mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 03:55:54 +00:00
Fix false positive in conversion overflow check from uint8/int8 type
Change-Id: I543545e22fa12de0d85dcf92664a0a54e8f7244a Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
This commit is contained in:
parent
a39ec5a16b
commit
ab3f6c1c83
2 changed files with 31 additions and 1 deletions
|
@ -76,7 +76,7 @@ type integer struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func parseIntType(intType string) (integer, error) {
|
func parseIntType(intType string) (integer, error) {
|
||||||
re := regexp.MustCompile(`(?P<type>u?int)(?P<size>\d{2})?`)
|
re := regexp.MustCompile(`(?P<type>u?int)(?P<size>\d{1,2})?`)
|
||||||
matches := re.FindStringSubmatch(intType)
|
matches := re.FindStringSubmatch(intType)
|
||||||
if matches == nil {
|
if matches == nil {
|
||||||
return integer{}, fmt.Errorf("no integer type match found for %s", intType)
|
return integer{}, fmt.Errorf("no integer type match found for %s", intType)
|
||||||
|
|
|
@ -235,4 +235,34 @@ func main() {
|
||||||
}
|
}
|
||||||
`,
|
`,
|
||||||
}, 1, gosec.NewConfig()},
|
}, 1, gosec.NewConfig()},
|
||||||
|
{[]string{
|
||||||
|
`
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
a := "A\xFF"
|
||||||
|
b := int64(a[0])
|
||||||
|
fmt.Printf("%d\n", b)
|
||||||
|
}
|
||||||
|
`,
|
||||||
|
}, 0, gosec.NewConfig()},
|
||||||
|
{[]string{
|
||||||
|
`
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
var a uint8 = 13
|
||||||
|
b := int(a)
|
||||||
|
fmt.Printf("%d\n", b)
|
||||||
|
}
|
||||||
|
`,
|
||||||
|
}, 0, gosec.NewConfig()},
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue