| Name | Description | Severity | Precision |
|---|---|---|---|
| Async unsafe signal handler | Async unsafe signal handler (like the one used in CVE-2024-6387) | warning | high |
| Decrementation overflow when comparing | This query finds unsigned integer overflows resulting from unchecked decrementation during comparison. | error | high |
| Find all problematic implicit casts | Find all implicit casts that may be problematic. That is, casts that may result in unexpected truncation, reinterpretation or widening of values. | error | high |
| Inconsistent handling of return values from a specific function | Detects functions whose return values are compared inconsistently across call sites, which may indicate bugs. | warning | medium |
| Invalid string size passed to string manipulation function | Finds calls to functions that take as input a string and its size as separate arguments (e.g., strncmp, strncat, ...) and the size argument is wrong |
error | low |
| Iterator invalidation | Modifying a container while iterating over it can invalidate iterators, leading to undefined behavior. | warning | medium |
| Missing null terminator | This query finds incorrectly initialized strings that are passed to functions expecting null-byte-terminated strings | error | high |
| Name | Description | Severity | Precision |
|---|---|---|---|
| Message not hashed before signature verification | Detects calls to (EC)DSA APIs with a message that was not hashed. If the message is longer than the expected hash digest size, it is silently truncated | error | medium |
| Name | Description | Severity | Precision |
|---|---|---|---|
| Invalid file permission parameter | Finds non-octal (e.g., 755 vs 0o755) and unsupported (e.g., 04666) literals used as a filesystem permission parameter (FileMode) |
error | medium |
| Missing MinVersion in tls.Config | Finds uses of tls.Config where MinVersion is not set and the project's minimum Go version (from go.mod) indicates insecure defaults: Go < 1.18 for clients or Go < 1.22 for servers. Does not mark explicitly set versions (including explicitly insecure ones). | error | medium |
| Trim functions misuse | Finds calls to string.{Trim,TrimLeft,TrimRight} with the 2nd argument not being a cutset but a continuous substring to be trimmed |
error | low |
