-
Notifications
You must be signed in to change notification settings - Fork 59
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
internal/scan: do not show stacks in traces mode for binaries
There are no stacks so the trace just contains the vulnerable symbol that is anyhow communicated to the user. Change-Id: I8a8ebcf3864f91150449dafe812f474a4a59bda8 Reviewed-on: https://go-review.googlesource.com/c/vuln/+/614456 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Maceo Thompson <[email protected]>
- Loading branch information
1 parent
3917389
commit 2e326d4
Showing
2 changed files
with
27 additions
and
33 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -50,30 +50,18 @@ Vulnerability #1: GO-2021-0113 | |
Found in: golang.org/x/[email protected] | ||
Fixed in: golang.org/x/[email protected] | ||
Vulnerable symbols found: | ||
#1: for function golang.org/x/text/language.Compose | ||
Compose | ||
#2: for function golang.org/x/text/language.Make | ||
Make | ||
#3: for function golang.org/x/text/language.MatchStrings | ||
MatchStrings | ||
#4: for function golang.org/x/text/language.MustParse | ||
MustParse | ||
#5: for function golang.org/x/text/language.Parse | ||
Parse | ||
#6: for function golang.org/x/text/language.ParseAcceptLanguage | ||
ParseAcceptLanguage | ||
#7: for function golang.org/x/text/language.Tag.Base | ||
Tag.Base | ||
#8: for function golang.org/x/text/language.Tag.Extension | ||
Tag.Extension | ||
#9: for function golang.org/x/text/language.Tag.IsRoot | ||
Tag.IsRoot | ||
#10: for function golang.org/x/text/language.Tag.Parent | ||
Tag.Parent | ||
#11: for function golang.org/x/text/language.Tag.Region | ||
Tag.Region | ||
#12: for function golang.org/x/text/language.Tag.String | ||
Tag.String | ||
#1: golang.org/x/text/language.Compose | ||
#2: golang.org/x/text/language.Make | ||
#3: golang.org/x/text/language.MatchStrings | ||
#4: golang.org/x/text/language.MustParse | ||
#5: golang.org/x/text/language.Parse | ||
#6: golang.org/x/text/language.ParseAcceptLanguage | ||
#7: golang.org/x/text/language.Tag.Base | ||
#8: golang.org/x/text/language.Tag.Extension | ||
#9: golang.org/x/text/language.Tag.IsRoot | ||
#10: golang.org/x/text/language.Tag.Parent | ||
#11: golang.org/x/text/language.Tag.Region | ||
#12: golang.org/x/text/language.Tag.String | ||
|
||
Vulnerability #2: GO-2020-0015 | ||
Infinite loop when decoding some inputs in golang.org/x/text | ||
|
@@ -82,12 +70,9 @@ Vulnerability #2: GO-2020-0015 | |
Found in: golang.org/x/[email protected] | ||
Fixed in: golang.org/x/[email protected] | ||
Vulnerable symbols found: | ||
#1: for function golang.org/x/text/transform.String | ||
String | ||
#2: for function golang.org/x/text/encoding/unicode.bomOverride.Transform | ||
bomOverride.Transform | ||
#3: for function golang.org/x/text/encoding/unicode.utf16Decoder.Transform | ||
utf16Decoder.Transform | ||
#1: golang.org/x/text/transform.String | ||
#2: golang.org/x/text/encoding/unicode.bomOverride.Transform | ||
#3: golang.org/x/text/encoding/unicode.utf16Decoder.Transform | ||
|
||
Your code is affected by 2 vulnerabilities from 1 module. | ||
This scan found no other vulnerabilities in packages you import or modules you | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters