Invalid usage of modified variable
Description
Variable is likely modified and later used on error, potentially resulting in panics due to a nil dereference. This could be caused by an unintentional assignment when an error occurs.
Examples
Insecure Code
go
x, err := foo()
if err != nil {
// use x without checking for nil
x.bar()
}Secure Code
go
x, err := foo()
if err != nil {
// handle error
return
}
if x != nil {
x.bar()
}Remediation
Check the variable for nil before using it, and handle the error properly to avoid panics.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0812 |
| Category | Generic |
| Severity | MEDIUM |
| CWE | CWE-665 |
| Confidence | HIGH |
| Impact | MEDIUM |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | go, error handling |
| OWASP | N/A |