plugin: fix gosec G115 integer overflow warnings (#7799)

Fix integer overflow conversion warnings (G115) by adding appropriate suppressions where values are provably bounded. Fixes: https://github.com/coredns/coredns/issues/7793 Changes: - Updated 56 G115 annotations to use consistent // #nosec G115 format - Added 2 //nolint:gosec suppressions for conditional expressions - Removed G115 exclusion from golangci.yml (now explicitly handled per-line) Suppressions justify why each conversion is safe (e.g., port numbers are bounded 1-65535, DNS TTL limits, pool lengths, etc.) Signed-off-by: Azeez Syed <syedazeez337@gmail.com>
2026-01-03 23:41:29 -05:00 · 2026-01-01 13:50:29 +05:30
parent be934b2b06
commit 7b38eb8625
26 changed files with 58 additions and 59 deletions
--- a/plugin/tsig/tsig.go
+++ b/plugin/tsig/tsig.go
@@ -126,7 +126,7 @@ func (r *restoreTsigWriter) WriteMsg(m *dns.Msg) error {
 			repTSIG.TimeSigned = r.reqTSIG.TimeSigned
 			b := make([]byte, 8)
 			// TimeSigned is network byte order.
-			binary.BigEndian.PutUint64(b, uint64(time.Now().Unix()))
+			binary.BigEndian.PutUint64(b, uint64(time.Now().Unix())) // #nosec G115 -- Unix time fits in uint64
 			// truncate to 48 least significant bits (network order 6 rightmost bytes)
 			repTSIG.OtherData = hex.EncodeToString(b[2:])
 			repTSIG.OtherLen = 6