cubefs
/
.semgrep.yml
21 строка · 995.0 Байт
1rules:
2- id: rfc-5737-ip-address
3languages:
4- go
5message: Where a real IPv4 address isn't needed, use IPv4 addresses from RFC5737.
6paths:
7include:
8- '*.go'
9patterns:
10- pattern-regex: '(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)'
11- pattern-not-regex: '10\.\d+\.\d+.\d+'
12- pattern-not-regex: '172\.\d+\.\d+.\d+'
13- pattern-not-regex: '169\.\d+\.\d+.\d+'
14- pattern-not-regex: '192\.168\.\d+.\d+'
15- pattern-not-regex: '127\.0\.0\.\d+'
16- pattern-not-regex: '0\.0\.0\.\d+'
17- pattern-not-regex: '255\.255\.255\.\d+'
18- pattern-not-regex: '192\.0\.2\.\d+' # 192.0.2.0/24 (TEST-NET-1, rfc5737)
19- pattern-not-regex: '198\.51\.100\.\d+' # 198.51.100.0/24 (TEST-NET-2, rfc5737)
20- pattern-not-regex: '203\.0\.113\.\d+' # 203.0.113.0/24 (TEST-NET-3, rfc5737)
21severity: WARNING