gosec/rules/rules_test.go at b0f3e78e07d26ff0156a493fb8232f0de5b8ce15

go/gosec

mirror of https://github.com/securego/gosec.git synced 2025-12-21 23:57:52 +02:00

Files

Vladimir Severov 9c19cb6501 Add check for usage of Rat.SetString in math/big with an overflow error (#819 )

* Add check for usage of Rat.SetString in math/big with an overflow error

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7
has an overflow that can lead to Uncontrolled Memory Consumption.

It is the CVE-2022-23772.

* Use ContainsPkgCallExpr instead of manual parsing

2022-06-03 00:19:51 +02:00

5.3 KiB

Raw Blame History

View Raw

5.3 KiB Raw Blame History

5.3 KiB

Raw Blame History