bronevichok

Commit Diff

Commit:: 2cb7d3edd285db3948c1bfea4ecb3bf661b0f571
From:: Sergey Bronnikov <estetus@gmail.com>
Date:: Sun Feb 5 09:39:01 2023 UTC
Message:: rules/lua: add writing_to_file_in_read_mode rule
Actions:: Patch | Tree

commit - 5efbf02cf0e5885214afebbd9592ed1f9b039233
commit + 2cb7d3edd285db3948c1bfea4ecb3bf661b0f571
blob - /dev/null
blob + 16b95868afc6241455385e2872bc024573dc5688 (mode 644)
--- /dev/null
+++ rules/lua/basic/writing_to_file_in_read_mode.lua
@@ -0,0 +1,15 @@
+local fh
+fh = io.open("example.txt", "w")
+-- ok: writing_to_file_in_read_mode
+fh:write("I'm writable!")
+fh.close()
+
+fh = io.open("example.txt", "r")
+-- ruleid: writing_to_file_in_read_mode
+fh:write("whoops, I'm not writable!")
+fh:close()
+
+fh = io.open("example.txt", "rb")
+-- ruleid: writing_to_file_in_read_mode
+fh:write("whoops, I'm not writable!")
+fh:close()
blob - /dev/null
blob + 2a8977403d062bce79f2de71df483339e6b510f0 (mode 644)
--- /dev/null
+++ rules/lua/basic/writing_to_file_in_read_mode.yaml
@@ -0,0 +1,15 @@
+rules:
+  - id: writing_to_file_in_read_mode
+    patterns:
+      - pattern: |
+          $FD = io.open($NAME, $MODE)
+          ...
+          $FD:write(...)
+      - metavariable-pattern:
+          metavariable: $MODE
+          pattern-regex: "r"
+    message: |
+      The file object "$FD" was opened in read mode, but is being
+      written to. This will cause a runtime error.
+    severity: ERROR
+    languages: [lua]