plugin: fix gosec G115 integer overflow warnings (#7799)

Fix integer overflow conversion warnings (G115) by adding appropriate suppressions where values are provably bounded. Fixes: https://github.com/coredns/coredns/issues/7793 Changes: - Updated 56 G115 annotations to use consistent // #nosec G115 format - Added 2 //nolint:gosec suppressions for conditional expressions - Removed G115 exclusion from golangci.yml (now explicitly handled per-line) Suppressions justify why each conversion is safe (e.g., port numbers are bounded 1-65535, DNS TTL limits, pool lengths, etc.) Signed-off-by: Azeez Syed <syedazeez337@gmail.com>
2026-01-03 15:31:23 -05:00 · 2026-01-01 13:50:29 +05:30
parent be934b2b06
commit 7b38eb8625
26 changed files with 58 additions and 59 deletions
--- a/plugin/nomad/helpers.go
+++ b/plugin/nomad/helpers.go
@@ -11,7 +11,7 @@ func addSRVRecord(m *dns.Msg, s *api.ServiceRegistration, header dns.RR_Header,
 	srvRecord := &dns.SRV{
 		Hdr:      header,
 		Target:   originalQName,
-		Port:     uint16(s.Port),
+		Port:     uint16(s.Port), // #nosec G115 -- port numbers are bounded (1-65535)
 		Priority: 10,
 		Weight:   10,
 	}
--- a/plugin/nomad/setup.go
+++ b/plugin/nomad/setup.go
@@ -19,7 +19,7 @@ func init() { plugin.Register(pluginName, setup) }
 // for parsing any extra options the nomad plugin may have. The first token this function sees is "nomad".
 func setup(c *caddy.Controller) error {
 	n := &Nomad{
-		ttl:     uint32(defaultTTL),
+		ttl:     uint32(defaultTTL), // #nosec G115 -- defaultTTL is a constant that fits in uint32
 		clients: make([]*nomad.Client, 0),
 		current: -1,
 	}