unsignedlint

command module
v0.0.0-...-b6b6fd0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 15, 2025 License: GPL-3.0 Imports: 2 Imported by: 0

README

unsignedlint

Go linter which finds potentially unsafe unsigned integer subtractions in Go code.

The linter checks for binary expressions of the form x - y where y is an unsigned integer type (uint, uint8, uint16, uint32, uint64, uintptr). Such operations can lead to unexpected integer wraps (underflow) if y > x at runtime.

Note: This initial version flags all such subtractions. It does not currently check for safety guards (like if x >= y { ... x - y ... }). Adding such checks requires more complex static analysis.

Installation

go install github.com/fingon/unsignedlint@latest

Usage

Run the linter on your package:

go vet -vettool=$(which unsignedlint) ./...

Or directly:

unsignedlint ./...

Example

Code like this will be flagged:

package main

func main() {
	var a uint = 5
	var b uint = 10
	c := a - b // Potential underflow: unsignedlint will report this line
	println(c)
}

Known issues

Running it stand-alone may sometimes not work (Go bug? Who knows):

> unsignedlint ./...
unsignedlint: internal error: package "iter" without types was imported from "..."

In this case, go vet seems to work, for some reason.

Documentation

Overview

Command unsignedlint checks for potentially unsafe unsigned integer subtractions.

Source Files

View all Source files

Directories

Path Synopsis
Package analyzer defines the unsignedlint analysis logic.
 Package analyzer defines the unsignedlint analysis logic.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.