Skip to content

Commit

Permalink
Merge pull request #3303 from semgrep/merge-develop-to-release
Browse files Browse the repository at this point in the history 
Merge Develop into Release
  • Loading branch information
@p4p3r
p4p3r authored Feb 8, 2024
2 parents 8b8f6d3 + 43bdb01 commit 1aec993
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 5 deletions.
4 changes: 3 additions & 1 deletion generic/secrets/security/detected-etc-shadow.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
rules:
- id: detected-etc-shadow
pattern-regex: root:[x!*]*:[0-9]*:[0-9]*
patterns:
- pattern-regex: ^(\s*)(?P<ROOT>root:[x!*]*:[0-9]*:[0-9]*)
- focus-metavariable: $ROOT
languages: [regex]
message: linux shadow file detected
severity: ERROR
Expand Down
5 changes: 1 addition & 4 deletions go/lang/security/decompression_bomb.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,7 @@ rules:
message: >-
Detected a possible denial-of-service via a zip bomb attack. By limiting the max
bytes read, you can mitigate this attack.
`io.CopyN()` can specify a size. Refer to https://bomb.codes/ to learn more about
this attack and other ways to mitigate
it.
`io.CopyN()` can specify a size.
severity: WARNING
languages: [go]
patterns:
Expand Down Expand Up @@ -51,7 +49,6 @@ rules:
- 'CWE-400: Uncontrolled Resource Consumption'
source-rule-url: https://github.com/securego/gosec
references:
- https://bomb.codes/
- https://golang.org/pkg/io/#CopyN
- https://github.com/securego/gosec/blob/master/rules/decompression-bomb.go
category: security
Expand Down

0 comments on commit 1aec993

Please sign in to comment.