Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/vuln: display affected symbols in for binary mode in default mode #59697

Closed
julieqiu opened this issue Apr 18, 2023 · 1 comment
Closed

x/vuln: display affected symbols in for binary mode in default mode #59697

julieqiu opened this issue Apr 18, 2023 · 1 comment
Labels
FrozenDueToAge vulncheck or vulndb Issues for the x/vuln or x/vulndb repo
Milestone
vuln/v0.2.0

Comments

@julieqiu
Copy link
Member

If we know the affected symbols for binary mode, we should consider displaying them.

For example, for https://github.com/golang/vuln/blob/master/cmd/govulncheck/testdata/binary.ct:

  • github.com/tidwall/gjson.Result.Get is called for GO-2021-0265
  • golang.org/x/text/language.Parse is called for GO-2021-0113
@gopherbot gopherbot added the vulncheck or vulndb Issues for the x/vuln or x/vulndb repo label Apr 18, 2023
@gopherbot gopherbot modified the milestones: Unreleased, vuln/unplanned Apr 18, 2023
@julieqiu julieqiu modified the milestones: vuln/unplanned, vuln/v0.2.0 Apr 18, 2023
@julieqiu
Copy link
Member Author

Discussed with @zpavlinovic - in binary mode, we cannot know with certainty which symbols are called, so we can't accurately divide up between affected and informational, as we do in source mode. Closing this issue for now.

@golang golang locked and limited conversation to collaborators Apr 17, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge vulncheck or vulndb Issues for the x/vuln or x/vulndb repo
Projects
None yet
Milestone
vuln/v0.2.0
Development

No branches or pull requests
2 participants
@julieqiu @gopherbot