CodeQL query help for Go¶
Visit the articles below to see the documentation for the queries included in the following query suites:
code-scanning
: queries run by default in CodeQL code scanning on GitHub.security-extended
: queries fromcode-scanning
, plus extra security queries with slightly lower precision and severity.security-and-quality
: queries fromcode-scanning
,security-extended
, plus extra maintainability and reliability queries.
For shorter queries that you can use as building blocks when writing your own queries, see the example queries in the CodeQL for Go repository.
- Arbitrary file write during zip extraction (“zip slip”)
- Arbitrary file write extracting an archive containing symbolic links
- Bad redirect check
- Bitwise exclusive-or used like exponentiation
- Clear-text logging of sensitive information
- Command built from user-controlled sources
- Comparison of identical values
- Constant length comparison
- Database query built from user-controlled sources
- Disabled TLS certificate check
- Duplicate ‘if’ branches
- Duplicate ‘if’ condition
- Duplicate switch case
- Email content injection
- Expression has no effect
- Identical operands
- Impossible interface nil check
- Incomplete URL scheme check
- Incomplete regular expression for hostnames
- Inconsistent direction of for loop
- Incorrect conversion between integer types
- Information exposure through a stack trace
- Insecure TLS configuration
- Lines of code in files
- Lines of comments in files
- Missing error check
- Missing regular expression anchor
- Off-by-one comparison against length
- Open URL redirect
- Potentially unsafe quoting
- Redundant call to recover
- Redundant check for negative value
- Reflected cross-site scripting
- Self assignment
- Shift out of range
- Size computation for allocation may overflow
- Suspicious characters in a regular expression
- Uncontrolled data used in network request
- Uncontrolled data used in path expression
- Unreachable statement
- Use of constant
state
value in OAuth 2.0 URL - Use of insecure HostKeyCallback implementation
- Useless assignment to field
- Useless assignment to local variable
- Whitespace contradicts operator precedence
- XPath injection