Skip to content

MB-6476 - [CAT II] staticcheck SA5011: possible nil pointer dereference (staticcheck)

Low
chtakahashi published GHSA-hjgq-56rm-hfhv Nov 30, 2022

Package

No package listed

Affected versions

1.0

Patched versions

None

Description

The linter flags this issue found in Fortify: https://vulncat.fortify.com/en/detail?id=desc.controlflow.cpp.null_dereference#C%2FC%2B%2B.

This is what is returned by the linter:

�[1mcmd/milmove-tasks/post_file_to_gex.go:156�[0m:30: �[31mSA5011: possible nil pointer dereference�[0m (staticcheck)
		zap.Int("statusCode", resp.StatusCode),

This looks like it only needs an annotation. the code returns a logger.Fatal if resp is nil before the suspect line (zap.Int("statusCode", resp.StatusCode)) is called, so looks like it is not a finding.

	if resp == nil {
		logger.Fatal("Gex Sender had no response", zap.Error(err))
	}

	logger.Info(
		"Posted to GEX",
		zap.String("filename", filename),
		zap.Int("statusCode", resp.StatusCode),
		zap.Error(err))

References

Severity

Low

CVE ID

No known CVE

Weaknesses

No CWEs