Add scans with Semgrep

tests/semgrep/go/gorilla/security/audit/handler-assignment-from-multiple-sources.yaml

@@ -0,0 +1,57 @@
+rules:
+  - id: handler-assignment-from-multiple-sources
+    metadata:
+      cwe: "CWE-289: Authentication Bypass by Alternate Name"
+      owasp: "A2: Broken Authentication"
+      owaspapi: "API1: Broken Object Level Authorization"
+      category: security
+      technology:
+        - gorilla
+      confidence: MEDIUM
+    patterns:
+      - pattern-inside: |
+          func $HANDLER(..., $R *http.Request, ...) {
+            ...
+          }
+      - pattern-not: |
+          $VAR = true
+          ...
+          $VAR = false
+      - pattern-not: |
+          $VAR = false
+          ...
+          $VAR = true
+      - pattern-not: |
+          $VAR = $X
+          ...
+          $VAR = $X
+      - pattern-not: |
+          $VAR = $X
+          ...
+          $VAR = $Z(..., $VAR, ...)
+      - pattern-not: |
+          $VAR = $X
+          ...
+          $VAR = $Z($W(..., $VAR, ...))
+      - pattern-not: |
+          $VAR = $X
+          ...
+          $VAR = $VAR[:$Z(..., $VAR, ...)]
+      - pattern-not: |
+          $VAR = $X
+          ...
+          $VAR = $VAR[$Z(..., $VAR, ...):]
+      - pattern-not: |
+          $VAR = $X
+          ...
+          $VAR = $VAR[$Z(..., $VAR, ...)]
+      - pattern: |
+          $VAR = $X
+          ...
+          $VAR = $Y
+    message:
+      "Variable $VAR is assigned from two different sources: '$X' and '$Y'. Make\
+      \ sure this is intended, as this could cause logic bugs if they are treated as\
+      \ they are the same object."
+    languages: [go]
+    severity: WARNING