gosec

go/gosec

mirror of https://github.com/securego/gosec.git synced 2025-03-17 20:57:54 +02:00

History

Vladimir Severov 9c19cb6501

Add check for usage of Rat.SetString in math/big with an overflow error (#819 )

* Add check for usage of Rat.SetString in math/big with an overflow error

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7
has an overflow that can lead to Uncontrolled Memory Consumption.

It is the CVE-2022-23772.

* Use ContainsPkgCallExpr instead of manual parsing

2022-06-03 00:19:51 +02:00

log.go

Major rework of codebase

2017-07-19 15:17:00 -06:00

pkg.go

Remove space between // and #nosec in examples and internal use

2021-12-15 19:31:14 +01:00

source.go

Add check for usage of Rat.SetString in math/big with an overflow error (#819 )

2022-06-03 00:19:51 +02:00

visitor.go

Handle properly the gosec module version v2

2020-04-06 09:06:23 -07:00