gosec

actions/gosec

Fork 0

mirror of https://github.com/securego/gosec.git synced 2024-11-05 19:45:51 +00:00

Commit graph

Author	SHA1	Message	Date
Vladimir Severov	9c19cb6501	Add check for usage of Rat.SetString in math/big with an overflow error (#819 ) * Add check for usage of Rat.SetString in math/big with an overflow error Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. It is the CVE-2022-23772. * Use ContainsPkgCallExpr instead of manual parsing	2022-06-03 00:19:51 +02:00

Author

SHA1

Message

Date

Vladimir Severov

9c19cb6501

Add check for usage of Rat.SetString in math/big with an overflow error (#819 )

* Add check for usage of Rat.SetString in math/big with an overflow error

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7
has an overflow that can lead to Uncontrolled Memory Consumption.

It is the CVE-2022-23772.

* Use ContainsPkgCallExpr instead of manual parsing

2022-06-03 00:19:51 +02:00

1 commit