Created
May 20, 2023 03:29
-
-
Save ryantm/16528c00ff7fa1537bb9da48deb7ecb0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Using config found at /home/ryantm/.gokart/analyzers.yml | |
| Revving engines VRMMM VRMMM | |
| 3...2...1...Go! | |
| (CWE-918: Server-Side Request Forgery) Danger: possible SSRF detected | |
| /home/ryantm/p/replit/goval/pkg/routers/proxy.go:1028 | |
| Vulnerable Function: [ wakeRepl(...) (*github.com/replit/goval/api/controlplane.ReplInfo, error ] | |
| 1027: | |
| > 1028: res, err := quickPingClient.Do(req) | |
| 1029: if res != nil && res.Body != nil { | |
| /home/ryantm/p/replit/goval/pkg/routers/proxy.go:1427 | |
| Source of Untrusted Input: [ ServeHTTP(...) ] | |
| 1426: | |
| > 1427: func (p *ProxyRequest) ServeHTTP(w http.ResponseWriter, r *http.Request) { | |
| 1428: monitoring.Inc("proxy", "active_http_connections") | |
| ------------------------------------------------------------------------------ | |
| (CWE-918: Server-Side Request Forgery) Danger: possible SSRF detected | |
| /home/ryantm/p/replit/goval/pkg/routers/proxy.go:2588 | |
| Vulnerable Function: [ pingMachine(...) error ] | |
| 2587: | |
| > 2588: res, err := pingClient.Do(req) | |
| 2589: if err != nil { | |
| /home/ryantm/p/replit/goval/pkg/routers/proxy.go:1427 | |
| Source of Untrusted Input: [ ServeHTTP(...) ] | |
| 1426: | |
| > 1427: func (p *ProxyRequest) ServeHTTP(w http.ResponseWriter, r *http.Request) { | |
| 1428: monitoring.Inc("proxy", "active_http_connections") | |
| ------------------------------------------------------------------------------ | |
| (CWE-78: OS Command Injection) Danger: possible command injection detected | |
| /home/ryantm/p/replit/goval/pkg/container/runtime/docker/docker.go:1967 | |
| Vulnerable Function: [ setupNetwork(...) error ] | |
| 1966: args := append([]string{"rule", "list"}, rule...) | |
| > 1967: cmd := exec.Command("ip", args...) | |
| 1968: var stdout bytes.Buffer | |
| /home/ryantm/p/replit/goval/pkg/container/runtime/docker/docker.go:1974 | |
| Source of Untrusted Input: [ setupNetwork(...) error ] | |
| 1973: if err != nil { | |
| > 1974: return fmt.Errorf("%q failed: %w: %q", args, err, stderr.String()) | |
| 1975: } | |
| ------------------------------------------------------------------------------ | |
| (CWE-78: OS Command Injection) Danger: possible command injection detected | |
| /home/ryantm/p/replit/goval/pkg/container/runtime/docker/docker.go:1986 | |
| Vulnerable Function: [ setupNetwork(...) error ] | |
| 1985: args := append([]string{"rule", "add"}, rule...) | |
| > 1986: out, err := exec.Command("ip", args...).CombinedOutput() | |
| 1987: if err != nil { | |
| /home/ryantm/p/replit/goval/pkg/container/runtime/docker/docker.go:1974 | |
| Source of Untrusted Input: [ setupNetwork(...) error ] | |
| 1973: if err != nil { | |
| > 1974: return fmt.Errorf("%q failed: %w: %q", args, err, stderr.String()) | |
| 1975: } | |
| ------------------------------------------------------------------------------ | |
| (CWE-78: OS Command Injection) Danger: possible command injection detected | |
| /home/ryantm/p/replit/goval/pkg/stallwatch/stallwatch.go:112 | |
| Vulnerable Function: [ New(...) (*github.com/replit/goval/pkg/stallwatch.StallWatcher, error ] | |
| 111: | |
| > 112: cmd := exec.Command(exePath, os.Args[1:]...) | |
| 113: cmd.Env = append( | |
| /nix/store/8v5zwymidmry0wd3lhj6zggskzsvqrfk-go-1.20.4/share/go/src/os/proc.go:16 | |
| Source of Untrusted Input: [ <no parent> <no parent - no args>(...) ] | |
| 15: // Args hold the command-line arguments, starting with the program name. | |
| > 16: var Args []string | |
| 17: | |
| ------------------------------------------------------------------------------ | |
| (CWE-22: Path Traversal) Danger: possible path traversal injection detected | |
| /home/ryantm/p/replit/goval/pkg/pid1/service/lsp2/lsp.go:196 | |
| Vulnerable Function: [ startLSP(...) error ] | |
| 195: logFilePath := path.Join(logsPath, "lsp.log") | |
| > 196: logFile, err = os.Create(logFilePath) | |
| 197: if err != nil { | |
| /home/ryantm/p/replit/goval/pkg/pid1/service/lsp2/lsp.go:162 | |
| Source of Untrusted Input: [ startLSP(...) error ] | |
| 161: mergedEnv := env.Merge( | |
| > 162: env.E{Slice: os.Environ()}, | |
| 163: env.E{Map: nixEnv}, | |
| ------------------------------------------------------------------------------ | |
| (CWE-918: Server-Side Request Forgery) Danger: possible SSRF detected | |
| /home/ryantm/p/replit/goval/cmd/shutdown-repls/main.go:133 | |
| Vulnerable Function: [ bulkRemove(...) error ] | |
| 132: client := http.Client{} | |
| > 133: resp, err := client.Do(req) | |
| 134: if err != nil { | |
| /home/ryantm/p/replit/goval/cmd/shutdown-repls/main.go:107 | |
| Source of Untrusted Input: [ readFile(...) ([]string, error ] | |
| 106: for scanner.Scan() { | |
| > 107: lines = append(lines, scanner.Text()) | |
| 108: } | |
| ------------------------------------------------------------------------------ | |
| (CWE-78: OS Command Injection) Danger: possible command injection detected | |
| /home/ryantm/p/replit/goval/cmd/smallbar/exec.go:14 | |
| Vulnerable Function: [ execPty(...) error ] | |
| 13: func execPty(stdout copier, raw bool, cmd ...string) error { | |
| > 14: interpCmd := exec.Command(cmd[0], cmd[1:]...) | |
| 15: | |
| /home/ryantm/p/replit/goval/cmd/smallbar/main.go:90 | |
| Source of Untrusted Input: [ main(...) ] | |
| 89: // then we're in run mode | |
| > 90: args := flag.Args() | |
| 91: running := len(*run) > 0 && len(args) > 0 | |
| ------------------------------------------------------------------------------ | |
| (CWE-78: OS Command Injection) Danger: possible command injection detected | |
| /home/ryantm/p/replit/goval/cmd/smallbar/exec.go:14 | |
| Vulnerable Function: [ execPty(...) error ] | |
| 13: func execPty(stdout copier, raw bool, cmd ...string) error { | |
| > 14: interpCmd := exec.Command(cmd[0], cmd[1:]...) | |
| 15: | |
| /home/ryantm/p/replit/goval/cmd/smallbar/main.go:90 | |
| Source of Untrusted Input: [ main(...) ] | |
| 89: // then we're in run mode | |
| > 90: args := flag.Args() | |
| 91: running := len(*run) > 0 && len(args) > 0 | |
| ------------------------------------------------------------------------------ | |
| (CWE-78: OS Command Injection) Danger: possible command injection detected | |
| /home/ryantm/p/replit/goval/cmd/snap-diff/main.go:121 | |
| Vulnerable Function: [ main(...) ] | |
| 120: | |
| > 121: cmd := exec.Command("diff", "-Naur", "--no-dereference", snapA.Path(), snapB.Path()) | |
| 122: cmd.Dir = snapA.Path() | |
| /home/ryantm/p/replit/goval/cmd/snap-diff/main.go:100 | |
| Source of Untrusted Input: [ main(...) ] | |
| 99: snapA, err := pullSnap( | |
| > 100: context.WithValue(ctx, types.ReplKey, &types.Repl{Id: flag.Arg(0)}), | |
| 101: btrfs, | |
| ------------------------------------------------------------------------------ | |
| Race Complete! Analysis took 10.95286213s and 6538 Go files were scanned (including imported packages) | |
| GoKart found 10 potentially vulnerable functions | |
| Identified 6 potential CWE-78: OS Command Injection | |
| Identified 1 potential CWE-22: Path Traversal | |
| Identified 3 potential CWE-918: Server-Side Request Forgery |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment