CodeQL query help for Go¶
Visit the articles below to see the documentation for the queries included in the following query suites:
default: queries run by default in CodeQL code scanning on GitHub.security-extended: queries fromdefault, plus extra security queries with slightly lower precision and severity.security-and-quality: queries fromdefault,security-extended, plus extra maintainability and reliability queries.
These queries are published in the CodeQL query pack codeql/go-queries (changelog, source).
For shorter queries that you can use as building blocks when writing your own queries, see the example queries in the CodeQL repository.
- Arbitrary file access during archive extraction (”Zip Slip”)
- Arbitrary file write extracting an archive containing symbolic links
- Bad redirect check
- Bitwise exclusive-or used like exponentiation
- Clear-text logging of sensitive information
- Command built from user-controlled sources
- Comparison of identical values
- Constant length comparison
- Cross-site scripting via HTML template escaping bypass
- Database query built from user-controlled sources
- Disabled TLS certificate check
- Duplicate ‘if’ branches
- Duplicate ‘if’ condition
- Duplicate switch case
- Email content injection
- Expression has no effect
- Identical operands
- Impossible interface nil check
- Incomplete URL scheme check
- Incomplete regular expression for hostnames
- Inconsistent direction of for loop
- Incorrect conversion between integer types
- Information exposure through a stack trace
- Insecure TLS configuration
- Log entries created from user input
- Missing JWT signature check
- Missing error check
- Missing regular expression anchor
- Off-by-one comparison against length
- Open URL redirect
- Potentially unsafe quoting
- Redundant call to recover
- Redundant check for negative value
- Reflected cross-site scripting
- Self assignment
- Shift out of range
- Size computation for allocation may overflow
- Slice memory allocation with excessive size value
- Suspicious characters in a regular expression
- Uncontrolled data used in network request
- Uncontrolled data used in path expression
- Unreachable statement
- Use of a weak cryptographic key
- Use of constant
statevalue in OAuth 2.0 URL - Use of insecure HostKeyCallback implementation
- Use of insufficient randomness as the key of a cryptographic algorithm
- Useless assignment to field
- Useless assignment to local variable
- Whitespace contradicts operator precedence
- Wrapped error is always nil
- Writable file handle closed without error handling
- XPath injection