1090 commits

This branch

This branch

All branches

Author	SHA1	Message	Date
renovate[bot]	1fb6a46eed	chore(deps): update all dependencies	2024-11-04 10:11:47 +01:00
renovate[bot]	d2c92ed7b3	chore(deps): update all dependencies	2024-10-28 09:23:35 +01:00
Cosmin Cojocar	4fd98728a7	Update go version to 1.23.2 and 1.22.8 ... Change-Id: I8f941e97f1ec7b0df2e3efa76f881b85f2a287cc Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-10-22 14:57:16 +02:00
renovate[bot]	1501618b90	chore(deps): update module google.golang.org/api to v0.201.0	2024-10-21 10:44:17 +02:00
renovate[bot]	7d33bc1991	chore(deps): update all dependencies	2024-10-14 08:52:45 +02:00
renovate[bot]	bd8b4b4ece	chore(deps): update all dependencies	2024-10-07 11:06:29 +02:00
Cosmin Cojocar	1216c9b96b	Fix the cosign step to authenticate with the container registry ... Change-Id: I8b5fd63128b7c661c438c9cff9e8a4a3e487712b Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-10-01 17:11:46 +02:00
renovate[bot]	50d1b4ae6b	chore(deps): update module google.golang.org/api to v0.199.0	2024-10-01 16:51:00 +02:00
Cosmin Cojocar	c0ba7c7a74	Update the gosec to v2.21.4 in the Github action ... Change-Id: Idb7fd0b7f7524adf3a87dc06e1fe3935a5593c60 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-26 14:24:09 +02:00
Cosmin Cojocar	a3299ce10c	Add the version into goreleaser config ... Change-Id: Id759cc78f3c8f3c69864311e91dd64cbacb1b958 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-26 14:24:09 +02:00
renovate[bot]	d4617f51ba	chore(deps): update module google.golang.org/api to v0.198.0 (#1233) ... Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-09-23 09:30:44 +02:00
Laurent Demailly	1d23143bee	Prevent panic: unexpected constant value: <nil> (#1232)	2024-09-20 10:58:58 +02:00
Laurent Demailly	6741874d9b	Fix running single analyzer which isn't a rule bug (#1231) ... * Fix running single analyzer which isn't a rule bug * remove uncessary diff (even if it's proper fmt)	2024-09-20 10:56:50 +02:00
Cosmin Cojocar	a83689867d	Update gosec version to v2.21.3 in github action (#1227) ... Change-Id: If12ea73f08ff79b5c53ece6c96454fb99418ced2 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-18 14:10:47 +02:00
Cosmin Cojocar	be8bd6e40b	Populate the fixes only when autofix is not empty (#1226) ... Change-Id: If4de66d1ea0fd5a179808d023fdac677437c6d5a Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-18 13:43:01 +02:00
renovate[bot]	3004932005	chore(deps): update all dependencies (#1223) ... * chore(deps): update all dependencies * Update go.mod * Remove the toolchain directive Change-Id: I2ecbdec86e3eb8a771232f649f6da2273b3026ac Signed-off-by: Cosmin Cojocar <ccojocar@google.com> --------- Signed-off-by: Cosmin Cojocar <ccojocar@google.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Cosmin Cojocar <cosmin@cojocar.ch> Co-authored-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-16 10:42:08 +02:00
czechbol	1f3bdd9349	G115 Struct Attribute Checks (#1221) ... * allow struct attributes checks * fix explicit check results	2024-09-16 10:30:54 +02:00
Cosmin Cojocar	5f3194b581	Update the github action to v2.21.2 (#1218) ... Change-Id: I0b31f470f716e6b0ea1dacae7814075ee9f6d898 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-09 16:20:57 +02:00
Cosmin Cojocar	abfe8cfd6d	Update the SARIF schema URL (#1217) ... Change-Id: I4a19f289ed6c4da8277bcc30be7c905ca13b6898 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-09 15:36:18 +02:00
Cosmin Cojocar	0396179112	Update go version to 1.23.1 and 1.22.7 (#1216) ... Change-Id: I2c5ad3b96a96470ce663de84d767590b842990ac Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-09 15:29:43 +02:00
renovate[bot]	5e53c8b9f7	chore(deps): update all dependencies (#1215) ... * chore(deps): update all dependencies * Update go.mod * Update go.mod --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Cosmin Cojocar <cosmin@cojocar.ch>	2024-09-09 15:20:27 +02:00
Cosmin Cojocar	014751c91c	Update gosec version to v2.21.1 in github action (#1213) ... Change-Id: I0dda98f91eabc1881c55cb886425acf62a000002 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-04 17:22:49 +02:00
Cosmin Cojocar	0ce4453ddd	Rollback the SARIF version to 2.1 since github doesn't support 2.2 (#1210) ... Change-Id: If3500ec2c522339ca0a4e6c1f58574ce3cc870a9 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-04 16:56:15 +02:00
Cosmin Cojocar	ea26e8431f	Update gosec in github action to v2.21.0 (#1208) ... Change-Id: Ia6a5cc01472103d435cd5931aaef98a71a0a89f2 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-04 16:49:35 +02:00
Cosmin Cojocar	b278b40c52	Update cosign version to v2.4.0 in release github workflow (#1207) ... Change-Id: I78b4ad65597f6c10d9cc3113864fd73a25101b25 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-04 16:22:00 +02:00
czechbol	eaedce9a8b	Improvement the int conversion overflow logic to handle bound checks (#1194) ... * add test cases Signed-off-by: czechbol <adamludes@gmail.com> * fix bounds check logic Signed-off-by: czechbol <adamludes@gmail.com> * tweak test cases Signed-off-by: czechbol <adamludes@gmail.com> * fix codestyle Signed-off-by: czechbol <adamludes@gmail.com> * improve bounds check logic Signed-off-by: czechbol <adamludes@gmail.com> * max recursion depth Signed-off-by: czechbol <adamludes@gmail.com> * add test case for len function Signed-off-by: czechbol <adamludes@gmail.com> * relax len function bounds checks Co-authored-by: Ben Krieger <ben.krieger@intel.com> * handle cases when convert instruction is after the if blocks Signed-off-by: czechbol <adamludes@gmail.com> * improve range check discovery, add tests Signed-off-by: czechbol <adamludes@gmail.com> * refactor for readability Signed-off-by: czechbol <adamludes@gmail.com> * add cap function test Signed-off-by: czechbol <adamludes@gmail.com> * calculate signed min without throwing overflow warnings Signed-off-by: czechbol <adamludes@gmail.com> * perform bounds checks int size calculations Signed-off-by: czechbol <adamludes@gmail.com> * basic equal operator logic Signed-off-by: czechbol <adamludes@gmail.com> * uintptr -> unsafe.Pointer test case Signed-off-by: czechbol <adamludes@gmail.com> * fix review comments Signed-off-by: czechbol <adamludes@gmail.com> * Rebase and fix go module Change-Id: I8da6495eaaf25b1739389aa98492bd7df338085b Signed-off-by: Cosmin Cojocar <ccojocar@google.com> * fix false positive for negated value Signed-off-by: czechbol <adamludes@gmail.com> * fix range conditions Signed-off-by: czechbol <adamludes@gmail.com> * Ignore the golangci/gosec G115 warning Change-Id: I0db56cb0a5f9ab6e815e2480ec0b66d7061b23d3 Signed-off-by: Cosmin Cojocar <ccojocar@google.com> --------- Signed-off-by: czechbol <adamludes@gmail.com> Signed-off-by: Cosmin Cojocar <ccojocar@google.com> Co-authored-by: Ben Krieger <ben.krieger@intel.com> Co-authored-by: Cosmin Cojocar <ccojocar@google.com>	2024-09-04 16:09:54 +02:00
William Bergeron-Drouin	ea5b2766bb	fix: G602 support for nested conditionals with bounds check (#1201) ... * Recursive fix * Add some more test cases * Fix formatting * Add depth check	2024-09-04 11:07:42 +02:00
Cosmin Cojocar	11d69032b0	Update go.mod to sue go 1.22.0 toolchain	2024-09-02 09:46:29 +02:00
renovate[bot]	655527dfb4	chore(deps): update all dependencies	2024-09-02 09:46:29 +02:00
Cosmin Cojocar	0898560169	Make variable name more clear ... Change-Id: I5b863c0da6cc3d01efa527c60c93fdcbc8c5a53c Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-08-30 19:35:07 +02:00
Cosmin Cojocar	ac67231ec5	Make variable names more explicity and reduce duplications ... Change-Id: Ifa141b70351136cfe7d0756a83e8166a24b5d538 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-08-30 19:35:07 +02:00
Cosmin Cojocar	e0414c4640	Fix formatting ... Change-Id: I49caeb75f1bd7ecdb9b4f99466d96ad81e2e95ac Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-08-30 19:35:07 +02:00
Cosmin Cojocar	c7003fc7e5	Refactor to reduce some fuctions and variable names ... Change-Id: I7f42c1de4e39dceb8e8144037d5af9223331ff06 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-08-30 19:35:07 +02:00
Cosmin Cojocar	2401936458	Pass the value argument directly since is an interface ... The value doens't require to be passed as a pointer since is a interface. Change-Id: Ia21bceb5f315f4c30bd28425d62f678e9203e93f Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-08-30 19:35:07 +02:00
Dimitar Banchev	f5d312825f	Added suggested changes	2024-08-30 19:35:07 +02:00
Dimitar Banchev	a14ca4ac59	Added another test case in order to increase code coverage	2024-08-30 19:35:07 +02:00
Dimitar Banchev	a6dd589bae	Removed function parameter which is always the same	2024-08-30 19:35:07 +02:00
Dimitar Banchev	b4c746962f	Formatting problems(CI was not passing)	2024-08-30 19:35:07 +02:00
Dimitar Banchev	7f8f654235	Updated analyzer to use new way of initialization ... * Removed old way of initializing analyzers * Added the new analyzer to the rest of the default analyzers * Fixed small bug in the rule * Removed the test for the new analyzer from the file responsible for testing the rules * Merged the diffrent examples into 1 variable * Added tests for the analyzer * Removed code that was used for testing rules, but it was used to test the analyzer	2024-08-30 19:35:07 +02:00
Dimitar Banchev	a26215cf23	Migrated the rule to the analyzers folder	2024-08-30 19:35:07 +02:00
Dimitar Banchev	3f6e1e7326	Refractored code a little bit	2024-08-30 19:35:07 +02:00
Dimitar Banchev	0eb8143c23	Added new rule G407(hardcoded IV/nonce) ... The rule is supposed to detect for the usage of hardcoded or static nonce/Iv in many encryption algorithms: * The different modes of AES (mainly tested here) * It should be able to work with ascon Currently the rules doesn't check when constant variables are used. TODO: Improve the rule, to detected for constatant variable usage	2024-08-30 19:35:07 +02:00
Ben Krieger	4ae73c8ba3	Fix conversion overflow false positive when using ParseUint	2024-08-28 08:58:42 +02:00
Cosmin Cojocar	c52dc0ea4e	Add a build step to measure the scan perfomance ... This step will measure the scan performance difference against the master version. Change-Id: I1b9196ef3348350cf818471f55d9024d14064ac6 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-08-26 19:08:32 +02:00
czechbol	bcec04e784	Fix conversion overflow false positives when they are checked or pre-determined ... Signed-off-by: czechbol <adamludes@gmail.com>	2024-08-26 16:57:12 +02:00
Cosmin Cojocar	71e397b994	Update go.mod	2024-08-26 16:47:36 +02:00
renovate[bot]	aec45b0b7d	chore(deps): update all dependencies	2024-08-26 16:47:36 +02:00
Cosmin Cojocar	ab3f6c1c83	Fix false positive in conversion overflow check from uint8/int8 type ... Change-Id: I543545e22fa12de0d85dcf92664a0a54e8f7244a Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-08-22 09:47:52 +02:00
Cosmin Cojocar	a39ec5a16b	Disable staticcheck SA1019 rule ... Change-Id: Ia9db0083f5ffb34d911b5ca491ef0ce23be979f8 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-08-21 15:00:06 +02:00
Cosmin Cojocar	a1b2ab80af	Update the golangci linters ... Change-Id: I8938d57e9751913f65b4825a44c252b31888f9e8 Signed-off-by: Cosmin Cojocar <ccojocar@google.com>	2024-08-21 15:00:06 +02:00