From ea132d34f5c90ef8c0aa7eab61d426c898970bb2 Mon Sep 17 00:00:00 2001 From: Shlomo Heigh Date: Mon, 4 Nov 2024 15:23:01 -0500 Subject: [PATCH] Ignore Snyk Code issues --- ntlm.go | 2 ++ tds.go | 2 ++ tds_test.go | 2 ++ 3 files changed, 6 insertions(+) diff --git a/ntlm.go b/ntlm.go index 7c0cc4f7..d991e837 100644 --- a/ntlm.go +++ b/ntlm.go @@ -1,3 +1,4 @@ +//go:build !windows // +build !windows package mssql @@ -188,6 +189,7 @@ func clientChallenge() (nonce [8]byte) { func ntlmSessionResponse(clientNonce [8]byte, serverChallenge [8]byte, password string) [24]byte { var sessionHash [16]byte + // deepcode ignore InsecureHash: This is necessary for legacy support h := md5.New() h.Write(serverChallenge[:]) h.Write(clientNonce[:]) diff --git a/tds.go b/tds.go index f70c6dc6..0f1186f1 100644 --- a/tds.go +++ b/tds.go @@ -1132,9 +1132,11 @@ initiate_connection: config.RootCAs = certs } if p.trustServerCertificate { + // deepcode ignore TooPermissiveTrustManager: This is disabled by default config.InsecureSkipVerify = true // #nosec } if p.disableVerifyHostname { + // deepcode ignore TooPermissiveTrustManager: This is disabled by default config.InsecureSkipVerify = true // #nosec } config.ServerName = p.hostInCertificate diff --git a/tds_test.go b/tds_test.go index 6fc7f292..e7ece1b3 100644 --- a/tds_test.go +++ b/tds_test.go @@ -34,6 +34,7 @@ func TestSendLogin(t *testing.T) { OptionFlags3: 8, HostName: "subdev1", UserName: "test", + // file deepcode ignore HardcodedPassword/test: This is a test file Password: "testpwd", AppName: "appname", ServerName: "servername", @@ -72,6 +73,7 @@ func TestSendLogin(t *testing.T) { func TestReadLogin(t *testing.T) { fail := func (name string, expected, actual interface{}) { + // file deepcode ignore ClearTextLogging/test: This is a test file fmt.Println("Expected:", expected) fmt.Println("Returned:", actual) t.Errorf("input output don't match for %s", name)