patterns

package
v0.0.0-...-fee3e51 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 16, 2025 License: AGPL-3.0 Imports: 7 Imported by: 0

Documentation

Overview

Package patterns provides security and framework pattern detection.

This package handles:

  • Security pattern matching (SQL injection, XSS, etc.)
  • Framework detection (Django, Flask, FastAPI)
  • Code quality pattern detection

Pattern Matching 

registry := patterns.NewPatternRegistry()
registry.AddPattern(&patterns.Pattern{
    ID:         "SQL-INJECTION-001",
    Name:       "SQL Injection",
    Type:       patterns.PatternTypeMissingSanitizer,
    Sources:    []string{"request.GET", "request.POST"},
    Sinks:      []string{"execute", "executemany"},
    Sanitizers: []string{"escape_sql"},
})

match := registry.MatchPattern(pattern, callGraph)
if match.Matched {
    fmt.Printf("Found vulnerability: %s -> %s\n",
        match.SourceFQN, match.SinkFQN)
}

Framework Detection 

framework := patterns.DetectFramework(importMap)
if framework != nil {
    fmt.Printf("Using %s (%s)\n",
        framework.Name, framework.Category)
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetFrameworkCategory 

func GetFrameworkCategory(importPath string) string

GetFrameworkCategory returns the category of a framework given its import path. Returns empty string if not a known framework.

func GetFrameworkName 

func GetFrameworkName(importPath string) string

GetFrameworkName returns the name of a framework given its import path. Returns empty string if not a known framework.

func IsKnownFramework 

func IsKnownFramework(importPath string) bool

IsKnownFramework checks if import path is a known framework. This is a convenience wrapper around core.IsKnownFramework.

Types

type Framework 

type Framework struct {
	Name     string
	Version  string
	Category string
}

Framework represents a detected framework.

func DetectFramework 

func DetectFramework(importMap *core.ImportMap) *Framework

DetectFramework detects which framework is used based on imports. Returns the first detected framework or nil if none found.

type Pattern 

type Pattern struct {
	ID          string      // Unique identifier (e.g., "SQL-INJECTION-001")
	Name        string      // Human-readable name
	Description string      // What this pattern detects
	Type        PatternType // Pattern category
	Severity    Severity    // Risk level

	// Sources are function names that introduce tainted data
	Sources []string

	// Sinks are function names that consume tainted data dangerously
	Sinks []string

	// Sanitizers are function names that clean tainted data
	Sanitizers []string

	// DangerousFunctions for PatternTypeDangerousFunction
	DangerousFunctions []string

	CWE   string // Common Weakness Enumeration
	OWASP string // OWASP Top 10 category
}

Pattern represents a security pattern to detect in the call graph.

type PatternMatchDetails 

type PatternMatchDetails struct {
	Matched           bool
	IsIntraProcedural bool     // true if source and sink are in the same function
	SourceFQN         string   // Fully qualified name of function containing the source call
	SourceCall        string   // The actual dangerous call (e.g., "input", "request.GET")
	SinkFQN           string   // Fully qualified name of function containing the sink call
	SinkCall          string   // The actual dangerous call (e.g., "eval", "exec")
	DataFlowPath      []string // Complete path from source to sink
}

PatternMatchDetails contains detailed information about a pattern match.

type PatternRegistry 

type PatternRegistry struct {
	Patterns       map[string]*Pattern        // Pattern ID -> Pattern
	PatternsByType map[PatternType][]*Pattern // Type -> Patterns
}

PatternRegistry manages security patterns.

func NewPatternRegistry 

func NewPatternRegistry() *PatternRegistry

NewPatternRegistry creates a new pattern registry.

func (*PatternRegistry) AddPattern 

func (pr *PatternRegistry) AddPattern(pattern *Pattern)

AddPattern registers a pattern in the registry.

func (*PatternRegistry) GetPattern 

func (pr *PatternRegistry) GetPattern(id string) (*Pattern, bool)

GetPattern retrieves a pattern by ID.

func (*PatternRegistry) GetPatternsByType 

func (pr *PatternRegistry) GetPatternsByType(patternType PatternType) []*Pattern

GetPatternsByType retrieves all patterns of a specific type.

func (*PatternRegistry) LoadDefaultPatterns 

func (pr *PatternRegistry) LoadDefaultPatterns()

LoadDefaultPatterns loads the hardcoded example pattern. Additional patterns will be loaded from queries in future PRs.

func (*PatternRegistry) MatchPattern 

func (pr *PatternRegistry) MatchPattern(pattern *Pattern, callGraph *core.CallGraph) *PatternMatchDetails

MatchPattern checks if a call graph matches a pattern. Returns detailed match information if a vulnerability is found.

type PatternType 

type PatternType string

PatternType categorizes security patterns for analysis. 

const (
	// PatternTypeSourceSink detects tainted data flow from source to sink.
	PatternTypeSourceSink PatternType = "source-sink"

	// PatternTypeMissingSanitizer detects missing sanitization between source and sink.
	PatternTypeMissingSanitizer PatternType = "missing-sanitizer"

	// PatternTypeDangerousFunction detects calls to dangerous functions.
	PatternTypeDangerousFunction PatternType = "dangerous-function"
)

type Severity 

type Severity string

Severity indicates the risk level of a security pattern match. 

const (
	SeverityCritical Severity = "critical"
	SeverityHigh     Severity = "high"
	SeverityMedium   Severity = "medium"
	SeverityLow      Severity = "low"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.