6ca
Show file tree
Hide file tree
Showing 4 changed files with 427 additions and 0 deletions.
124 changes: 124 additions & 0 deletions .semgrep/adapter/builder-struct-name.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,124 @@
/*
builder-struct-name tests
https://semgrep.dev/docs/writing-rules/testing-rules
"ruleid" prefix in comment indicates patterns that should be flagged by semgrep
"ok" prefix in comment indidcates patterns that should not be flagged by the semgrep
*/

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
foo1 := foo{}
// ruleid: builder-struct-name-check
return &fooadapter{foo: foo1}, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
// ruleid: builder-struct-name-check
return &adapterbar{}, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
// ruleid: builder-struct-name-check
return &fooadapterbar{}, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
// ruleid: builder-struct-name-check
return &FooAdapter{}, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
// ruleid: builder-struct-name-check
return &AdapterBar{}, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
// ruleid: builder-struct-name-check
return &AdapterBar{}, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
// ruleid: builder-struct-name-check
return &FooAdapterBar{}, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
foo2 := foo{}
//ruleid: builder-struct-name-check
adpt1 := Adapter{foo: foo2}
return &adpt1, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
//ruleid: builder-struct-name-check
builder := &Adapter{foo{}}
return builder, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
foo3 := foo{}
if foo3.bar == "" {
foo3.bar = "bar"
}
//ruleid: builder-struct-name-check
adpt2 := Adapter{}
adpt2.foo = foo3
return &adpt2, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
//ruleid: builder-struct-name-check
return &foo{}, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
//ruleid: builder-struct-name-check
var obj Adapter
obj.Foo = "foo"
if obj.Bar == "" {
obj.Bar = "bar"
}
return &obj, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
//ruleid: builder-struct-name-check
var obj *FooAdapterBar
obj.Foo = "foo"
if obj.Bar == "" {
obj.Bar = "bar"
}
return obj, nil
}

func Builder(bidderName openrtb_ext.BidderName, config config.Adapter, server config.Server) (adapters.Bidder, error) {
// ok: builder-struct-name-check
return &adapter{endpoint: "www.foo.com"}, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
builder := &adapter{}
builder.endpoint = "www.foo.com"
// ok: builder-struct-name-check
return builder, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
builder := adapter{}
builder.endpoint = "www.foo.com"
// ok: builder-struct-name-check
return &builder, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
var builder adapter
builder.endpoint = "www.foo.com"
// ok: builder-struct-name-check
return &builder, nil
}

func Builder(_ openrtb_ext.BidderName, config config.Adapter, _ config.Server) (adapters.Bidder, error) {
var builder *adapter
builder.endpoint = "www.foo.com"
// ok: builder-struct-name-check
return builder, nil
}
58 changes: 58 additions & 0 deletions .semgrep/adapter/builder-struct-name.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
rules:
- id: builder-struct-name-check
languages:
- go
message: |
You can call this simply "adapter", the `$BUILDER` identification is already supplied by the package name. As you have it, referencing your adapter from outside the package would be `$BUILDER.$BUILDER` which looks a little redundant. See example below:
```
package foo
type adapter struct {
endpoint string
}
func Builder(bidderName openrtb_ext.BidderName, config config.Adapter, server config.Server) (adapters.Bidder, error) {
return &adapter{endpoint: "https://www.foo.com"}, nil
}
```
severity: WARNING
patterns:
- pattern-either:
- pattern-inside: >
func Builder($BIDDER_NAME openrtb_ext.BidderName, $CONFIG config.Adapter, $SERVER config.Server) (adapters.Bidder, error) {
...
$BUILDER_OBJ := &$BUILDER{...}
...
return $BUILDER_OBJ, nil
}
- pattern-inside: >
func Builder($BIDDER_NAME openrtb_ext.BidderName, $CONFIG config.Adapter, $SERVER config.Server) (adapters.Bidder, error) {
...
$BUILDER_OBJ := $BUILDER{...}
...
return &$BUILDER_OBJ, nil
}
- pattern-inside: >
func Builder($BIDDER_NAME openrtb_ext.BidderName, $CONFIG config.Adapter, $SERVER config.Server) (adapters.Bidder, error) {
...
return &$BUILDER{...}, ...
}
- pattern-inside: >
func Builder($BIDDER_NAME openrtb_ext.BidderName, $CONFIG config.Adapter, $SERVER config.Server) (adapters.Bidder, error) {
...
var $BUILDER_OBJ $BUILDER
...
return &$BUILDER_OBJ, ...
}
- pattern-inside: >
func Builder($BIDDER_NAME openrtb_ext.BidderName, $CONFIG config.Adapter, $SERVER config.Server) (adapters.Bidder, error) {
...
var $BUILDER_OBJ *$BUILDER
...
return $BUILDER_OBJ, ...
}
- focus-metavariable: $BUILDER
- metavariable-regex:
metavariable: $BUILDER
regex: (?!adapter$)
181 changes: 181 additions & 0 deletions .semgrep/adapter/type-bid-assignment.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,181 @@
/*
type-bid-assignment tests
https://semgrep.dev/docs/writing-rules/testing-rules
"ruleid" prefix in comment indicates patterns that should be flagged by semgrep
"ok" prefix in comment indidcates patterns that should not be flagged by the semgrep
*/

func (a *adapter) MakeBids(internalRequest *openrtb2.BidRequest, externalRequest *adapters.RequestData, response *adapters.ResponseData) (*adapters.BidderResponse, []error) {
var bidResp openrtb2.BidResponse

if err := json.Unmarshal(response.Body, &bidResp); err != nil {
return nil, []error{err}
}

for _, seatBid := range bidResp.SeatBid {
for _, sb := range seatBid.Bid {
bidType, err := getMediaTypeForImp(seatBid.Bid[i], internalRequest.Imp)
if err != nil {
errs = append(errs, err)
} else {
b := &adapters.TypedBid{
// ruleid: type-bid-assignment-check
Bid: &sb,
BidType: bidType,
}
bidResponse.Bids = append(bidResponse.Bids, b)
}
}
}
}

func (a *adapter) MakeBids(internalRequest *openrtb2.BidRequest, externalRequest *adapters.RequestData, response *adapters.ResponseData) (*adapters.BidderResponse, []error) {
var bidResp openrtb2.BidResponse

if err := json.Unmarshal(response.Body, &bidResp); err != nil {
return nil, []error{err}
}

for _, seatBid := range bidResp.SeatBid {
for _, sb := range seatBid.Bid {
sbcopy := sb
bidType, err := getMediaTypeForImp(seatBid.Bid[i], internalRequest.Imp)
if err != nil {
errs = append(errs, err)
} else {
b := &adapters.TypedBid{
// ok: type-bid-assignment-check
Bid: &sbcopy,
BidType: bidType,
}
bidResponse.Bids = append(bidResponse.Bids, b)
}
}
}
}

func (a *adapter) MakeBids(internalRequest *openrtb2.BidRequest, externalRequest *adapters.RequestData, response *adapters.ResponseData) (*adapters.BidderResponse, []error) {
var bidResp openrtb2.BidResponse

if err := json.Unmarshal(response.Body, &bidResp); err != nil {
return nil, []error{err}
}

for _, seatBid := range bidResp.SeatBid {
for _, sb := range seatBid.Bid {
bidType, err := getMediaTypeForImp(seatBid.Bid[i], internalRequest.Imp)
if err != nil {
return nil, err
}
bidResponse.Bids = append(bidResponse.Bids, &adapters.TypedBid{
// ruleid: type-bid-assignment-check
Bid: &sb,
BidType: bidType,
})

}
}
}

func (a *adapter) MakeBids(internalRequest *openrtb2.BidRequest, externalRequest *adapters.RequestData, response *adapters.ResponseData) (*adapters.BidderResponse, []error) {
var bidResp openrtb2.BidResponse

if err := json.Unmarshal(response.Body, &bidResp); err != nil {
return nil, []error{err}
}

for _, seatBid := range bidResp.SeatBid {
for _, sb := range seatBid.Bid {
bidType, err := getMediaTypeForImp(seatBid.Bid[i], internalRequest.Imp)
if err != nil {
return nil, err
}
// ruleid: type-bid-assignment-check
bidResponse.Bids = append(bidResponse.Bids, &adapters.TypedBid{Bid: &sb, BidType: bidType})
}
}
}

func (a *adapter) MakeBids(internalRequest *openrtb2.BidRequest, externalRequest *adapters.RequestData, response *adapters.ResponseData) (*adapters.BidderResponse, []error) {
var bidResp openrtb2.BidResponse

if err := json.Unmarshal(response.Body, &bidResp); err != nil {
return nil, []error{err}
}

var errors []error
for _, seatBid := range bidResp.SeatBid {
for _, bid := range seatBid.Bid {
var t adapters.TypedBid
// ruleid: type-bid-assignment-check
t.Bid = &bid
bidResponse.Bids = append(bidResponse.Bids, &t)
}
}
return bidResponse, errors
}

func (a *adapter) MakeBids(internalRequest *openrtb2.BidRequest, externalRequest *adapters.RequestData, response *adapters.ResponseData) (*adapters.BidderResponse, []error) {
var bidResp openrtb2.BidResponse

if err := json.Unmarshal(response.Body, &bidResp); err != nil {
return nil, []error{err}
}

var errors []error
for _, seatBid := range bidResp.SeatBid {
for _, bid := range seatBid.Bid {
var t adapters.TypedBid
t = adapters.TypedBid{
// ruleid: type-bid-assignment-check
Bid: &bid,
}

bidResponse.Bids = append(bidResponse.Bids, &t)
}
}
return bidResponse, errors
}

func (a *adapter) MakeBids(internalRequest *openrtb2.BidRequest, externalRequest *adapters.RequestData, response *adapters.ResponseData) (*adapters.BidderResponse, []error) {
var bidResp openrtb2.BidResponse

if err := json.Unmarshal(response.Body, &bidResp); err != nil {
return nil, []error{err}
}

for _, seatBid := range bidResp.SeatBid {
for idx, _ := range seatBid.Bid {
bidType, err := getMediaTypeForImp(seatBid.Bid[i], internalRequest.Imp)
if err != nil {
errs = append(errs, err)
} else {
b := &adapters.TypedBid{
// ok: type-bid-assignment-check
Bid: &seatBid.Bid[idx],
BidType: bidType,
}
bidResponse.Bids = append(bidResponse.Bids, b)
}
}
}
}

func (a *adapter) MakeBids(internalRequest *openrtb2.BidRequest, externalRequest *adapters.RequestData, response *adapters.ResponseData) (*adapters.BidderResponse, []error) {
var bidResp openrtb2.BidResponse

if err := json.Unmarshal(response.Body, &bidResp); err != nil {
return nil, []error{err}
}

for _, seatBid := range bidResp.SeatBid {
for idx := range seatBid.Bid {
bidType, err := getMediaTypeForImp(seatBid.Bid[i], internalRequest.Imp)
if err != nil {
return nil, err
}
// ok: type-bid-assignment-check
bidResponse.Bids = append(bidResponse.Bids, &adapters.TypedBid{Bid: &seatBid.Bid[idx], BidType: bidType})
}
}
}
Loading

0 comments on commit c9ae6ca

Please sign in to comment.