Skip to content

Anchor all referenced loop variables #4991

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rolandshoemaker merged 6 commits into from
Jul 29, 2020
Merged

Anchor all referenced loop variables #4991

rolandshoemaker merged 6 commits into from
Jul 29, 2020

Conversation

@aarongable
Copy link
Contributor

@aarongable aarongable commented Jul 28, 2020
edited
Loading

Taking a reference to a loop variable produced by a range statement
can be dangerous. If that pointer is preserved elsewhere, for example
by being passed to a function which stores it, the resulting behavior
may not be what the author or reader expects.

When it is not feasible to structure code such that references to
loop variables are not taken at all, the loop variable can instead be
'anchored' by assigning it to itself.

This change anchors all loop range variables which are referenced and
then passed to arbitrary functions. It also removes our exclusion of
gosec'c G601 lint rule, which catches this error, to ensure we don't
reintroduce it later.

Depends on #4990
Fixes #4948
@aarongable
Add gosec linter to golangci-lint
02e74b5 
This enables the gosec linter. It also disables a number of
warnings which it emits on the current codebase. Some of these
(e.g. G104: Errors unhandles) we expect to leave disabled
permanently; others (e.g. G601: Implicit memory aliasing in for loop)
we expect to fix and then enable to prevent regressions.

Fixes #4948
@aarongable
Use golangci-lint v1.29.0
7c72ec9 
(cherry picked from commit 788c0c1)
@aarongable
Update version of docker image used for testing
3e272c2 
(cherry picked from commit 61a54b7)
@aarongable
Correct exclusion list
a14ff37
@aarongable
Anchor all referenced loop variables
e7929ec 
Taking a reference to a loop variable produced by a range statement
can be dangerous. If that pointer is preserved elsewhere, for example
by being passed to a function which stores it, the resulting behavior
may not be what the author or reader expects.

When it is not feasible to structure code such that references to
loop variables are not taken at all, the loop variable can instead be
'anchored' by assigning it to itself.

This change anchors all loop range variables which are referenced and
then passed to arbitrary functions. It also removes our exclusion of
gosec'c G601 lint rule, which catches this error, to ensure we don't
reintroduce it later.

Fixes #4986
@aarongable aarongable requested a review from a team as a code owner July 28, 2020 22:09
@aarongable aarongable mentioned this pull request Jul 28, 2020
Closed
jsha
jsha reviewed Jul 28, 2020
View reviewed changes
Copy link
Contributor

@jsha jsha left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Needs a merge and conflict resolve.
@rolandshoemaker rolandshoemaker merged commit 46d7ed0 into main Jul 29, 2020
@rolandshoemaker rolandshoemaker deleted the fix-gosec-G601 branch July 29, 2020 19:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

4 participants

@aarongable @jsha @rolandshoemaker