remove G113. It only affects old/unsupported versions of Go (#1328)

* don't warn on G113 (big.Rat SetString) if on an unaffected version of Go Newer versions of go (>=1.16.14, >=1.17.7, 1.18+) are not affected by this. Don't warn at all on those newer versions. See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23772 * alert on all known versions Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com> * remove G113 CVE-2022-23772 which only affects old/unsupport Go versions * Retire rule * gofmt --------- Co-authored-by: ccoVeille <3875889+ccoVeille@users.noreply.github.com>
2025-11-23 22:15:04 +02:00 · 2025-04-03 09:44:20 -05:00
parent 5fd2a37044
commit 1336dc6820
7 changed files with 35 additions and 79 deletions
--- a/testutils/g113_samples.go
+++ b/testutils/g113_samples.go
@@ -1,22 +0,0 @@
-package testutils
-
-import "github.com/securego/gosec/v2"
-
-// SampleCodeG113 - Usage of Rat.SetString in math/big with an overflow
-var SampleCodeG113 = []CodeSample{
-	{[]string{`
-package main
-
-import (
-	"math/big"
-	"fmt"
-)
-
-func main() {
-	r := big.Rat{}
-	r.SetString("13e-9223372036854775808")
-
-	fmt.Println(r)
-}
-`}, 1, gosec.NewConfig()},
-}