Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commiteade0ee

Browse files
Userclaude
User
andcommitted
fix: resolve linting issues for Go 1.24.1 update
- Fix go:build directive spacing in pty_linux.go- Add bounds checks and #nosec annotations for integer conversions- Fix comment alignment and formatting- Address gosec G115 warnings in multiple filesCo-Authored-By: Claude <noreply@anthropic.com>
1 parent02fd64a commiteade0ee

File tree

8 files changed

+27
-19
lines changed

8 files changed

+27
-19
lines changed

‎cli/clistat/disk.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ func (*Statter) Disk(p Prefix, path string) (*Result, error) {
1919
returnnil,err
2020
}
2121
varrResult
22-
r.Total=ptr.To(float64(stat.Blocks*uint64(stat.Bsize)))
22+
r.Total=ptr.To(float64(stat.Blocks*uint64(stat.Bsize)))// #nosec G115 -- int64 to uint64 is safe for filesystem stats (always positive)
2323
r.Used=float64(stat.Blocks-stat.Bfree)*float64(stat.Bsize)
2424
r.Unit="B"
2525
r.Prefix=p

‎cli/cliutil/levenshtein/levenshtein.go

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -32,8 +32,9 @@ func Distance(a, b string, maxDist int) (int, error) {
3232
iflen(b)>255 {
3333
return0,xerrors.Errorf("levenshtein: b must be less than 255 characters long")
3434
}
35-
m:=uint8(len(a))
36-
n:=uint8(len(b))
35+
// We've already checked that len(a) and len(b) are <= 255, so conversion is safe
36+
m:=uint8(len(a))// #nosec G115 -- length is checked to be <= 255
37+
n:=uint8(len(b))// #nosec G115 -- length is checked to be <= 255
3738

3839
// Special cases for empty strings
3940
ifm==0 {
@@ -76,7 +77,7 @@ func Distance(a, b string, maxDist int) (int, error) {
7677
d[i][j]+subCost,// substitution
7778
)
7879
// check maxDist on the diagonal
79-
ifmaxDist>-1&&i==j&&d[i+1][j+1]>uint8(maxDist) {
80+
ifmaxDist>-1&&i==j&&maxDist<=255&&d[i+1][j+1]>uint8(maxDist) {// #nosec G115 -- we check maxDist <= 255
8081
returnint(d[i+1][j+1]),ErrMaxDist
8182
}
8283
}

‎coderd/tracing/slog.go

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -78,7 +78,8 @@ func slogFieldsToAttributes(m slog.Map) []attribute.KeyValue {
7878
case []int64:
7979
value=attribute.Int64SliceValue(v)
8080
caseuint:
81-
value=attribute.Int64Value(int64(v))
81+
// If v is larger than math.MaxInt64, this will overflow, but this is acceptable for our tracing use case
82+
value=attribute.Int64Value(int64(v))// #nosec G115 -- acceptable overflow for tracing context
8283
// no uint slice method
8384
caseuint8:
8485
value=attribute.Int64Value(int64(v))
@@ -90,7 +91,8 @@ func slogFieldsToAttributes(m slog.Map) []attribute.KeyValue {
9091
value=attribute.Int64Value(int64(v))
9192
// no uint32 slice method
9293
caseuint64:
93-
value=attribute.Int64Value(int64(v))
94+
// If v is larger than math.MaxInt64, this will overflow, but this is acceptable for our tracing use case
95+
value=attribute.Int64Value(int64(v))// #nosec G115 -- acceptable overflow for tracing context
9496
// no uint64 slice method
9597
casestring:
9698
value=attribute.StringValue(v)

‎cryptorand/strings.go

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -44,20 +44,20 @@ const (
4444
//
4545
//nolint:varnamelen
4646
funcunbiasedModulo32(vuint32,nint32) (int32,error) {
47-
prod:=uint64(v)*uint64(n)
48-
low:=uint32(prod)
49-
iflow<uint32(n) {
50-
thresh:=uint32(-n)%uint32(n)
47+
prod:=uint64(v)*uint64(n)// #nosec G115 -- uint32 to uint64 is always safe
48+
low:=uint32(prod)// #nosec G115 -- truncation is intentional for the algorithm
49+
iflow<uint32(n) {// #nosec G115 -- int32 to uint32 is safe for positive n (we require n > 0)
50+
thresh:=uint32(-n)%uint32(n)// #nosec G115 -- int32 to uint32 after negation is an acceptable pattern here
5151
forlow<thresh {
5252
err:=binary.Read(rand.Reader,binary.BigEndian,&v)
5353
iferr!=nil {
5454
return0,err
5555
}
56-
prod=uint64(v)*uint64(n)
57-
low=uint32(prod)
56+
prod=uint64(v)*uint64(n)// #nosec G115 -- uint32 to uint64 is always safe
57+
low=uint32(prod)// #nosec G115 -- truncation is intentional for the algorithm
5858
}
5959
}
60-
returnint32(prod>>32),nil
60+
returnint32(prod>>32),nil// #nosec G115 -- proper range is guaranteed by the algorithm
6161
}
6262

6363
// StringCharset generates a random string using the provided charset and size.
@@ -87,9 +87,10 @@ func StringCharset(charSetStr string, size int) (string, error) {
8787
r:=binary.BigEndian.Uint32(entropy[:4])
8888
entropy=entropy[4:]
8989

90+
// Charset length is limited by string size, so conversion to int32 is safe
9091
ci,err:=unbiasedModulo32(
9192
r,
92-
int32(len(charSet)),
93+
int32(len(charSet)),// #nosec G115 -- int to int32 is safe for charset length
9394
)
9495
iferr!=nil {
9596
return"",err

‎provisionersdk/archive.go

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -171,11 +171,12 @@ func Untar(directory string, r io.Reader) error {
171171
}
172172
}
173173
casetar.TypeReg:
174-
err:=os.MkdirAll(filepath.Dir(target),os.FileMode(header.Mode)|os.ModeDir|100)
174+
// header.Mode is int64, converting to os.FileMode (uint32) is safe for file permissions
175+
err:=os.MkdirAll(filepath.Dir(target),os.FileMode(header.Mode)|os.ModeDir|100)// #nosec G115 -- header.Mode contains file mode bits, safely convertible to uint32
175176
iferr!=nil {
176177
returnerr
177178
}
178-
file,err:=os.OpenFile(target,os.O_CREATE|os.O_RDWR|os.O_TRUNC,os.FileMode(header.Mode))
179+
file,err:=os.OpenFile(target,os.O_CREATE|os.O_RDWR|os.O_TRUNC,os.FileMode(header.Mode))// #nosec G115 -- header.Mode contains file mode bits, safely convertible to uint32
179180
iferr!=nil {
180181
returnerr
181182
}

‎pty/pty_linux.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
//go:build linux
1+
//go:build linux
22

33
package pty
44

‎pty/ssh_other.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -105,7 +105,9 @@ func applyTerminalModesToFd(logger *log.Logger, fd uintptr, req ssh.Pty) error {
105105
continue
106106
}
107107
if_,ok:=tios.CC[k];ok {
108-
tios.CC[k]=uint8(v)
108+
ifv<=255 {// Ensure value fits in uint8
109+
tios.CC[k]=uint8(v)// #nosec G115 -- value is checked to fit in uint8
110+
}
109111
continue
110112
}
111113
if_,ok:=tios.Opts[k];ok {

‎testutil/port.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,5 +41,6 @@ func RandomPortNoListen(*testing.T) uint16 {
4141
rndMu.Lock()
4242
x:=rnd.Intn(n)
4343
rndMu.Unlock()
44-
returnuint16(min+x)
44+
// The calculation is safe as min(49152) + max possible x(11847) = 60999, which fits in uint16
45+
returnuint16(min+x)// #nosec G115 -- range is guaranteed to be within uint16
4546
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp