Software `/` code `/` prosody

Annotate

.semgrep.yml @ 11704:0a8671f32424

mod_s2s: Guard against missing 'to' on incoming stream Given an incoming <stream:stream from="example.com"> this line would have mistakenly reported the 'from' as the local host. Neither are technically required and may be missing, especially on connections used only for Dialback. Outgoing connections initiated by Prosody always have 'from_host' and 'to_host', so it is safer to check it this way.

author	Kim Alvefur <zash@zash.se>
date	Sun, 18 Jul 2021 09:08:04 +0200
parent	11289:c6965f3c321c
child	12717:898e99f49d80

rev	line source
11289 c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	1 rules:
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	2 - id: log-variable-fmtstring
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	3 patterns:
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	4 - pattern: log("...", $A)
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	5 - pattern-not: log("...", "...")
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	6 message: Variable passed as format string to logging
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	7 languages: [lua]
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	8 severity: ERROR
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	9 - id: module-log-variable-fmtstring
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	10 patterns:
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	11 - pattern: module:log("...", $A)
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	12 - pattern-not: module:log("...", "...")
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	13 message: Variable passed as format string to logging
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	14 languages: [lua]
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	15 severity: ERROR
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	16 - id: module-getopt-string-default
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	17 patterns:
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	18 - pattern: module:get_option_string("...", $A)
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	19 - pattern-not: module:get_option_string("...", "...")
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	20 - pattern-not: module:get_option_string("...", host)
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	21 - pattern-not: module:get_option_string("...", module.host)
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	22 message: Non-string default from :get_option_string
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	23 severity: ERROR
c6965f3c321c lint: Add initial semgrep config Kim Alvefur <zash@zash.se> parents: diff changeset	24 languages: [lua]

prosody

0a8671f32424

.semgrep.yml

Software / code / prosody

Annotate

.semgrep.yml @ 11704:0a8671f32424

Software `/` code `/` prosody