зеркало из https://github.com/golang/vulndb.git
all: fix printf(var) mistakes detected by latest printf checker
This includes testdata files that incorrectly formatted "%40l". For golang/go#69267. Change-Id: Ibd22b65c89382b386452f0a5b442bb94a4c03c22 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/610955 Reviewed-by: Ian Lance Taylor <iant@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This commit is contained in:
Родитель
78c6ef60d6
Коммит
22fa4ff59a
|
@ -113,7 +113,7 @@ func TestLintReports(t *testing.T) {
|
||||||
}
|
}
|
||||||
lints := lint(r)
|
lints := lint(r)
|
||||||
if len(lints) > 0 {
|
if len(lints) > 0 {
|
||||||
t.Errorf(strings.Join(lints, "\n"))
|
t.Error(strings.Join(lints, "\n"))
|
||||||
}
|
}
|
||||||
duplicates := make(map[string][]string)
|
duplicates := make(map[string][]string)
|
||||||
for _, alias := range r.Aliases() {
|
for _, alias := range r.Aliases() {
|
||||||
|
|
|
@ -7,6 +7,7 @@ package cve5
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
@ -496,5 +497,5 @@ func extractError(resp *http.Response) error {
|
||||||
errMsg = fmt.Sprintf("%s\n %s: %s", errMsg, detail.InstancePath, detail.Message)
|
errMsg = fmt.Sprintf("%s\n %s: %s", errMsg, detail.InstancePath, detail.Message)
|
||||||
}
|
}
|
||||||
|
|
||||||
return fmt.Errorf(errMsg)
|
return errors.New(errMsg)
|
||||||
}
|
}
|
||||||
|
|
|
@ -24,8 +24,8 @@ notes:
|
||||||
- lint: 'modules[0] "std": packages[0] "archive/zip": at least one of vulnerable_at and skip_fix must be set'
|
- lint: 'modules[0] "std": packages[0] "archive/zip": at least one of vulnerable_at and skip_fix must be set'
|
||||||
- lint: 'references: must contain at least one fix'
|
- lint: 'references: must contain at least one fix'
|
||||||
- lint: 'references: must contain at least one report'
|
- lint: 'references: must contain at least one report'
|
||||||
- lint: 'references[0] "https://lists.fedoraproject.org/archives/list/package-announce%!l(MISSING)ists.fedoraproject.org/message/2MU47VKTNXX33ZDLTI2ORRUY3KLJKU6G/": "https://lists.fedoraproject.org/archives/list/package-announce%!l(MISSING)ists.fedoraproject.org/message/2MU47VKTNXX33ZDLTI2ORRUY3KLJKU6G/": advisory reference must not be set for first-party issues'
|
- lint: 'references[0] "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MU47VKTNXX33ZDLTI2ORRUY3KLJKU6G/": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MU47VKTNXX33ZDLTI2ORRUY3KLJKU6G/": advisory reference must not be set for first-party issues'
|
||||||
- lint: 'references[1] "https://lists.fedoraproject.org/archives/list/package-announce%!l(MISSING)ists.fedoraproject.org/message/HM7U5JNS5WU66Q3S26PFIU2ITB2ATTQ4/": "https://lists.fedoraproject.org/archives/list/package-announce%!l(MISSING)ists.fedoraproject.org/message/HM7U5JNS5WU66Q3S26PFIU2ITB2ATTQ4/": advisory reference must not be set for first-party issues'
|
- lint: 'references[1] "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HM7U5JNS5WU66Q3S26PFIU2ITB2ATTQ4/": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HM7U5JNS5WU66Q3S26PFIU2ITB2ATTQ4/": advisory reference must not be set for first-party issues'
|
||||||
- lint: 'references[2] "https://nvd.nist.gov/vuln/detail/CVE-2021-27919": "https://nvd.nist.gov/vuln/detail/CVE-2021-27919": advisory reference must not be set for first-party issues'
|
- lint: 'references[2] "https://nvd.nist.gov/vuln/detail/CVE-2021-27919": "https://nvd.nist.gov/vuln/detail/CVE-2021-27919": advisory reference must not be set for first-party issues'
|
||||||
- lint: 'references[3] "https://security.gentoo.org/glsa/202208-02": "https://security.gentoo.org/glsa/202208-02": advisory reference must not be set for first-party issues'
|
- lint: 'references[3] "https://security.gentoo.org/glsa/202208-02": "https://security.gentoo.org/glsa/202208-02": advisory reference must not be set for first-party issues'
|
||||||
source:
|
source:
|
||||||
|
|
|
@ -25,7 +25,7 @@ notes:
|
||||||
- lint: 'modules[0] "cmd": packages[0] "cmd/go": at least one of vulnerable_at and skip_fix must be set'
|
- lint: 'modules[0] "cmd": packages[0] "cmd/go": at least one of vulnerable_at and skip_fix must be set'
|
||||||
- lint: 'references: must contain at least one fix'
|
- lint: 'references: must contain at least one fix'
|
||||||
- lint: 'references: must contain at least one report'
|
- lint: 'references: must contain at least one report'
|
||||||
- lint: 'references[0] "https://lists.fedoraproject.org/archives/list/package-announce%!l(MISSING)ists.fedoraproject.org/message/YWAYJGXWC232SG3UR3TR574E6BP3OSQQ/": "https://lists.fedoraproject.org/archives/list/package-announce%!l(MISSING)ists.fedoraproject.org/message/YWAYJGXWC232SG3UR3TR574E6BP3OSQQ/": advisory reference must not be set for first-party issues'
|
- lint: 'references[0] "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWAYJGXWC232SG3UR3TR574E6BP3OSQQ/": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWAYJGXWC232SG3UR3TR574E6BP3OSQQ/": advisory reference must not be set for first-party issues'
|
||||||
- lint: 'references[1] "https://nvd.nist.gov/vuln/detail/CVE-2021-3115": "https://nvd.nist.gov/vuln/detail/CVE-2021-3115": advisory reference must not be set for first-party issues'
|
- lint: 'references[1] "https://nvd.nist.gov/vuln/detail/CVE-2021-3115": "https://nvd.nist.gov/vuln/detail/CVE-2021-3115": advisory reference must not be set for first-party issues'
|
||||||
- lint: 'references[2] "https://security.gentoo.org/glsa/202208-02": "https://security.gentoo.org/glsa/202208-02": advisory reference must not be set for first-party issues'
|
- lint: 'references[2] "https://security.gentoo.org/glsa/202208-02": "https://security.gentoo.org/glsa/202208-02": advisory reference must not be set for first-party issues'
|
||||||
- lint: 'references[3] "https://blog.go.dev/path-security": "https://blog.go.dev/path-security": web reference must match regex "https://groups.google.com/g/golang-(announce|dev|nuts)/c/([^/]+)"'
|
- lint: 'references[3] "https://blog.go.dev/path-security": "https://blog.go.dev/path-security": web reference must match regex "https://groups.google.com/g/golang-(announce|dev|nuts)/c/([^/]+)"'
|
||||||
|
|
|
@ -481,7 +481,7 @@ func (r *Report) LintAsNotes(pc *proxy.Client) bool {
|
||||||
if lints := r.Lint(pc); len(lints) > 0 {
|
if lints := r.Lint(pc); len(lints) > 0 {
|
||||||
slices.Sort(lints)
|
slices.Sort(lints)
|
||||||
for _, lint := range lints {
|
for _, lint := range lints {
|
||||||
r.AddNote(NoteTypeLint, lint)
|
r.AddNote(NoteTypeLint, "%s", lint)
|
||||||
}
|
}
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
|
@ -153,7 +153,7 @@ func (s *Server) serveError(ctx context.Context, w http.ResponseWriter, _ *http.
|
||||||
serr = &serverError{status: http.StatusInternalServerError, err: err}
|
serr = &serverError{status: http.StatusInternalServerError, err: err}
|
||||||
}
|
}
|
||||||
if serr.status == http.StatusInternalServerError {
|
if serr.status == http.StatusInternalServerError {
|
||||||
log.Errorf(ctx, serr.err.Error())
|
log.Errorf(ctx, "%s", serr.err.Error())
|
||||||
} else {
|
} else {
|
||||||
log.Errorf(ctx, "returning %d (%s) for error %v", serr.status, http.StatusText(serr.status), err)
|
log.Errorf(ctx, "returning %d (%s) for error %v", serr.status, http.StatusText(serr.status), err)
|
||||||
}
|
}
|
||||||
|
|
Загрузка…
Ссылка в новой задаче