From ab3f6c1c83a0c80fcb8c95838de10cc3cf0d8ba2 Mon Sep 17 00:00:00 2001
From: Cosmin Cojocar <ccojocar@google.com>
Date: Thu, 22 Aug 2024 07:41:27 +0000
Subject: [PATCH] Fix false positive in conversion overflow check from
 uint8/int8 type

Change-Id: I543545e22fa12de0d85dcf92664a0a54e8f7244a
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
---
 analyzers/conversion_overflow.go |  2 +-
 testutils/g115_samples.go        | 30 ++++++++++++++++++++++++++++++
 2 files changed, 31 insertions(+), 1 deletion(-)

diff --git a/analyzers/conversion_overflow.go b/analyzers/conversion_overflow.go
index 11cfaf5..c5d6a59 100644
--- a/analyzers/conversion_overflow.go
+++ b/analyzers/conversion_overflow.go
@@ -76,7 +76,7 @@ type integer struct {
 }
 
 func parseIntType(intType string) (integer, error) {
-	re := regexp.MustCompile(`(?P<type>u?int)(?P<size>\d{2})?`)
+	re := regexp.MustCompile(`(?P<type>u?int)(?P<size>\d{1,2})?`)
 	matches := re.FindStringSubmatch(intType)
 	if matches == nil {
 		return integer{}, fmt.Errorf("no integer type match found for %s", intType)
diff --git a/testutils/g115_samples.go b/testutils/g115_samples.go
index 29f992f..b8d1099 100644
--- a/testutils/g115_samples.go
+++ b/testutils/g115_samples.go
@@ -235,4 +235,34 @@ func main() {
 }
 	`,
 	}, 1, gosec.NewConfig()},
+	{[]string{
+		`
+package main
+
+import (
+        "fmt"
+)
+
+func main() {
+        a := "A\xFF"
+        b := int64(a[0])
+        fmt.Printf("%d\n", b)
+}
+	`,
+	}, 0, gosec.NewConfig()},
+	{[]string{
+		`
+package main
+
+import (
+        "fmt"
+)
+
+func main() {
+        var a uint8 = 13
+        b := int(a)
+        fmt.Printf("%d\n", b)
+}
+	`,
+	}, 0, gosec.NewConfig()},
 }