1
0
mirror of https://github.com/securego/gosec.git synced 2025-07-07 00:35:35 +02:00

Remove rule G105 which detects the use of math/big#Int.Exp

The big#Int.Exp used to be vulnerable in older versions of Go, but in the
meantime has been fixed (https://github.com/golang/go/issues/15184).

Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
Cosmin Cojocar
2019-09-09 14:16:26 +02:00
committed by Grant Murphy
parent 43e3664713
commit 338b50debb
5 changed files with 9 additions and 78 deletions

View File

@ -304,22 +304,6 @@ func main() {
package main
func dummy(){}
`}, 0, gosec.Config{gosec.Globals: map[gosec.GlobalOption]string{gosec.Audit: "enabled"}}}}
// SampleCodeG105 - bignum overflow
SampleCodeG105 = []CodeSample{{[]string{`
package main
import (
"math/big"
)
func main() {
z := new(big.Int)
x := new(big.Int)
x = x.SetUint64(2)
y := new(big.Int)
y = y.SetUint64(4)
m := new(big.Int)
m = m.SetUint64(0)
z = z.Exp(x, y, m)
}`}, 1, gosec.NewConfig()}}
// SampleCodeG106 - ssh InsecureIgnoreHostKey
SampleCodeG106 = []CodeSample{{[]string{`