Gosec - G115 #519
Open
Gosec - G115 #519
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lehugueni
reviewed
Dec 12, 2024
| panic(fmt.Errorf("invalid degree: cannot be negative")) | ||
| } | ||
|
|
||
| /* #nosec G115 -- degree cannot be negative */ |
There was a problem hiding this comment.
If you add a check, gosec does not complain
Suggested change
| /* #nosec G115 -- degree cannot be negative */ |
| panic(fmt.Errorf("invalid degree: cannot be negative")) | ||
| } | ||
|
|
||
| /* #nosec G115 -- degree cannot be negative */ |
There was a problem hiding this comment.
Suggested change
| /* #nosec G115 -- degree cannot be negative */ |
| if n&(n-1) == 0 { | ||
| a, b = n/2, n/2 //Necessary for optimal depth | ||
| } else { | ||
| // [Lee et al. 2020] : High-Precision and Low-Complexity Approximate Homomorphic Encryption by Error Variance Minimization | ||
| // Maximize the number of odd terms of Chebyshev basis | ||
| /* #nosec G115 -- n cannot be negative */ |
There was a problem hiding this comment.
Suggested change
| /* #nosec G115 -- n cannot be negative */ | |
| /* #nosec G115 -- n-1 cannot be negative */ |
| @@ -107,6 +107,7 @@ func (op Element[T]) N() int { | |||
|
|
|||
| // LogN returns the log2 of the ring degree used by the target element. | |||
| func (op Element[T]) LogN() int { | |||
| /* #nosec G115 -- N cannot be negative */ | |||
There was a problem hiding this comment.
Suggested change
| /* #nosec G115 -- N cannot be negative */ | |
| /* #nosec G115 -- N-1 cannot be negative */ |
| @@ -231,13 +233,15 @@ func getGaloisElementInverseMap(GaloisGen uint64, N int) (GaloisGenDiscreteLog m | |||
|
|
|||
| twoN := N << 1 | |||
| NHalf := N >> 1 | |||
| /* #nosec G115 -- twoN cannot be negative */ | |||
There was a problem hiding this comment.
Suggested change
| /* #nosec G115 -- twoN cannot be negative */ | |
| /* #nosec G115 -- twoN-1 cannot be negative */ |
| @@ -67,6 +72,7 @@ func NewSubRingWithCustomNTT(N int, Modulus uint64, ntt func(*SubRing, int) Numb | |||
| } | |||
|
|
|||
| s.NTTTable = new(NTTTable) | |||
| /* #nosec G115 -- NthRoot cannot be negative */ | |||
There was a problem hiding this comment.
Suggested change
| /* #nosec G115 -- NthRoot cannot be negative */ |
Comment on lines
+25
to
+27
| /* #nosec G115 -- N cannot be negative */ | ||
| logN := int(bits.Len64(uint64(N))) - 1 | ||
| /* #nosec G115 -- M cannot be negative */ |
There was a problem hiding this comment.
looks like the first "nosec" can be removed but not the second one as gosec doesn't understand M >= N => M >= 0. It might be less confusing to keep both then.
| @@ -52,7 +52,7 @@ func (m *Map[K, T]) WriteTo(w io.Writer) (n int64, err error) { | |||
|
|
|||
| var inc int64 | |||
|
|
|||
| if inc, err = buffer.WriteUint32(w, uint32(len(*m))); err != nil { | |||
| if inc, err = buffer.WriteUint64(w, uint64(len(*m))); err != nil { | |||
There was a problem hiding this comment.
Suggested change
| if inc, err = buffer.WriteUint64(w, uint64(len(*m))); err != nil { | |
| /* #nosec G115 -- marshalling support size of type uint32 only */ | |
| if inc, err = buffer.WriteUint32(w, uint32(len(*m))); err != nil { |
I'd prefer to avoid breaking the serialization when not required.
Comment on lines
+103
to
+104
| var size uint64 | ||
| if inc, err = buffer.ReadUint64(r, &size); err != nil { |
There was a problem hiding this comment.
Suggested change
| var size uint64 | |
| if inc, err = buffer.ReadUint64(r, &size); err != nil { | |
| var size uint32 | |
| if inc, err = buffer.ReadUint32(r, &size); err != nil { |
| @@ -141,7 +142,7 @@ func (m Map[K, T]) BinarySize() (size int) { | |||
| panic(fmt.Errorf("vector component of type %T does not comply to %T", new(T), s)) | |||
| } | |||
|
|
|||
| size = 4 // #Ct | |||
| size = 8 // #Ct | |||
There was a problem hiding this comment.
Suggested change
| size = 8 // #Ct | |
| size = 4 // #Ct |
romainbou
reviewed
Dec 19, 2024
Comment on lines
56
to
57
| # gosec rule G115: Is exluded because there are int->uin64 conversions | ||
| # and the rule currently contains false positives |
There was a problem hiding this comment.
Suggested change
| # gosec rule G115: Is exluded because there are int->uin64 conversions | |
| # and the rule currently contains false positives |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
structs.Mapfromu32tou64(who knows, maybe someone could try to marshal a map of 4 billions elements)