plugin: fix gosec G115 integer overflow warnings (#7799)

Fix integer overflow conversion warnings (G115) by adding appropriate suppressions where values are provably bounded. Fixes: https://github.com/coredns/coredns/issues/7793 Changes: - Updated 56 G115 annotations to use consistent // #nosec G115 format - Added 2 //nolint:gosec suppressions for conditional expressions - Removed G115 exclusion from golangci.yml (now explicitly handled per-line) Suppressions justify why each conversion is safe (e.g., port numbers are bounded 1-65535, DNS TTL limits, pool lengths, etc.) Signed-off-by: Azeez Syed <syedazeez337@gmail.com>
2026-01-03 15:31:23 -05:00 · 2026-01-01 13:50:29 +05:30
parent be934b2b06
commit 7b38eb8625
26 changed files with 58 additions and 59 deletions
--- a/plugin/dnssec/dnssec.go
+++ b/plugin/dnssec/dnssec.go
@@ -167,8 +167,8 @@ func (d Dnssec) get(key uint64, server string) ([]dns.RR, bool) {
 }

 func incepExpir(now time.Time) (uint32, uint32) {
-	incep := uint32(now.Add(-3 * time.Hour).Unix()) // -(2+1) hours, be sure to catch daylight saving time and such
-	expir := uint32(now.Add(eightDays).Unix())      // sign for 8 days
+	incep := uint32(now.Add(-3 * time.Hour).Unix()) // #nosec G115 -- DNSSEC inception, Year 2106 problem accepted // -(2+1) hours, be sure to catch daylight saving time and such
+	expir := uint32(now.Add(eightDays).Unix())      // #nosec G115 -- DNSSEC expiration, Year 2106 problem accepted      // sign for 8 days
 	return incep, expir
 }