File

.semgrep.yml @ 11936:3f49c35607ca

mod_smacks: Fix timer lifetimes to follow session instead of module module:add_timer() creates a timer that stops working after the module is reloaded or unloaded, in order to prevent leaks. However, when the timers control vital session behavior, breakage occurs after reload. E.g. sessions would stop requesting acks and stop responding to acks.
author Kim Alvefur <zash@zash.se>
date Wed, 24 Nov 2021 21:27:45 +0100
parent 11289:c6965f3c321c
child 12717:898e99f49d80
line wrap: on
line source

rules:
- id: log-variable-fmtstring
  patterns:
    - pattern: log("...", $A)
    - pattern-not: log("...", "...")
  message: Variable passed as format string to logging
  languages: [lua]
  severity: ERROR
- id: module-log-variable-fmtstring
  patterns:
    - pattern: module:log("...", $A)
    - pattern-not: module:log("...", "...")
  message: Variable passed as format string to logging
  languages: [lua]
  severity: ERROR
- id: module-getopt-string-default
  patterns:
    - pattern: module:get_option_string("...", $A)
    - pattern-not: module:get_option_string("...", "...")
    - pattern-not: module:get_option_string("...", host)
    - pattern-not: module:get_option_string("...", module.host)
  message: Non-string default from :get_option_string
  severity: ERROR
  languages: [lua]