1
0
mirror of https://github.com/securego/gosec.git synced 2024-12-28 21:08:22 +02:00
gosec/report
Vladimir Severov 9c19cb6501
Add check for usage of Rat.SetString in math/big with an overflow error (#819)
* Add check for usage of Rat.SetString in math/big with an overflow error

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7
has an overflow that can lead to Uncontrolled Memory Consumption.

It is the CVE-2022-23772.

* Use ContainsPkgCallExpr instead of manual parsing
2022-06-03 00:19:51 +02:00
..
csv Fix lint and fail on error in the ci build 2021-05-31 10:44:12 +02:00
golint Fix lint and fail on error in the ci build 2021-05-31 10:44:12 +02:00
html chore(deps): update all dependencies (#812) 2022-05-09 12:02:57 +02:00
json Fix lint and fail on error in the ci build 2021-05-31 10:44:12 +02:00
junit Fix lint and fail on error in the ci build 2021-05-31 10:44:12 +02:00
sarif Process the code snippet before adding it to the SARIF report 2022-02-09 16:19:40 +01:00
sonar Update to ginkgo v2 (#753) 2022-01-03 18:11:35 +01:00
text Extend the release action to sign the docker image and binary files with cosign (#781) 2022-02-22 21:33:42 +01:00
yaml Fix lint and fail on error in the ci build 2021-05-31 10:44:12 +02:00
formatter_suite_test.go Update to ginkgo v2 (#753) 2022-01-03 18:11:35 +01:00
formatter_test.go Add check for usage of Rat.SetString in math/big with an overflow error (#819) 2022-06-03 00:19:51 +02:00
formatter.go Add support for suppressing the findings 2021-12-09 11:53:36 +01:00