CodeQL query help for Go¶
Visit the articles below to see the documentation for the queries included in the following query suites:
code-scanning: queries run by default in CodeQL code scanning on GitHub.security-extended: queries fromcode-scanning, plus extra security queries with slightly lower precision and severity.security-and-quality: queries fromcode-scanning,security-extended, plus extra maintainability and reliability queries.
These queries are published in the CodeQL query pack codeql/go-queries (changelog, source).
For shorter queries that you can use as building blocks when writing your own queries, see the example queries in the CodeQL repository.
- Arbitrary file write during zip extraction (”zip slip”)
- Arbitrary file write extracting an archive containing symbolic links
- Bad redirect check
- Bitwise exclusive-or used like exponentiation
- Clear-text logging of sensitive information
- Command built from user-controlled sources
- Comparison of identical values
- Constant length comparison
- Database query built from user-controlled sources
- Disabled TLS certificate check
- Duplicate ‘if’ branches
- Duplicate ‘if’ condition
- Duplicate switch case
- Email content injection
- Expression has no effect
- Hard-coded credentials
- Identical operands
- Impossible interface nil check
- Incomplete URL scheme check
- Incomplete regular expression for hostnames
- Inconsistent direction of for loop
- Incorrect conversion between integer types
- Information exposure through a stack trace
- Insecure TLS configuration
- Lines of code in files
- Lines of comments in files
- Log entries created from user input
- Missing error check
- Missing regular expression anchor
- Off-by-one comparison against length
- Open URL redirect
- Potentially unsafe quoting
- Redundant call to recover
- Redundant check for negative value
- Reflected cross-site scripting
- Self assignment
- Shift out of range
- Size computation for allocation may overflow
- Suspicious characters in a regular expression
- Uncontrolled data used in network request
- Uncontrolled data used in path expression
- Unreachable statement
- Use of a weak cryptographic key
- Use of constant
statevalue in OAuth 2.0 URL - Use of insecure HostKeyCallback implementation
- Use of insufficient randomness as the key of a cryptographic algorithm
- Useless assignment to field
- Useless assignment to local variable
- Whitespace contradicts operator precedence
- Wrapped error is always nil
- XPath injection