1
0
mirror of https://github.com/securego/gosec.git synced 2025-07-07 00:35:35 +02:00
Commit Graph

2 Commits

Author SHA1 Message Date
de2c6a36fa Extract the issue in its own package 2023-02-16 09:45:28 +01:00
9c19cb6501 Add check for usage of Rat.SetString in math/big with an overflow error (#819)
* Add check for usage of Rat.SetString in math/big with an overflow error

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7
has an overflow that can lead to Uncontrolled Memory Consumption.

It is the CVE-2022-23772.

* Use ContainsPkgCallExpr instead of manual parsing
2022-06-03 00:19:51 +02:00