Skip to content

Commit

Permalink
Fix data race in the analyzer
Browse files Browse the repository at this point in the history
Signed-off-by: Cosmin Cojocar <[email protected]>
  • Loading branch information
ccojocar committed Oct 18, 2023
1 parent c06903a commit a239758
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 0 deletions.
3 changes: 3 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,9 @@ test-coverage: install-test-deps
build:
go build -o $(BIN) ./cmd/gosec/

build-race:
go build -race -o $(BIN) ./cmd/gosec/

clean:
rm -rf build vendor dist coverage.txt
rm -f release image $(BIN)
Expand Down
5 changes: 5 additions & 0 deletions analyzer.go
Original file line number Diff line number Diff line change
Expand Up @@ -184,6 +184,7 @@ type Analyzer struct {
trackSuppressions bool
concurrency int
analyzerList []*analysis.Analyzer
mu sync.Mutex
}

// NewAnalyzer builds a new analyzer.
Expand Down Expand Up @@ -324,7 +325,9 @@ func (gosec *Analyzer) load(pkgPath string, conf *packages.Config) ([]*packages.
// step 1/3 create build context.
buildD := build.Default
// step 2/3: add build tags to get env dependent files into basePackage.
gosec.mu.Lock()
buildD.BuildTags = conf.BuildFlags
gosec.mu.Unlock()
basePackage, err := buildD.ImportDir(pkgPath, build.ImportComment)
if err != nil {
return []*packages.Package{}, fmt.Errorf("importing dir %q: %w", pkgPath, err)
Expand All @@ -348,7 +351,9 @@ func (gosec *Analyzer) load(pkgPath string, conf *packages.Config) ([]*packages.
}

// step 3/3 remove build tags from conf to proceed build correctly.
gosec.mu.Lock()
conf.BuildFlags = nil
defer gosec.mu.Unlock()
pkgs, err := packages.Load(conf, packageFiles...)
if err != nil {
return []*packages.Package{}, fmt.Errorf("loading files from package %q: %w", pkgPath, err)
Expand Down

0 comments on commit a239758

Please sign in to comment.