Fix multiple linter warnings

AikidoSec · Jan 27, 2025 · eb7c4d9 · eb7c4d9
1 parent cca4971
commit eb7c4d9
Show file tree

Hide file tree

Showing 12 changed files with 37 additions and 39 deletions.
diff --git a/Makefile b/Makefile
@@ -8,6 +8,10 @@ test:
 
 .PHONY: lint
 lint:
+	cargo clippy 
+
+.PHONY: format
+format:
 	cargo fmt
 
 .PHONY: smoketest

diff --git a/src/ffi_bindings/mod.rs b/src/ffi_bindings/mod.rs
@@ -12,7 +12,7 @@ pub unsafe extern "C" fn detect_shell_injection(
     userinput: *const c_char,
 ) -> c_int {
     // Returns an integer value, representing a boolean (1 = true, 0 = false, 2 = error)
-    return panic::catch_unwind(|| {
+    panic::catch_unwind(|| {
         // Check if the pointers are null
         if command.is_null() || userinput.is_null() {
             return 2;
@@ -28,9 +28,9 @@ pub unsafe extern "C" fn detect_shell_injection(
             return 1;
         }
 
-        return 0;
+        0
     })
-    .unwrap_or(2);
+    .unwrap_or(2)
 }
 
 #[no_mangle]
@@ -40,7 +40,7 @@ pub unsafe extern "C" fn detect_sql_injection(
     dialect: c_int,
 ) -> c_int {
     // Returns an integer value, representing a boolean (1 = true, 0 = false, 2 = error)
-    return panic::catch_unwind(|| {
+    panic::catch_unwind(|| {
         // Check if the pointers are null
         if query.is_null() || userinput.is_null() {
             return 2;
@@ -56,9 +56,9 @@ pub unsafe extern "C" fn detect_sql_injection(
             return 1;
         }
 
-        return 0;
+        0
     })
-    .unwrap_or(2);
+    .unwrap_or(2)
 }
 
 #[no_mangle]
@@ -68,7 +68,7 @@ pub unsafe extern "C" fn detect_js_injection(
     sourcetype: c_int,
 ) -> c_int {
     // Returns an integer value, representing a boolean (1 = true, 0 = false, 2 = error)
-    return panic::catch_unwind(|| {
+    panic::catch_unwind(|| {
         // Check if the pointers are null
         if code.is_null() || userinput.is_null() {
             return 2;
@@ -84,7 +84,7 @@ pub unsafe extern "C" fn detect_js_injection(
             return 1;
         }
 
-        return 0;
+        0
     })
-    .unwrap_or(2);
+    .unwrap_or(2)
 }
diff --git a/src/js_injection/detect_js_injection.rs b/src/js_injection/detect_js_injection.rs
@@ -30,14 +30,14 @@ pub fn detect_js_injection_str(code: &str, userinput: &str, sourcetype: i32) ->
         return false;
     }
 
-    let parser_result = Parser::new(&allocator, &code, source_type)
+    let parser_result = Parser::new(&allocator, code, source_type)
         .with_options(ParseOptions {
             allow_return_outside_function: true,
             ..ParseOptions::default()
         })
         .parse();
 
-    if parser_result.panicked || parser_result.errors.len() > 0 {
+    if parser_result.panicked || !parser_result.errors.is_empty() {
         return false;
     }
 
@@ -51,7 +51,7 @@ pub fn detect_js_injection_str(code: &str, userinput: &str, sourcetype: i32) ->
         })
         .parse();
 
-    if parser_result_without_input.panicked || parser_result_without_input.errors.len() > 0 {
+    if parser_result_without_input.panicked || !parser_result_without_input.errors.is_empty() {
         // Try to parse by replacing the user input with a empty string.
         code_without_input = code.replace(userinput, "");
 
@@ -62,7 +62,7 @@ pub fn detect_js_injection_str(code: &str, userinput: &str, sourcetype: i32) ->
             })
             .parse();
 
-        if parser_result_without_input.panicked || parser_result_without_input.errors.len() > 0 {
+        if parser_result_without_input.panicked || !parser_result_without_input.errors.is_empty() {
             return false;
         }
     }
@@ -83,5 +83,5 @@ pub fn detect_js_injection_str(code: &str, userinput: &str, sourcetype: i32) ->
         return true;
     }
 
-    return false;
+    false
 }
diff --git a/src/js_injection/have_comments_changed.rs b/src/js_injection/have_comments_changed.rs
@@ -21,5 +21,5 @@ pub fn have_comments_changed(comments1: &Vec<Comment>, comments2: &Vec<Comment>)
         }
     }
 
-    return false;
+    false
 }
diff --git a/src/js_injection/have_statements_changed.rs b/src/js_injection/have_statements_changed.rs
@@ -16,7 +16,7 @@ pub fn have_statements_changed(
         return true;
     }
 
-    return false;
+    false
 }
 
 fn get_ast_kind_tokens<'a>(
@@ -26,8 +26,8 @@ fn get_ast_kind_tokens<'a>(
     let mut ast_pass = ASTPass {
         tokens: Vec::new_in(allocator),
     };
-    ast_pass.visit_program(&program);
-    return ast_pass.tokens;
+    ast_pass.visit_program(program);
+    ast_pass.tokens
 }
 
 struct ASTPass<'a> {

diff --git a/src/js_injection/is_safe_js_input.rs b/src/js_injection/is_safe_js_input.rs
@@ -15,14 +15,14 @@ const SAFE_OPERATORS: [BinaryOperator; 6] = [
 ];
 
 pub fn is_safe_js_input(user_input: &str, allocator: &Allocator, source_type: SourceType) -> bool {
-    let parser_result = Parser::new(&allocator, &user_input, source_type)
+    let parser_result = Parser::new(allocator, user_input, source_type)
         .with_options(ParseOptions {
             allow_return_outside_function: true,
             ..ParseOptions::default()
         })
         .parse();
 
-    if parser_result.panicked || parser_result.errors.len() > 0 {
+    if parser_result.panicked || !parser_result.errors.is_empty() {
         return false;
     }
 
@@ -31,7 +31,7 @@ pub fn is_safe_js_input(user_input: &str, allocator: &Allocator, source_type: So
     };
     ast_pass.visit_program(&parser_result.program);
 
-    return ast_pass.contains_only_safe_tokens;
+    ast_pass.contains_only_safe_tokens
 }
 
 struct ASTPass {

diff --git a/src/shell_injection/is_safely_encapsulated.rs b/src/shell_injection/is_safely_encapsulated.rs
@@ -40,13 +40,12 @@ pub fn is_safely_encapsulated(command: &str, user_input: &str) -> bool {
         }
 
         // Check for dangerous characters inside double quotes
-        if char_before_user_input == Some('"') {
-            if user_input
+        if char_before_user_input == Some('"')
+            && user_input
                 .chars()
                 .any(|c| DANGEROUS_CHARS_INSIDE_DOUBLE_QUOTES.contains(&c.to_string().as_str()))
-            {
-                return false;
-            }
+        {
+            return false;
         }
     }
 

diff --git a/src/sql_injection/detect_sql_injection.rs b/src/sql_injection/detect_sql_injection.rs
@@ -20,7 +20,7 @@ pub fn detect_sql_injection_str(query: &str, userinput: &str, dialect: i32) -> b
 
     // Tokenize query :
     let tokens = tokenize_query(query, dialect);
-    if tokens.len() == 0 {
+    if tokens.is_empty() {
         // Tokens are empty, probably a parsing issue with original query, return false.
         return false;
     }
@@ -52,5 +52,5 @@ pub fn detect_sql_injection_str(query: &str, userinput: &str, dialect: i32) -> b
         return true;
     }
 
-    return false;
+    false
 }
diff --git a/src/sql_injection/filter_for_comment_tokens.rs b/src/sql_injection/filter_for_comment_tokens.rs
@@ -22,5 +22,5 @@ pub fn filter_for_comment_tokens(tokens: Vec<Token>) -> Vec<Whitespace> {
             }
         }
     }
-    return comments_vector;
+    comments_vector
 }
diff --git a/src/sql_injection/have_comments_changed.rs b/src/sql_injection/have_comments_changed.rs
@@ -34,7 +34,7 @@ pub fn have_comments_changed(tokens1: Vec<Token>, tokens2: Vec<Token>) -> bool {
         }
     }
 
-    return false;
+    false
 }
 
 /* Optimalization to keep in mind : We only check length of comments since in case of attack
@@ -59,7 +59,7 @@ fn comment_token_differs_from_singleline(
         return false;
     }
 
-    return true; // means this is another type
+    true // means this is another type
 }
 
 /* Optimalization to keep in mind : We only check length of comments since in case of attack
@@ -70,5 +70,5 @@ fn comment_token_differs_from_multiline(comment1: String, comment_token2: Whites
         // The length of both comments are not the same -> Strucutre is altered.
         return comment2.len().abs_diff(comment1.len()) != 0;
     }
-    return true; // So if it's a singleline whitespace for example.
+    true // So if it's a singleline whitespace for example.
 }
diff --git a/src/sql_injection/is_common_sql_string.rs b/src/sql_injection/is_common_sql_string.rs
@@ -62,5 +62,5 @@ pub fn is_common_sql_string(user_input: &str) -> bool {
         return true;
     }
 
-    return false;
+    false
 }
diff --git a/src/sql_injection/tokenize_query.rs b/src/sql_injection/tokenize_query.rs
@@ -10,10 +10,5 @@ pub fn tokenize_query(sql: &str, dialect: i32) -> Vec<Token> {
     the escaping" ~ https://github.com/sqlparser-rs/sqlparser-rs/blob/main/src/tokenizer.rs#L591-L620
     */
     let mut tokenizer = Tokenizer::new(dialect.as_ref(), sql).with_unescape(false);
-    match tokenizer.tokenize() {
-        Ok(tokens) => tokens, // Return the tokens if successful
-        Err(_e) => {
-            Vec::new() // Return empty vector if unsuccessfull.
-        }
-    }
+    tokenizer.tokenize().unwrap_or_default()
 }
-Original file line number
+Diff line change
@@ Expand Up @@
             }
         }
-        return false;
+        false
     }