Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

added a fix for FPs found by anonymous-race-condition #28

Merged
merged 1 commit into from
Jul 14, 2023
Merged

added a fix for FPs found by anonymous-race-condition #28

merged 1 commit into from
Jul 14, 2023

Conversation

hex0punk
Copy link
Contributor

The anonymous-race-condition rule was returning FPs for cases such as these where the two loop variables are shadowed and later used in an anon func:

func AnonRaceCond_5() {
	var wg sync.WaitGroup
	for idx, val := range values {
		wg.Add(1)
		idx, val := idx, val
		go func() {
			val.s.Method("test")
			fmt.Println("Completed index", idx)
			wg.Done()
		}()
	}

	wg.Wait()
}

func AnonRaceCond_6() {
	var wg sync.WaitGroup
	for idx, val := range values {
		wg.Add(1)
		idx, val := idx, val
		go func() {
			fmt.Println(val.s)
			fmt.Println("Completed index", idx)
			wg.Done()
		}()
	}

	wg.Wait()
}

This add two pattern-not that fix that.

Vasco-jofra
Vasco-jofra approved these changes Jun 28, 2023
View reviewed changes
Copy link
Contributor

@Vasco-jofra Vasco-jofra left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thank you Alex!

Regarding test failures:

  • With semgrep 1.19.0 the tests pass
  • With semgrep 1.29.0 the two tests fail

This is likely a bug in semgrep or some behavior that changed and that we need to account for.

@hex0punk
Copy link
Contributor Author

Hey @Vasco-jofra!

Yeah, it has t do with a bug in how Semgrep 1.29.0 treats make in Go, but it should be fixed in the next release (maybe today). See https://semgrep.slack.com/archives/C018NJRRCJ0/p1687897157857999

@GrosQuildu
Copy link
Collaborator

Cannot test because semgrep/semgrep#8120 (comment)

@hex0punk
Copy link
Contributor Author

hex0punk commented Jul 5, 2023

Cannot test because returntocorp/semgrep#8120 (comment)

In this case the test is failing because of semgrep/semgrep#8171 which should be fixed once semgrep/semgrep#8179 makes int the next release

@hex0punk
Copy link
Contributor Author

hex0punk commented Jul 7, 2023
edited
Loading

@GrosQuildu, all tests now pass with the latest release

@GrosQuildu GrosQuildu merged commit a13c350 into trailofbits:main Jul 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Vasco-jofra Vasco-jofra Vasco-jofra approved these changes

@GrosQuildu GrosQuildu GrosQuildu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hex0punk @GrosQuildu @Vasco-jofra