Merge pull request #44 from cyberark/fix-snyk

Ignore Snyk Code issues
cyberark · Nov 4, 2024 · cb51ba1 · cb51ba1
2 parents 1a872cf + 29fe03a
commit cb51ba1
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 3 deletions.
diff --git a/ntlm.go b/ntlm.go
@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package mssql
@@ -188,6 +189,7 @@ func clientChallenge() (nonce [8]byte) {
 
 func ntlmSessionResponse(clientNonce [8]byte, serverChallenge [8]byte, password string) [24]byte {
 	var sessionHash [16]byte
+	// deepcode ignore InsecureHash: This is necessary for legacy support
 	h := md5.New()
 	h.Write(serverChallenge[:])
 	h.Write(clientNonce[:])

diff --git a/tds.go b/tds.go
@@ -8,7 +8,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
+	"os"
 	"net"
 	"sort"
 	"strconv"
@@ -257,7 +257,7 @@ func readPreloginWithPacketType(
 	if err != nil {
 		return nil, err
 	}
-	struct_buf, err := ioutil.ReadAll(r)
+	struct_buf, err := io.ReadAll(r)
 	if err != nil {
 		return nil, err
 	}
@@ -1119,7 +1119,7 @@ initiate_connection:
 	if encrypt != EncryptNotSup {
 		var config tls.Config
 		if p.certificate != "" {
-			pem, err := ioutil.ReadFile(p.certificate)
+			pem, err := os.ReadFile(p.certificate)
 			if err != nil {
 				return nil, fmt.Errorf("Cannot read certificate %q: %v", p.certificate, err)
 			}
@@ -1132,9 +1132,11 @@ initiate_connection:
 			config.RootCAs = certs
 		}
 		if p.trustServerCertificate {
+			// deepcode ignore TooPermissiveTrustManager: This is disabled by default
 			config.InsecureSkipVerify = true // #nosec
 		}
 		if p.disableVerifyHostname {
+			// deepcode ignore TooPermissiveTrustManager: This is disabled by default
 			config.InsecureSkipVerify = true // #nosec
 		}
 		config.ServerName = p.hostInCertificate

diff --git a/tds_test.go b/tds_test.go
@@ -34,6 +34,7 @@ func TestSendLogin(t *testing.T) {
 		OptionFlags3:   8,
 		HostName:       "subdev1",
 		UserName:       "test",
+		// file deepcode ignore HardcodedPassword/test: This is a test file
 		Password:       "testpwd",
 		AppName:        "appname",
 		ServerName:     "servername",
@@ -72,6 +73,7 @@ func TestSendLogin(t *testing.T) {
 
 func TestReadLogin(t *testing.T) {
 	fail := func (name string, expected, actual interface{}) {
+		// file deepcode ignore ClearTextLogging/test: This is a test file
 		fmt.Println("Expected:", expected)
 		fmt.Println("Returned:", actual)
 		t.Errorf("input output don't match for %s", name)