Merge pull request #718 from owen-mc/fix-incorrect-integer-conversion-for-type-assertions

Integer conversion should ignore type assertions
2026-01-29 14:23:03 +01:00 · 2022-04-12 12:44:43 +01:00
parent b953fe39c2 f9f21e9891
commit a8eeef6ef8
2 changed files with 11 additions and 0 deletions
--- a/ql/lib/semmle/go/security/IncorrectIntegerConversionLib.qll
+++ b/ql/lib/semmle/go/security/IncorrectIntegerConversionLib.qll
@@ -110,6 +110,7 @@ class ConversionWithoutBoundsCheckConfig extends TaintTracking::Configuration {
   * a common pattern to serialise `byte(v)`, `byte(v >> 8)`, and so on.
   */
  predicate isSink(DataFlow::TypeCastNode sink, int bitSize) {
+    sink.asExpr() instanceof ConversionExpr and
    exists(IntegerType integerType | sink.getResultType().getUnderlyingType() = integerType |
      bitSize = integerType.getSize()
      or
--- a/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.go
+++ b/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.go
@@ -409,3 +409,13 @@ func parsePositiveInt2(value string) (int, error) {
 	}
 	return int(i64), nil
 }
+
+func typeAssertion(s string) {
+	n, err := strconv.ParseInt(s, 10, 0)
+	if err == nil {
+		var itf interface{} = n
+		i32 := itf.(int32)
+		println(i32)
+	}
+
+}