From f9f21e9891a8176fc0c44a61e3de0c4bf69cd155 Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Tue, 12 Apr 2022 10:58:07 +0100
Subject: [PATCH] Integer conversion should ignore type assertions

---
 .../go/security/IncorrectIntegerConversionLib.qll      |  1 +
 .../Security/CWE-681/IncorrectIntegerConversion.go     | 10 ++++++++++
 2 files changed, 11 insertions(+)

diff --git a/ql/lib/semmle/go/security/IncorrectIntegerConversionLib.qll b/ql/lib/semmle/go/security/IncorrectIntegerConversionLib.qll
index a208ab9eeb7..cee6eda56f6 100644
--- a/ql/lib/semmle/go/security/IncorrectIntegerConversionLib.qll
+++ b/ql/lib/semmle/go/security/IncorrectIntegerConversionLib.qll
@@ -110,6 +110,7 @@ class ConversionWithoutBoundsCheckConfig extends TaintTracking::Configuration {
    * a common pattern to serialise `byte(v)`, `byte(v >> 8)`, and so on.
    */
   predicate isSink(DataFlow::TypeCastNode sink, int bitSize) {
+    sink.asExpr() instanceof ConversionExpr and
     exists(IntegerType integerType | sink.getResultType().getUnderlyingType() = integerType |
       bitSize = integerType.getSize()
       or
diff --git a/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.go b/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.go
index 05f0e50bd1f..92782b7ad67 100644
--- a/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.go
+++ b/ql/test/query-tests/Security/CWE-681/IncorrectIntegerConversion.go
@@ -409,3 +409,13 @@ func parsePositiveInt2(value string) (int, error) {
 	}
 	return int(i64), nil
 }
+
+func typeAssertion(s string) {
+	n, err := strconv.ParseInt(s, 10, 0)
+	if err == nil {
+		var itf interface{} = n
+		i32 := itf.(int32)
+		println(i32)
+	}
+
+}