forked from trailofbits/semgrep-rules
-
Notifications
You must be signed in to change notification settings - Fork 0
/
iterate-over-empty-map.yaml
49 lines (46 loc) · 1.18 KB
/
iterate-over-empty-map.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
rules:
- id: iterate-over-empty-map
message: >-
Iteration over a possibly empty map `$C`. This is likely a bug or redundant code
languages: [go]
severity: WARNING
metadata:
category: security
cwe: "CWE-665: Improper Initialization"
subcategory: [audit]
confidence: MEDIUM
likelihood: LOW
impact: LOW
technology: [--no-technology--]
description: "Probably redundant iteration over an empty map"
references:
- https://blog.trailofbits.com/2019/11/07/attacking-go-vr-ttps/
patterns:
- pattern: |
$C = make(map[$T1] $T2, ...)
...
for $K := range $C { ... }
- pattern-not: |
$C = make(map[$T1] $T2, ...)
...
$C[$X] = $V
...
for $K := range $C { ... }
- pattern-not: |
$C = make(map[$T1] $T2, ...)
...
$C[$X]++
...
for $K := range $C { ... }
- pattern-not: |
$C = make(map[$T1] $T2, ...)
...
$C[$X]--
...
for $K := range $C { ... }
- pattern-not: |
$C = make(map[$T1] $T2, ...)
...
$CODEC.Unmarshal($BYTES, &$C)
...
for $K := range $C { ... }