Go is a modern concurrent programming language developed at Google and gaining in importance. With a higher range of users, programs in Go become an attractive target for attacks. Part of these attacks is an SQL injection being still the top vulnerability in the OWASP statistics. Static analysis can help to prevent such attacks. We present a static taint analysis for Go which can be used to detect SQL injections. Our approach is - as far as we know - the first static data flow analysis for Go considering the communication caused through the concurrent primitives of the language. Finally, we compare our tool against two other Go tools which can detect potential SQL injections. We have implemented a taint analysis in Go, applied the analysis against examples verifying the correctness of the analysis. Further, we have written some test cases to compare the reports for SQL injections between our tool and two existing tools. We were able to analyse a program with over 5600 lines of code with our analysis in a few seconds.
IFI local advisors | Volker Stolz, Martin Steffen |
Gutachter | Mira Mezini, Michael Eichberg |
IFI links | abstract, thesis, presentation |
github | Gotcha repos |