From 81a589007fc86091fa0b3e56efe209ac5b1fa294 Mon Sep 17 00:00:00 2001 From: Stephen Benjamin Date: Wed, 6 Apr 2022 17:43:38 -0400 Subject: [PATCH] Fix an edge case --- pkg/analyzer/analyzer.go | 14 +++++++------- testdata/src/p/p.go | 2 ++ 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/pkg/analyzer/analyzer.go b/pkg/analyzer/analyzer.go index 7872289..e859eca 100644 --- a/pkg/analyzer/analyzer.go +++ b/pkg/analyzer/analyzer.go @@ -56,14 +56,14 @@ func run(pass *analysis.Pass) (interface{}, error) { fs := fsRaw.Value[1 : len(fsRaw.Value)-1] regexes := []*regexp.Regexp{ - // - Check to see if it looks like a URI with a port, basically scheme://%s: - // - Scheme, as per RFC3986 is ALPHA *( ALPHA / DIGIT / "+" / "-" / "." ) - // - A format string substitution in the host portion + // These check to see if it looks like a URI with a port, basically scheme://%s:, + // or scheme://user:pass@%s:. + // Matching requirements: + // - Scheme as per RFC3986 is ALPHA *( ALPHA / DIGIT / "+" / "-" / "." ) + // - A format string substitution in the host portion, preceded by an optional username/password@ // - A colon indicating a port will be specified - regexp.MustCompile(`[a-zA-Z0-9+-.]*://%s:.*`), - - // Same as above, but allowing a username/password - regexp.MustCompile(`[a-zA-Z0-9+-.]*://[^/]*@%s:.*`), + regexp.MustCompile(`^[a-zA-Z0-9+-.]*://%s:[^@]*$`), + regexp.MustCompile(`^[a-zA-Z0-9+-.]*://[^/]*@%s:.*$`), } for _, re := range regexes { diff --git a/testdata/src/p/p.go b/testdata/src/p/p.go index a127ce8..f0b2794 100644 --- a/testdata/src/p/p.go +++ b/testdata/src/p/p.go @@ -8,6 +8,8 @@ import ( func _() { _ = fmt.Sprintf("gopher://%s/foo", net.JoinHostPort("foo", "80")) + _ = fmt.Sprintf("postgres://%s:%s@127.0.0.1/%s", "foo", "bar", "baz") + _ = fmt.Sprintf("http://%s/foo", net.JoinHostPort("foo", "80")) _ = fmt.Sprintf("telnet+ssl://%s/foo", net.JoinHostPort("foo", "80"))