Software /
code /
prosody
File
.semgrep.yml @ 13006:d943733c6d01
mod_tokenauth: fix traceback if password has never been changed
By checking the password_updated_at for non-nilness before using it,
we avoid a nasty crash :-).
author | Jonas Schäfer <jonas@wielicki.name> |
---|---|
date | Tue, 28 Mar 2023 21:25:54 +0200 |
parent | 12717:898e99f49d80 |
line wrap: on
line source
rules: - id: log-variable-fmtstring patterns: - pattern: log("...", $A) - pattern-not: log("...", "...") message: Variable passed as format string to logging languages: [lua] severity: ERROR - id: module-log-variable-fmtstring patterns: - pattern: module:log("...", $A) - pattern-not: module:log("...", "...") message: Variable passed as format string to logging languages: [lua] severity: ERROR - id: module-getopt-string-default patterns: - pattern: module:get_option_string("...", $A) - pattern-not: module:get_option_string("...", "...") - pattern-not: module:get_option_string("...", host) - pattern-not: module:get_option_string("...", module.host) message: Non-string default from :get_option_string severity: ERROR languages: [lua] - id: stanza-empty-text-constructor patterns: - pattern: $A:text() message: Use :get_text() to read text, or pass a value here to add text severity: WARNING languages: [lua]