Go

Go

By DeepSource

Audit required: Use of reflect.MakeFunc GO-W1006

Bug risk

reflect.MakeFunc sidesteps protections generally afforded by Go's type system. It is recommended to audit this call and make sure that user input cannot be used to affect the code generated by MakeFunc; otherwise, it might introduce a severe security vulnerability.

Examples

Bad practice

reflect.MakeFunc(fn.EmitFnType.T, userEmit) // Audit calls to MakeFunc