Cette page n'est pas encore disponible en français, sa traduction est en cours. Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.
Metadata
ID:go-security/range-memory-aliasing
Language: Go
Severity: Warning
Category: Security
Description
Implicit memory aliasing in for loops refers to a scenario in Go programming when two or more pointers reference the same location in memory, creating unexpected side effects. This often results in a common mistake amongst Go programmers due to the ‘range’ clause.
Consider this example, where a slice of pointers is created in a loop:
You might expect the ‘pointers’ slice to hold addresses of elements in ‘data’ slice, but that’s not the case. In each iteration of the loop, variable ‘v’ gets a new value but its memory address doesn’t change because it’s a loop variable. As a result, each element in ‘pointers’ slice points to the same memory location - the address of the loop variable ‘v’. The final value of ‘v’ is ‘3’, and since all pointers point to ‘v’, dereferencing the pointers would yield ‘3’ regardless of the pointer’s index in the slice.
To avoid implicit memory aliasing in for loops in Go, you should address the actual elements in the original data structure, like so: