• CodeQL query help documentation »

CodeQL query help for Go

Visit the articles below to see the documentation for the queries included in the following query suites:

• default: queries run by default in CodeQL code scanning on GitHub.

• security-extended: queries from default, plus extra security queries with slightly lower precision and severity.

• security-and-quality: queries from default, security-extended, plus extra maintainability and reliability queries.

These queries are published in the CodeQL query pack codeql/go-queries (changelog, source).

For shorter queries that you can use as building blocks when writing your own queries, see the example queries in the CodeQL repository.

• Arbitrary file access during archive extraction (”Zip Slip”)
• Arbitrary file write extracting an archive containing symbolic links
• Bad redirect check
• Bitwise exclusive-or used like exponentiation
• Clear-text logging of sensitive information
• Command built from user-controlled sources
• Comparison of identical values
• Constant length comparison
• Cross-site scripting via HTML template escaping bypass
• Database query built from user-controlled sources
• Disabled TLS certificate check
• Duplicate ‘if’ branches
• Duplicate ‘if’ condition
• Duplicate switch case
• Email content injection
• Expression has no effect
• Identical operands
• Impossible interface nil check
• Incomplete URL scheme check
• Incomplete regular expression for hostnames
• Inconsistent direction of for loop
• Incorrect conversion between integer types
• Information exposure through a stack trace
• Insecure TLS configuration
• Log entries created from user input
• Missing JWT signature check
• Missing error check
• Missing regular expression anchor
• Off-by-one comparison against length
• Open URL redirect
• Potentially unsafe quoting
• Redundant call to recover
• Redundant check for negative value
• Reflected cross-site scripting
• Self assignment
• Shift out of range
• Size computation for allocation may overflow
• Slice memory allocation with excessive size value
• Suspicious characters in a regular expression
• Uncontrolled data used in network request
• Uncontrolled data used in path expression
• Unreachable statement
• Use of a weak cryptographic key
• Use of constant state value in OAuth 2.0 URL
• Use of insecure HostKeyCallback implementation
• Use of insufficient randomness as the key of a cryptographic algorithm
• Useless assignment to field
• Useless assignment to local variable
• Whitespace contradicts operator precedence
• Wrapped error is always nil
• Writable file handle closed without error handling
• XPath injection

• © GitHub, Inc.
• Terms
• Privacy