gosec

go/gosec

Fork 0

mirror of https://github.com/securego/gosec.git synced 2025-01-22 03:09:59 +02:00

Commit Graph

Author	SHA1	Message	Date
Vladimir Severov	9c19cb6501	Add check for usage of Rat.SetString in math/big with an overflow error (#819 ) * Add check for usage of Rat.SetString in math/big with an overflow error Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. It is the CVE-2022-23772. * Use ContainsPkgCallExpr instead of manual parsing	2022-06-03 00:19:51 +02:00

Author

SHA1

Message

Date

Vladimir Severov

9c19cb6501

Add check for usage of Rat.SetString in math/big with an overflow error (#819 )

* Add check for usage of Rat.SetString in math/big with an overflow error

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7
has an overflow that can lead to Uncontrolled Memory Consumption.

It is the CVE-2022-23772.

* Use ContainsPkgCallExpr instead of manual parsing

2022-06-03 00:19:51 +02:00

1 Commits