mirror of
https://gitlab.com/pulsechaincom/prysm-pulse.git
synced 2025-01-08 02:31:19 +00:00
c1197d7881
* Add static analysis for unsafe uint casting * Fix violations of uintcast * go mod tidy * Add exclusion to nogo for darwin build * Add test for math.Int * Move some things to const so they are assured not to exceed int64 * Self review * lint * fix tests * fix test * Add init check for non 64 bit OS * Move new deps from WORKSPACE to deps.bzl * fix bazel build for go analysis runs * Update BUILD.bazel Remove TODO * add math.AddInt method * Add new test casts * Add case where builtin functions and declared functions are covered * Fix new findings * cleanup Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> Co-authored-by: Nishant Das <nishdas93@gmail.com>
108 lines
2.7 KiB
Go
108 lines
2.7 KiB
Go
package uintcast
|
|
|
|
import (
|
|
"errors"
|
|
"go/ast"
|
|
"go/types"
|
|
"strings"
|
|
|
|
"github.com/gostaticanalysis/comment"
|
|
"golang.org/x/tools/go/analysis"
|
|
"golang.org/x/tools/go/analysis/passes/inspect"
|
|
"golang.org/x/tools/go/ast/inspector"
|
|
)
|
|
|
|
// Doc explaining the tool.
|
|
const Doc = "Ensure that uint variables are not cast improperly where the value could overflow. " +
|
|
"This check can be suppressed with the `lint:ignore uintcast` comment with proper justification."
|
|
|
|
// Analyzer runs static analysis.
|
|
var Analyzer = &analysis.Analyzer{
|
|
Name: "uintcast",
|
|
Doc: Doc,
|
|
Requires: []*analysis.Analyzer{inspect.Analyzer},
|
|
Run: run,
|
|
}
|
|
|
|
func run(pass *analysis.Pass) (interface{}, error) {
|
|
inspection, ok := pass.ResultOf[inspect.Analyzer].(*inspector.Inspector)
|
|
if !ok {
|
|
return nil, errors.New("analyzer is not type *inspector.Inspector")
|
|
}
|
|
|
|
nodeFilter := []ast.Node{
|
|
(*ast.CallExpr)(nil),
|
|
}
|
|
|
|
commentMap := comment.New(pass.Fset, pass.Files)
|
|
|
|
inspection.Preorder(nodeFilter, func(node ast.Node) {
|
|
cg := commentMap.CommentsByPosLine(pass.Fset, node.Pos())
|
|
for _, c := range cg {
|
|
if strings.Contains(c.Text(), "lint:ignore uintcast") {
|
|
return
|
|
}
|
|
}
|
|
|
|
switch node := node.(type) {
|
|
case *ast.CallExpr:
|
|
// Cast/conversion calls have one argument and no ellipsis.
|
|
if len(node.Args) != 1 || node.Ellipsis.IsValid() {
|
|
return
|
|
}
|
|
|
|
var typ *types.Basic
|
|
switch arg := node.Args[0].(type) {
|
|
case *ast.Ident:
|
|
typ, ok = basicType(pass.TypesInfo.Types[arg].Type)
|
|
case *ast.CallExpr:
|
|
// Check if the call is a builtin conversion/anon identifier.
|
|
typ, ok = basicType(pass.TypesInfo.Types[arg].Type)
|
|
if !ok {
|
|
// Otherwise, it might be a declared function call with a return type.
|
|
typ, ok = funcReturnType(pass.TypesInfo.Types[arg.Fun].Type)
|
|
}
|
|
}
|
|
if typ == nil || !ok {
|
|
return
|
|
}
|
|
|
|
// Ignore types that are not uint variants.
|
|
if typ.Kind() < types.Uint || typ.Kind() > types.Uint64 {
|
|
return
|
|
}
|
|
|
|
if fnTyp, ok := pass.TypesInfo.Types[node.Fun].Type.(*types.Basic); ok {
|
|
if fnTyp.Kind() >= types.Int && fnTyp.Kind() <= types.Int64 {
|
|
pass.Reportf(node.Args[0].Pos(), "Unsafe cast from %s to %s.", typ, fnTyp)
|
|
}
|
|
}
|
|
}
|
|
})
|
|
|
|
return nil, nil
|
|
}
|
|
|
|
func basicType(obj types.Type) (*types.Basic, bool) {
|
|
if obj == nil {
|
|
return nil, false
|
|
}
|
|
fromTyp, ok := obj.(*types.Basic)
|
|
if !ok && obj.Underlying() != nil {
|
|
// Try to get the underlying type
|
|
fromTyp, ok = obj.Underlying().(*types.Basic)
|
|
}
|
|
return fromTyp, ok
|
|
}
|
|
|
|
func funcReturnType(obj types.Type) (*types.Basic, bool) {
|
|
if obj == nil {
|
|
return nil, false
|
|
}
|
|
fnTyp, ok := obj.(*types.Signature)
|
|
if !ok {
|
|
return nil, ok
|
|
}
|
|
return basicType(fnTyp.Results().At(0).Type())
|
|
}
|