From 2ab72b4feef2c97f22f90cfbf9e45a6cfcd08bda Mon Sep 17 00:00:00 2001 From: Taras Madan Date: Tue, 5 Dec 2023 15:10:03 +0100 Subject: vendor: updates --- vendor/github.com/securego/gosec/v2/helpers.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'vendor/github.com/securego/gosec/v2/helpers.go') diff --git a/vendor/github.com/securego/gosec/v2/helpers.go b/vendor/github.com/securego/gosec/v2/helpers.go index b4c23e5bb..15b2b5f3a 100644 --- a/vendor/github.com/securego/gosec/v2/helpers.go +++ b/vendor/github.com/securego/gosec/v2/helpers.go @@ -100,7 +100,7 @@ func GetChar(n ast.Node) (byte, error) { // Unlike the other getters, it does _not_ raise an error for unknown ast.Node types. At the base, the recursion will hit a non-BinaryExpr type, // either BasicLit or other, so it's not an error case. It will only error if `strconv.Unquote` errors. This matters, because there's // currently functionality that relies on error values being returned by GetString if and when it hits a non-basiclit string node type, -// hence for cases where recursion is needed, we use this separate function, so that we can still be backwards compatbile. +// hence for cases where recursion is needed, we use this separate function, so that we can still be backwards compatible. // // This was added to handle a SQL injection concatenation case where the injected value is infixed between two strings, not at the start or end. See example below // @@ -183,7 +183,7 @@ func GetCallInfo(n ast.Node, ctx *Context) (string, string, error) { case *ast.CallExpr: switch call := expr.Fun.(type) { case *ast.Ident: - if call.Name == "new" { + if call.Name == "new" && len(expr.Args) > 0 { t := ctx.Info.TypeOf(expr.Args[0]) if t != nil { return t.String(), fn.Sel.Name, nil -- cgit mrf-deployment