Iteration over a possibly empty map

Description

Iteration over a possibly empty map is likely a bug or redundant code. This could lead to unexpected behavior or errors in the program.

Examples

Insecure Code

m := make(map[string]string)
for k := range m {
    fmt.Println(k)
}

Secure Code

m := make(map[string]string)
if len(m) > 0 {
    for k := range m {
        fmt.Println(k)
    }
}

Remediation

Check if the map is empty before iterating over it to avoid potential issues.

Rule Details

Field	Value
ID	CODE-0742
Category	Generic
Severity	LOW
CWE	CWE-665
Confidence	MEDIUM
Impact	LOW
Likelihood	LOW
Exploitability	COMPLEX
Tags	redundant code, empty map
OWASP	N/A

References

• https://blog.trailofbits.com/2019/11/07/attacking-go-vr-ttps/

---