From 6bcd89aa6b1cc8a448f99d51886ac29703eb1804 Mon Sep 17 00:00:00 2001 From: Cosmin Cojocar Date: Thu, 25 Jun 2020 17:39:38 +0200 Subject: [PATCH] Mark all lines of a multi-line finding Signed-off-by: Cosmin Cojocar --- output/formatter.go | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/output/formatter.go b/output/formatter.go index 2159a0e98d..c3616c3b6a 100644 --- a/output/formatter.go +++ b/output/formatter.go @@ -324,12 +324,15 @@ func highlight(t string, s gosec.Score) string { // printCodeSnippet prints the code snippet from the issue by adding a marker to the affected line func printCodeSnippet(issue *gosec.Issue) string { + start, end := parseLine(issue.Line) scanner := bufio.NewScanner(strings.NewReader(issue.Code)) var buf bytes.Buffer + line := start for scanner.Scan() { codeLine := scanner.Text() - if strings.HasPrefix(codeLine, issue.Line) { + if strings.HasPrefix(codeLine, strconv.Itoa(line)) && line <= end { codeLine = " > " + codeLine + "\n" + line++ } else { codeLine = " " + codeLine + "\n" } @@ -337,3 +340,22 @@ func printCodeSnippet(issue *gosec.Issue) string { } return buf.String() } + +// parseLine extract the start and the end line numbers from a issue line +func parseLine(line string) (int, int) { + parts := strings.Split(line, "-") + start := parts[0] + end := start + if len(parts) > 1 { + end = parts[1] + } + s, err := strconv.Atoi(start) + if err != nil { + return -1, -1 + } + e, err := strconv.Atoi(end) + if err != nil { + return -1, -1 + } + return s, e +}