remove G113. It only affects old/unsupported versions of Go (#1328)

* don't warn on G113 (big.Rat SetString) if on an unaffected version of Go Newer versions of go (>=1.16.14, >=1.17.7, 1.18+) are not affected by this. Don't warn at all on those newer versions. See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23772 * alert on all known versions Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com> * remove G113 CVE-2022-23772 which only affects old/unsupport Go versions * Retire rule * gofmt --------- Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com>
2025-06-14 23:45:03 +02:00 · 2025-04-03 09:44:20 -05:00
parent 5fd2a37044
commit 1336dc6820
7 changed files with 35 additions and 79 deletions
--- a/rules/rules_test.go
+++ b/rules/rules_test.go
@ -103,10 +103,6 @@ var _ = Describe("gosec rules", func() {
 			runner("G112", testutils.SampleCodeG112)
 		})

-		It("should detect potential uncontrolled memory consumption in Rat.SetString", func() {
-			runner("G113", testutils.SampleCodeG113)
-		})
-
 		It("should detect uses of net/http serve functions that have no support for setting timeouts", func() {
 			runner("G114", testutils.SampleCodeG114)
 		})