-
Notifications
You must be signed in to change notification settings - Fork 1
/
lua_use_fd_after_close.yaml
58 lines (56 loc) · 1.91 KB
/
lua_use_fd_after_close.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# Фалсит ужасно.
# home.sergeyb.sources.semgrep-rules.rules.lua.tarantool.fio.use_fd_after_close
# use_fd_after_close
# 10┆ endpoints = {string.format("http://%s:2379", os.getenv('ETCD_HOST') or 'etcd')};
# ⋮┆----------------------------------------
# 10┆ endpoints = {string.format("http://%s:2379", os.getenv('ETCD_HOST') or 'etcd')};
# ⋮┆----------------------------------------
# 10┆ endpoints = {string.format("http://%s:2379", os.getenv('ETCD_HOST') or 'etcd')};
# ⋮┆----------------------------------------
# 10┆ endpoints = {string.format("http://%s:2379", os.getenv('ETCD_HOST') or 'etcd')};
rules:
- id: lua_use_fd_after_close
metadata:
author: Sergey Bronnikov <estetus@gmail.com>
description: File descriptors leak.
message: File descriptors leak.
languages: [lua]
severity: ERROR
patterns:
- pattern-either:
- pattern: |
$FD = io.open(...)
...
$FD:close()
- pattern: |
$FD = io.open(...)
...
io.close($FD)
- pattern: |
$FD = io.popen(...)
...
$FD:close()
- pattern: |
$FD = io.popen(...)
...
io.close($FD)
- pattern: |
$FD = io.lines(...)
...
$FD:close()
- pattern: |
$FD = io.lines(...)
...
io.close($FD)
- pattern-either:
- pattern: $FD:read(...)
- pattern: $FD:write(...)
- pattern: $FD:seek(...)
- pattern: $FD:flush(...)
- pattern: $FD:lines(...)
- pattern: $FD:setvbuf(...)
- pattern: io.flush($FD)
- pattern: io.read($FD)
- pattern: io.write($FD)
- pattern: io.input($FD)
- pattern: io.output($FD)