mirror of
https://github.com/coredns/coredns.git
synced 2026-01-01 22:41:23 -05:00
7b38eb8625
Fix integer overflow conversion warnings (G115) by adding appropriate suppressions where values are provably bounded. Fixes: https://github.com/coredns/coredns/issues/7793 Changes: - Updated 56 G115 annotations to use consistent // #nosec G115 format - Added 2 //nolint:gosec suppressions for conditional expressions - Removed G115 exclusion from golangci.yml (now explicitly handled per-line) Suppressions justify why each conversion is safe (e.g., port numbers are bounded 1-65535, DNS TTL limits, pool lengths, etc.) Signed-off-by: Azeez Syed <syedazeez337@gmail.com>
28 lines
776 B
Go
28 lines
776 B
Go
// Package bufsize implements a plugin that clamps EDNS0 buffer size preventing packet fragmentation.
|
|
package bufsize
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/coredns/coredns/plugin"
|
|
|
|
"github.com/miekg/dns"
|
|
)
|
|
|
|
// Bufsize implements bufsize plugin.
|
|
type Bufsize struct {
|
|
Next plugin.Handler
|
|
Size int
|
|
}
|
|
|
|
// ServeDNS implements the plugin.Handler interface.
|
|
func (buf Bufsize) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {
|
|
if option := r.IsEdns0(); option != nil && int(option.UDPSize()) > buf.Size {
|
|
option.SetUDPSize(uint16(buf.Size)) // #nosec G115 -- buffer size fits in uint16
|
|
}
|
|
return plugin.NextOrFailure(buf.Name(), buf.Next, ctx, w, r)
|
|
}
|
|
|
|
// Name implements the Handler interface.
|
|
func (buf Bufsize) Name() string { return "bufsize" }
|