From ae6d5cb609e85a55eaae277f7e6ef80dfbafa1a7 Mon Sep 17 00:00:00 2001 From: Andrea Brancaleoni Date: Fri, 3 May 2024 14:41:14 +0200 Subject: [PATCH] New rule: internal-digest-call --- assets/semgrep_rules/services/internal-digest-call.py | 3 +++ assets/semgrep_rules/services/internal-digest-call.yaml | 9 +++++++++ 2 files changed, 12 insertions(+) create mode 100644 assets/semgrep_rules/services/internal-digest-call.py create mode 100644 assets/semgrep_rules/services/internal-digest-call.yaml diff --git a/assets/semgrep_rules/services/internal-digest-call.py b/assets/semgrep_rules/services/internal-digest-call.py new file mode 100644 index 00000000..fa2fe619 --- /dev/null +++ b/assets/semgrep_rules/services/internal-digest-call.py @@ -0,0 +1,3 @@ +def signature(**kwargs): + # ruleid: internal-digest-call + sig = _INTERNAL_DIGEST_NEVER_CALL_DIRECTLY(kwargs) diff --git a/assets/semgrep_rules/services/internal-digest-call.yaml b/assets/semgrep_rules/services/internal-digest-call.yaml new file mode 100644 index 00000000..742fbc66 --- /dev/null +++ b/assets/semgrep_rules/services/internal-digest-call.yaml @@ -0,0 +1,9 @@ +rules: + - id: internal-digest-call + pattern-regex: _INTERNAL_DIGEST_NEVER_CALL_DIRECTLY + message: Internal Digest Direct Call, never call this directly + languages: + - python + severity: WARNING + metadata: + source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/internal-digest-call.yaml