| commit | f2dca5ff4cc3c80f576a063ed3a8a0839e583b4f | [log] [tgz] |
|---|---|---|
| author | Zvonimir Pavlinovic <zpavlinovic@google.com> | Tue Nov 29 17:46:45 2022 -0800 |
| committer | Zvonimir Pavlinovic <zpavlinovic@google.com> | Thu Dec 08 18:07:42 2022 +0000 |
| tree | 217982e6317c0c23affa1680142118f784d9a026 | |
| parent | d970d6cd0f6e5294d5dc81eac8b15a42fc67d400 [diff] |
internal/govulncheck: do not show anonymous functions in call stacks
Their names are likely to be confusing to users. Instead, replace a
call to an anonymous function A$1 with "B calls A", where B is the
previous non-anonymous function in the call stack leading to call of
A$1 and A is the function creating A$1. This is motivated by real
world example that can be simplified to
func B() {
A()()
}
func A() {
return func() {
//...
vuln()
}
}
Change-Id: Ie353b7cfa8d96e2e7a8d67dfb4e7f4619145a56d
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/454195
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Jonathan Amsterdam <jba@google.com>
Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com>
This repository contains packages for accessing and analyzing data from the Go Vulnerability Database. It contains the following:
Check out https://go.dev/security/vuln for more information about the Go vulnerability management system.
The privacy policy for govulncheck can be found at https://vuln.go.dev/privacy.
Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.
Database entries available at https://vuln.go.dev are distributed under the terms of the CC-BY 4.0 license.