dgryski.semgrep-go.hmac-hash.hmac-needs-new

dgryski

Author

581

Download Count*

MIT

License

calling hmac.New with unchanging hash.New

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: hmac-needs-new
    patterns:
      - pattern-either:
          - pattern: |
              $H := $HASH.New()
              ...
              $FUNC := func() hash.Hash { return $H }
              ...
              hmac.New($FUNC, ...)
          - pattern: |
              $H := $HASH.New()
              ...
              hmac.New(func() hash.Hash { return $H }, ...)
          - pattern: |
              hmac.New(func() hash.Hash { return ( $H : hash.Hash) }, ...)
    message: calling hmac.New with unchanging hash.New
    languages:
      - go
    severity: ERROR
    metadata:
      license: MIT

Short Link: https://sg.run/Bkdb