Go

Go

By DeepSource

Audit required: Use of `reflect.MakeFunc`GO-W1006

Bug risk

reflect.MakeFunc sidesteps protections generally afforded by Go's type system. It is recommended to audit this call and make sure that user input cannot be used to affect the code generated by MakeFunc; otherwise, it might introduce a severe security vulnerability.

Examples

Bad practice

reflect.MakeFunc(fn.EmitFnType.T, userEmit) // Audit calls to MakeFunc