vulndb/govulncheck: use GOOS/GOARCH env vars for target analysis This allows to correctly filter vulnerabilities for the analysis beyond the host platform. Change-Id: I57003d4ccf77cde6a1064ec9c28c6fc31ae48d5d Reviewed-on: https://go-review.googlesource.com/c/exp/+/366374 Trust: Hyang-Ah Hana Kim <hyangah@gmail.com> Run-TryBot: Hyang-Ah Hana Kim <hyangah@gmail.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>

commit: 8a230f1f7d7a4905d4551b473275e86e2aadfe86 [log] [tgz]
author: Hana <hyangah@gmail.com> Mon Nov 22 21:26:54 2021 -0500
committer: Hyang-Ah Hana Kim <hyangah@gmail.com> Mon Nov 29 23:41:52 2021 +0000
tree: 318b5ede1f41fb885c4b9f93e4d4dfda88a5f6ca
parent: 48cbe7f80d7c812b3382c9ada6a8cbb493da97be [diff]
diff --git a/vulndb/govulncheck/main.go b/vulndb/govulncheck/main.go
index a36d1da..d94dc75 100644
--- a/vulndb/govulncheck/main.go
+++ b/vulndb/govulncheck/main.go

@@ -204,7 +204,7 @@
 		if err != nil {
 			return nil, fmt.Errorf("failed to load vulnerability dbs: %v", err)
 		}
-		vulns = vulns.Filter(runtime.GOOS, runtime.GOARCH)
+		vulns = vulns.Filter(lookupEnv("GOOS", runtime.GOOS), lookupEnv("GOARCH", runtime.GOARCH))
 
 		results := audit.VulnerablePackageSymbols(symbols, vulns)
 		return &results, nil
@@ -261,3 +261,10 @@
 	}
 	return &results, nil
 }
+
+func lookupEnv(key string, defaultValue string) (value string) {
+	if v, ok := os.LookupEnv(key); ok {
+		return v
+	}
+	return defaultValue
+}
commit	8a230f1f7d7a4905d4551b473275e86e2aadfe86	[log] [tgz]
author	Hana <hyangah@gmail.com>	Mon Nov 22 21:26:54 2021 -0500
committer	Hyang-Ah Hana Kim <hyangah@gmail.com>	Mon Nov 29 23:41:52 2021 +0000
tree	318b5ede1f41fb885c4b9f93e4d4dfda88a5f6ca
parent	48cbe7f80d7c812b3382c9ada6a8cbb493da97be [diff]