Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-12-31 22:11:22 -05:00
Code Issues Packages Projects Releases Wiki Activity

chore(lint): enable gosec (#7792)

Browse Source 
Enable "gosec" linter.

Exclude:

- All G115 (integer overflow) findings, to be fixed separately.

Add targeted gosec annotations for:

- non-crypto math/rand usage
- md5 used only for file change detection
- G114 ("net/http serve with no timeout settings"), to be fixed
  separately.

Other findings fixed.

Signed-off-by: Ville Vesilehto <ville@vesilehto.fi>
This commit is contained in:
Ville Vesilehto
2025-12-30 00:01:27 +02:00
committed by GitHub
parent 1e0095d9b0
commit b21c752d7f
13 changed files with 35 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
plugin/test/file.go
View File

@@ -12,7 +12,10 @@ func TempFile(dir, content string) (string, func(), error) {
if err != nil {
return "", nil, err
}
if err := os.WriteFile(f.Name(), []byte(content), 0644); err != nil {
if err := f.Close(); err != nil {
return "", nil, err
}
if err := os.WriteFile(f.Name(), []byte(content), 0600); err != nil {
return "", nil, err
}
rmFunc := func() { os.Remove(f.Name()) }
@@ -43,7 +46,7 @@ xGbtCkhVk2VQ+BiCWnjYXJ6ZMzabP7wiOFDP9Pvr2ik22PRItsW/TLfHFXM1jDmc
I1rs/VUGKzcJGVIWbHrgjP68CTStGAvKgbsTqw7aLXTSqtPw88N9XVSyRg==
-----END CERTIFICATE-----`
path := filepath.Join(tempDir, "ca.pem")
if err := os.WriteFile(path, []byte(data), 0644); err != nil {
if err := os.WriteFile(path, []byte(data), 0600); err != nil {
return "", err
}
data = `-----BEGIN CERTIFICATE-----
@@ -64,10 +67,11 @@ zhDEPP4FhY+Sz+y1yWirphl7A1aZwhXVPcfWIGqpQ3jzNwUeocbH27kuLh+U4hQo
qeg10RdFnw==
-----END CERTIFICATE-----`
path = filepath.Join(tempDir, "cert.pem")
if err := os.WriteFile(path, []byte(data), 0644); err != nil {
if err := os.WriteFile(path, []byte(data), 0600); err != nil {
return "", err
}
//nolint:gosec // Test fixture private key.
data = `-----BEGIN RSA PRIVATE KEY-----
MIIEpgIBAAKCAQEAxPBrvAIWiIJp383ndpRF+OuZ74pHsVLTJ/lSv05H+gzcGhL2
y1i7kWXOvfmgvlPq3kZzZ7LvyZSz8KzTumyeNR0ofnlsOklJ0bvNb2Zc3J4vAh58
@@ -96,7 +100,7 @@ E/WObVJXDnBdViu0L9abE9iaTToBVri4cmlDlZagLuKVR+TFTCN/DSlVZTDkqkLI
8chzqtkH6b2b2R73hyRysWjsomys34ma3mEEPTX/aXeAF2MSZ/EWT9yL
-----END RSA PRIVATE KEY-----`
path = filepath.Join(tempDir, "key.pem")
if err := os.WriteFile(path, []byte(data), 0644); err != nil {
if err := os.WriteFile(path, []byte(data), 0600); err != nil {
return "", err
}