Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SML document #1

Merged
merged 7 commits into from
Oct 31, 2024
Merged

Add SML document #1

merged 7 commits into from
Oct 31, 2024

Conversation

arloliu
Copy link
Owner

@arloliu arloliu commented Oct 31, 2024

No description provided.

@arloliu arloliu self-assigned this Oct 31, 2024
@arloliu arloliu merged commit 37b1b0b into main Oct 31, 2024
2 checks passed
github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 31, 2024
View reviewed changes
sml/parser.go
if err != nil {
return 0, err
}
p.forward(i)

return size, nil
return int(size), nil //nolint:gosec

Check failure

Code scanning / CodeQL

Incorrect conversion between integer types High

Incorrect conversion of an unsigned 32-bit integer from
strconv.ParseUint
Loading
to a lower bit size type int without an upper bound check.

Copilot Autofix

AI 5 months ago

To fix the problem, we need to ensure that the value parsed from the string does not exceed the maximum value that an int can hold. We can achieve this by adding a bounds check after parsing the value with strconv.ParseUint. If the value exceeds the maximum value for an int, we should return an error.

Suggested changeset 1
sml/parser.go

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/sml/parser.go b/sml/parser.go
--- a/sml/parser.go
+++ b/sml/parser.go
@@ -6,2 +6,3 @@
 	"strconv"
+	"math"
 	"strings"
@@ -836,2 +837,5 @@
 			}
+			if size > math.MaxInt32 {
+				return 0, errors.New("parsed size exceeds maximum int value")
+			}
 			p.forward(i)
EOF
@@ -6,2 +6,3 @@
"strconv"
"math"
"strings"
@@ -836,2 +837,5 @@
}
if size > math.MaxInt32 {
return 0, errors.New("parsed size exceeds maximum int value")
}
p.forward(i)
Copilot is powered by AI and may make mistakes. Always verify output.
@arloliu arloliu deleted the sml_doc branch November 16, 2024 17:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@arloliu arloliu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@arloliu