encoding/hex package. DecodeString() converts hex to bytes — does not sanitize taint. EncodeToString() may be used as a sanitizer in specific contexts.
.EncodeToString()SanitizerEncodeToString(src []byte) string
Encodes bytes to hex. Safe for SQL/command contexts — acts as sanitizer.
.DecodeString()NeutralDecodeString(s string) ([]byte, error)
Decodes hex string to bytes. Taint propagates through.
| FQN | Field | |
|---|---|---|
| encoding/hex | fqns[0] |
Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.
// standard library — no go.mod entry required
from codepathfinder.go_rule import GoEncodingHex