* refactor
* optimizations
* Refactor analyzers: unify range logic and optimize allocations- Centralize numeric range analysis in util.go (shared by G115/G602).- Implement object pooling for slice_bounds and hardcoded_nonce.- Update conversion_overflow tests to use real analyzer logic.
* Refactor RangeAnalyzer
* Refine G407 to improve detection and coverage of hardcoded nonces
* chore: consolidate common analyzer patterns into util.go and improve G602 coverage
* Optimize G602 and G115 with state caching and regex pre-compilation
* Improve G115 overflow detection and fix false positives and false negatives
* golangci-lint workaround
The nonce in the decryption functions/methods is typically provided and
it should not be randomnly generated.
Change-Id: Id0df0d43aecb2aadb00b9fa901bd060a43a201c5
Signed-off-by: Cosmin Cojocar <ccojocar@google.com>
* Removed old way of initializing analyzers
* Added the new analyzer to the rest of the default analyzers
* Fixed small bug in the rule
* Removed the test for the new analyzer from the file responsible for testing the rules
* Merged the diffrent examples into 1 variable
* Added tests for the analyzer
* Removed code that was used for testing rules, but it was used to test the analyzer
The rule is supposed to detect for the usage of hardcoded or static nonce/Iv in many encryption algorithms:
* The different modes of AES (mainly tested here)
* It should be able to work with ascon
Currently the rules doesn't check when constant variables are used.
TODO: Improve the rule, to detected for constatant variable usage
