commit dc9cd3ff8381fa12b4cc5a70aa8356b333ef248c from: Sergey Bronnikov date: Sun Feb 05 09:39:01 2023 UTC rules/lua: add use_fd_after_close rule commit - 75f86fec6ea9dadfe721075865141e7cdf49e704 commit + dc9cd3ff8381fa12b4cc5a70aa8356b333ef248c blob - /dev/null blob + 8cefeb1305d2c139096b1bd92e2628ba7fa7286d (mode 644) --- /dev/null +++ rules/lua/basic/use_fd_after_close.lua @@ -0,0 +1,35 @@ +local fd + +fd = io.open("") +fd:read("*a") +fd:close() +-- ruleid: use_fd_after_close +fd:read("*a") + +fd = io.open("") +fd:read("*a") +io.close(fd) +-- ruleid: use_fd_after_close +fd:read("*a") + +fd = io.lines("") +fd:read("*a") +fd:close() +-- ruleid: use_fd_after_close +fd:read("*a") + +fd = io.lines("") +fd:read("*a") +io.close(fd) +-- ruleid: use_fd_after_close +fd:read("*a") + +fd = io.popen("") +fd:close() +-- ruleid: use_fd_after_close +fd:read("*a") + +fd = io.popen("") +io.close(fd) +-- ruleid: use_fd_after_close +fd:read("*a") blob - /dev/null blob + 74fa172c2fcde6c919e6c558a0ca7241e67d226c (mode 644) --- /dev/null +++ rules/lua/basic/use_fd_after_close.yaml @@ -0,0 +1,43 @@ +rules: + - id: use_fd_after_close + patterns: + - pattern-either: + - pattern: | + $FD = io.open(...) + ... + $FD:close() + - pattern: | + $FD = io.open(...) + ... + io.close($FD) + - pattern: | + $FD = io.popen(...) + ... + $FD:close() + - pattern: | + $FD = io.popen(...) + ... + io.close($FD) + - pattern: | + $FD = io.lines(...) + ... + $FD:close() + - pattern: | + $FD = io.lines(...) + ... + io.close($FD) + - pattern-either: + - pattern: $FD:read(...) + - pattern: $FD:write(...) + - pattern: $FD:seek(...) + - pattern: $FD:flush(...) + - pattern: $FD:lines(...) + - pattern: $FD:setvbuf(...) + - pattern: io.flush($FD) + - pattern: io.read($FD) + - pattern: io.write($FD) + - pattern: io.input($FD) + - pattern: io.output($FD) + message: use_fd_after_close + languages: [lua] + severity: ERROR