GoEncodingBase64

encoding/base64 package. DecodeString() decodes user input — the result is still tainted and must be sanitized before use in sinks.

Other Methods

.DecodeString()Neutral

Signature

DecodeString(s string) ([]byte, error)

Decodes base64. Output is tainted if input is tainted — not a sanitizer.

.EncodeToString()Neutral

Signature

EncodeToString(src []byte) string

Encodes to base64. Does not sanitize — taint propagates.

FQN	Field
encoding/base64	fqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

go.mod

// standard library — no go.mod entry required

rule.py

from codepathfinder.go_rule import GoEncodingBase64