Memo: forgetting proper validation is common mistake and repeatedly cause vulnerability

Forgetting proper validation is common mistake and repeatedly cause vulnerability.

It is very hard to detect statically. But anyway I leave memo here. Perhaps I can come up with good idea later.

### Real world examples
- decompressing data without validation
    - https://pkg.go.dev/vuln/GO-2024-2631
    - https://pkg.go.dev/vuln/GO-2023-1989
- path traversal
    - https://pkg.go.dev/vuln/GO-2024-2616

### Inputs that needs validation
- `(*gin.Context).Query()`
    - https://github.com/IceWhaleTech/CasaOS-UserService/commit/3f4558e23c0a9958f9a0e20aabc64aa8fd51840e

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Memo: forgetting proper validation is common mistake and repeatedly cause vulnerability #30

Real world examples

Inputs that needs validation

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Memo: forgetting proper validation is common mistake and repeatedly cause vulnerability #30

Description

Real world examples

Inputs that needs validation

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions