semgrep-go-correctness

dgryski

Odd use of anonymous structs for function arguments

dgryski

Caret (^) is not exponentiation

dgryski

Bad nil guard

dgryski

QueryxContext rows must be closed (or use ExecContext)

dgryski

Consider to use well-defined context

dgryski

Use errors.Is($ERR, net.ErrClosed) instead

dgryski

superfluous nil err check before return

dgryski

TODO in error handling code

dgryski

odd hash.Sum call flow

dgryski

Comparing a MAC with bytes.Equal()

dgryski

calling hmac.New with unchanging hash.New

dgryski

use net.JoinHostPort instead of fmt.Sprintf($XX, $NET)

dgryski

calling json.Encode() on an http.ResponseWriter will set Content-Type text/plain

dgryski

use net/mail Address.String() instead of fmt.Sprintf()

dgryski

MarshalJSON with a pointer receiver has surprising results: https://github.com/golang/go/issues/22967

dgryski

Try using math/bits instead

dgryski

missing new relic end transaction

dgryski

Odd bitwise expression

dgryski

Odd compound += or -= expression

dgryski

Odd sequence of ifs

dgryski

Odd bits.LeadingZeros() expression should perhaps be bits.Len()

dgryski

64-bit integer parsed and downcast to u/int32

dgryski

io.ReadFull() returns err == nil iff n == len(slice)

dgryski

return nil instead of nil value

dgryski

Maybe bad sort.Slice() less function

dgryski

Use err.Error() instead

dgryski

Leaky use of time.After in for-select, see: https://groups.google.com/g/golang-nuts/c/cCdm0Ixwi9A/m/jMiJJScAEAAJ

dgryski

unless checking for wall clock inconsistencies, use !$T1.After($T2)

dgryski

unless checking for wall clock inconsistencies, use !$T1.Before($T2)

dgryski

use $W.Write($VAR) instead of io.WriteString when $VAR is []byte

dgryski

maybe returning wrong error

dgryski

Wrong lock/unlock pair?

dgryski

did you want path.Join() or filepath.Join()?

dgryski

it is good practice to call context cancellation function, $X(), in any case

dgryski

ctx.Done() and time.After/time.NewTicker

dgryski

old-style go-fuzz fuzz function found

dgryski

passing an http-request scoped Context to a goroutine

dgryski

ioutil.Discard is deprecated

dgryski

ioutil.NopCloser is deprecated

dgryski

ioutil.ReadAll is deprecated

dgryski

ioutil.ReadDir is deprecated

dgryski

ioutil.ReadFile is deprecated

dgryski

ioutil.TempDir is deprecated

dgryski

ioutil.TempFile is deprecated

dgryski

ioutil.WriteFile is deprecated

dgryski

Misspelling of MarshalJSON.

dgryski

Misspelling of UnmarshalJSON.

dgryski

Misspelling of MarshalYAML.

dgryski

Misspelling of UnmarshalYAML.

dgryski

Converting RemoteAddr to net.IP is probably wrong

dgryski

return nil err instead of nil value

dgryski

Odd comparison

dgryski

Odd comparison

dgryski

Odd comparison

dgryski

Odd comparison

dgryski

Odd comparison

dgryski

Odd comparison

dgryski

Odd comparison

dgryski

Odd comparison

dgryski

New code should use errors.Is with the appropriate error type

dgryski

New code should use errors.Is with the appropriate error type

dgryski

New code should use errors.Is with the appropriate error type

dgryski

New code should use errors.Is with the appropriate error type

dgryski

Read() can return n bytes and io.EOF

dgryski

use fmt.Fprintf($W, $...VALS) instead of fmt.Sprintf and []byte conversion

dgryski

use $W.Write($VAR) instead of fmt.Fprint when $VAR is []byte