1
0
mirror of https://github.com/securego/gosec.git synced 2024-12-26 20:53:56 +02:00

Ignore 'implicit memory aliasing' rule for Go 1.22+

Signed-off-by: Janusz Marcinkiewicz <januszm@nvidia.com>
This commit is contained in:
Janusz Marcinkiewicz 2024-02-21 08:41:11 +01:00 committed by Cosmin Cojocar
parent 582e91af06
commit f25ccd9fb5
2 changed files with 7 additions and 1 deletions

View File

@ -159,7 +159,7 @@ directory you can supply `./...` as the input argument.
- G503: Import blocklist: crypto/rc4
- G504: Import blocklist: net/http/cgi
- G505: Import blocklist: crypto/sha1
- G601: Implicit memory aliasing of items from a range statement
- G601: Implicit memory aliasing of items from a range statement (only for Go 1.21 or lower)
- G602: Slice access out of bounds
### Retired rules

View File

@ -47,6 +47,12 @@ func doGetIdentExpr(expr ast.Expr, hasSelector bool) (*ast.Ident, bool) {
}
func (r *implicitAliasing) Match(n ast.Node, c *gosec.Context) (*issue.Issue, error) {
// This rule does not apply for Go 1.22, see https://tip.golang.org/doc/go1.22#language.
major, minor, _ := gosec.GoVersion()
if major >= 1 && minor >= 22 {
return nil, nil
}
switch node := n.(type) {
case *ast.RangeStmt:
// When presented with a range statement, get the underlying Object bound to