Cosmin Cojocar
229cf63a09
Remove the decryption funtions/methods from G407 check
...
CI / test (map[go:1.22.9 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.3 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
The nonce in the decryption functions/methods is typically provided and
it should not be randomnly generated.
Change-Id: Id0df0d43aecb2aadb00b9fa901bd060a43a201c5
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-11-26 10:14:30 +01:00
Dave Henderson
9b13cd5ab4
Fix G115 false positive when going from parsed uint to larger int
...
Signed-off-by: Dave Henderson <dhenderson@gmail.com>
2024-11-26 09:36:56 +01:00
Laurent Demailly
1d23143bee
Prevent panic: unexpected constant value: <nil> ( #1232 )
CI / test (map[go:1.22.7 golangci:latest]) (push) Has been cancelled
CI / test (map[go:1.23.1 golangci:latest]) (push) Has been cancelled
Security Scan / build (push) Has been cancelled
CI / coverage (push) Has been cancelled
2024-09-20 10:58:58 +02:00
Laurent Demailly
6741874d9b
Fix running single analyzer which isn't a rule bug ( #1231 )
...
* Fix running single analyzer which isn't a rule bug
* remove uncessary diff (even if it's proper fmt)
2024-09-20 10:56:50 +02:00
czechbol
1f3bdd9349
G115 Struct Attribute Checks ( #1221 )
...
* allow struct attributes checks
* fix explicit check results
2024-09-16 10:30:54 +02:00
czechbol
eaedce9a8b
Improvement the int conversion overflow logic to handle bound checks ( #1194 )
...
* add test cases
Signed-off-by: czechbol <adamludes@gmail.com>
* fix bounds check logic
Signed-off-by: czechbol <adamludes@gmail.com>
* tweak test cases
Signed-off-by: czechbol <adamludes@gmail.com>
* fix codestyle
Signed-off-by: czechbol <adamludes@gmail.com>
* improve bounds check logic
Signed-off-by: czechbol <adamludes@gmail.com>
* max recursion depth
Signed-off-by: czechbol <adamludes@gmail.com>
* add test case for len function
Signed-off-by: czechbol <adamludes@gmail.com>
* relax len function bounds checks
Co-authored-by: Ben Krieger <ben.krieger@intel.com>
* handle cases when convert instruction is after the if blocks
Signed-off-by: czechbol <adamludes@gmail.com>
* improve range check discovery, add tests
Signed-off-by: czechbol <adamludes@gmail.com>
* refactor for readability
Signed-off-by: czechbol <adamludes@gmail.com>
* add cap function test
Signed-off-by: czechbol <adamludes@gmail.com>
* calculate signed min without throwing overflow warnings
Signed-off-by: czechbol <adamludes@gmail.com>
* perform bounds checks int size calculations
Signed-off-by: czechbol <adamludes@gmail.com>
* basic equal operator logic
Signed-off-by: czechbol <adamludes@gmail.com>
* uintptr -> unsafe.Pointer test case
Signed-off-by: czechbol <adamludes@gmail.com>
* fix review comments
Signed-off-by: czechbol <adamludes@gmail.com>
* Rebase and fix go module
Change-Id: I8da6495eaaf25b1739389aa98492bd7df338085b
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
* fix false positive for negated value
Signed-off-by: czechbol <adamludes@gmail.com>
* fix range conditions
Signed-off-by: czechbol <adamludes@gmail.com>
* Ignore the golangci/gosec G115 warning
Change-Id: I0db56cb0a5f9ab6e815e2480ec0b66d7061b23d3
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
---------
Signed-off-by: czechbol <adamludes@gmail.com>
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
Co-authored-by: Ben Krieger <ben.krieger@intel.com>
Co-authored-by: Cosmin Cojocar <ccojocar@google.com>
2024-09-04 16:09:54 +02:00
William Bergeron-Drouin
ea5b2766bb
fix: G602 support for nested conditionals with bounds check ( #1201 )
...
* Recursive fix
* Add some more test cases
* Fix formatting
* Add depth check
2024-09-04 11:07:42 +02:00
Cosmin Cojocar
0898560169
Make variable name more clear
...
Change-Id: I5b863c0da6cc3d01efa527c60c93fdcbc8c5a53c
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-08-30 19:35:07 +02:00
Cosmin Cojocar
ac67231ec5
Make variable names more explicity and reduce duplications
...
Change-Id: Ifa141b70351136cfe7d0756a83e8166a24b5d538
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-08-30 19:35:07 +02:00
Cosmin Cojocar
e0414c4640
Fix formatting
...
Change-Id: I49caeb75f1bd7ecdb9b4f99466d96ad81e2e95ac
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-08-30 19:35:07 +02:00
Cosmin Cojocar
c7003fc7e5
Refactor to reduce some fuctions and variable names
...
Change-Id: I7f42c1de4e39dceb8e8144037d5af9223331ff06
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-08-30 19:35:07 +02:00
Cosmin Cojocar
2401936458
Pass the value argument directly since is an interface
...
The value doens't require to be passed as a pointer since is a
interface.
Change-Id: Ia21bceb5f315f4c30bd28425d62f678e9203e93f
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-08-30 19:35:07 +02:00
Dimitar Banchev
f5d312825f
Added suggested changes
2024-08-30 19:35:07 +02:00
Dimitar Banchev
a6dd589bae
Removed function parameter which is always the same
2024-08-30 19:35:07 +02:00
Dimitar Banchev
b4c746962f
Formatting problems(CI was not passing)
2024-08-30 19:35:07 +02:00
Dimitar Banchev
7f8f654235
Updated analyzer to use new way of initialization
...
* Removed old way of initializing analyzers
* Added the new analyzer to the rest of the default analyzers
* Fixed small bug in the rule
* Removed the test for the new analyzer from the file responsible for testing the rules
* Merged the diffrent examples into 1 variable
* Added tests for the analyzer
* Removed code that was used for testing rules, but it was used to test the analyzer
2024-08-30 19:35:07 +02:00
Dimitar Banchev
a26215cf23
Migrated the rule to the analyzers folder
2024-08-30 19:35:07 +02:00
Ben Krieger
4ae73c8ba3
Fix conversion overflow false positive when using ParseUint
2024-08-28 08:58:42 +02:00
czechbol
bcec04e784
Fix conversion overflow false positives when they are checked or pre-determined
...
Signed-off-by: czechbol <adamludes@gmail.com>
2024-08-26 16:57:12 +02:00
Cosmin Cojocar
ab3f6c1c83
Fix false positive in conversion overflow check from uint8/int8 type
...
Change-Id: I543545e22fa12de0d85dcf92664a0a54e8f7244a
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
2024-08-22 09:47:52 +02:00
Rahul Gadi
81cda2f91f
Allow excluding analyzers globally ( #1180 )
...
* This change does not exclude analyzers for inline comment
* Changed the expected issues count for G103, G109 samples for test. Previously G115 has been included in the issue count
* Show analyzers IDs(G115, G602) in gosec usage help
* See #1175
2024-08-20 10:43:40 +02:00
Alex Gartner
08b94f9392
Resolve underlying type to detect overflows in type aliases
2024-07-20 10:06:43 +02:00
Cosmin Cojocar
81b076f53d
Format imports
...
Signed-off-by: Cosmin Cojocar <cosmin@cojocar.ch>
2024-05-27 13:03:01 +02:00
Cosmin Cojocar
4bf5667f66
Add a new rule to detect integer overflow on integer types conversion
...
Signed-off-by: Cosmin Cojocar <cosmin@cojocar.ch>
2024-05-27 13:03:01 +02:00
Cosmin Cojocar
f338a98bf3
Restrict the maximum depth when tracking the slice bounds
...
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-10-13 10:03:27 +02:00
Cosmin Cojocar
293d887525
Fix lint warnings
...
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-09-20 10:19:51 +02:00
Cosmin Cojocar
e02e2f6d5b
Redesign and reimplement the slice out of bounds check using SSA code representation
...
Signed-off-by: Cosmin Cojocar <gcojocar@adobe.com>
2023-09-20 10:19:51 +02:00
Oleksandr Redko
1f689968ec
Fix typos in comments, vars and tests
2023-05-30 08:26:41 +02:00
Matthieu MOREL
d6aeaad931
correct gci linter ( #946 )
...
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
2023-03-30 09:31:24 +02:00
Cosmin Cojocar
4340efaa9a
Format file
2023-02-16 09:45:28 +01:00
Cosmin Cojocar
f850069114
Use the gosec issue in the go analysers
2023-02-16 09:45:28 +01:00
Cosmin Cojocar
31e63276f1
Add support for Go analysis framework and SSA code representation
2023-02-16 09:45:28 +01:00