Merge pull request #16305 from github/go/value-flow-instead-of-taint-flow

owen-mc · web-flow · commit 2b7394cd42f9 · 2024-05-16T12:40:53.000+01:00
Go: Use value flow instead of taint flow for `go/incorrect-integer-conversion`
diff --git a/go/ql/lib/semmle/go/security/IncorrectIntegerConversionLib.qll b/go/ql/lib/semmle/go/security/IncorrectIntegerConversionLib.qll
@@ -572,7 +572,7 @@ private module ConversionWithoutBoundsCheckConfig implements DataFlow::StateConf
  * Tracks taint flow from an integer obtained from parsing a string that flows
  * to a type conversion to a smaller integer type, which could cause data loss.
  */
-module Flow = TaintTracking::GlobalWithState<ConversionWithoutBoundsCheckConfig>;
+module Flow = DataFlow::GlobalWithState<ConversionWithoutBoundsCheckConfig>;
 
 /** Gets a string describing the size of the integer parsed. */
 deprecated string describeBitSize(int bitSize, int intTypeBitSize) {
diff --git a/go/ql/src/change-notes/2024-05-14-incorrect-integer-conversion.md b/go/ql/src/change-notes/2024-05-14-incorrect-integer-conversion.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The query `go/incorrect-integer-conversion` has now been restricted to only use flow through value-preserving steps. This reduces false positives, especially around type switches.

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +category: minorAnalysis
 +---
 +* The query `go/incorrect-integer-conversion` has now been restricted to only use flow through value-preserving steps. This reduces false positives, especially around type switches.