mirror of
https://github.com/valyala/fasthttp.git
synced 2026-06-13 15:46:49 +03:00
Update securego/gosec from 2.23.0 to 2.25.0 (#2161)
This commit is contained in:
Erik Dubbelboer
GitHub
@@ -16,6 +16,6 @@ jobs:
|
||||
steps:
|
||||
- uses: actions/checkout@v6
|
||||
- name: Run Gosec Security Scanner
|
||||
uses: securego/gosec@v2.23.0
|
||||
uses: securego/gosec@v2.25.0
|
||||
with:
|
||||
args: '-exclude=G103,G104,G304,G402 ./...'
|
||||
|
||||
+38
-10
@@ -85,24 +85,24 @@ func ParseIPv4(dst net.IP, ipStr []byte) (net.IP, error) {
|
||||
if n < 0 {
|
||||
return dst, fmt.Errorf("cannot find dot in ipStr %q", ipStr)
|
||||
}
|
||||
v, err := ParseUint(b[:n])
|
||||
octet, parsed, err := parseIPv4Octet(b[:n])
|
||||
if err != nil {
|
||||
if errors.Is(err, errIPv4PartTooLarge) {
|
||||
return dst, fmt.Errorf("cannot parse ipStr %q: ip part cannot exceed 255: parsed %d", ipStr, parsed)
|
||||
}
|
||||
return dst, fmt.Errorf("cannot parse ipStr %q: %w", ipStr, err)
|
||||
}
|
||||
if v > 255 {
|
||||
return dst, fmt.Errorf("cannot parse ipStr %q: ip part cannot exceed 255: parsed %d", ipStr, v)
|
||||
}
|
||||
dst[i] = byte(v)
|
||||
dst[i] = octet
|
||||
b = b[n+1:]
|
||||
}
|
||||
v, err := ParseUint(b)
|
||||
octet, parsed, err := parseIPv4Octet(b)
|
||||
if err != nil {
|
||||
if errors.Is(err, errIPv4PartTooLarge) {
|
||||
return dst, fmt.Errorf("cannot parse ipStr %q: ip part cannot exceed 255: parsed %d", ipStr, parsed)
|
||||
}
|
||||
return dst, fmt.Errorf("cannot parse ipStr %q: %w", ipStr, err)
|
||||
}
|
||||
if v > 255 {
|
||||
return dst, fmt.Errorf("cannot parse ipStr %q: ip part cannot exceed 255: parsed %d", ipStr, v)
|
||||
}
|
||||
dst[3] = byte(v)
|
||||
dst[3] = octet
|
||||
|
||||
return dst, nil
|
||||
}
|
||||
@@ -141,6 +141,7 @@ func ParseUint(buf []byte) (int, error) {
|
||||
|
||||
var (
|
||||
errEmptyInt = errors.New("empty integer")
|
||||
errIPv4PartTooLarge = errors.New("ip part cannot exceed 255")
|
||||
errUnexpectedFirstChar = errors.New("unexpected first char found. Expecting 0-9")
|
||||
errUnexpectedTrailingChar = errors.New("unexpected trailing char found. Expecting 0-9")
|
||||
errTooLongInt = errors.New("too long int")
|
||||
@@ -171,6 +172,33 @@ func parseUintBuf(b []byte) (int, int, error) {
|
||||
return v, n, nil
|
||||
}
|
||||
|
||||
func parseIPv4Octet(b []byte) (byte, int, error) {
|
||||
if len(b) == 0 {
|
||||
return 0, 0, errEmptyInt
|
||||
}
|
||||
|
||||
var (
|
||||
octet byte
|
||||
parsed int
|
||||
)
|
||||
for i := range len(b) {
|
||||
c := b[i]
|
||||
k := c - '0'
|
||||
if k > 9 {
|
||||
if i == 0 {
|
||||
return 0, parsed, errUnexpectedFirstChar
|
||||
}
|
||||
return 0, parsed, errUnexpectedTrailingChar
|
||||
}
|
||||
parsed = parsed*10 + int(k)
|
||||
if octet > 25 || (octet == 25 && k > 5) {
|
||||
return 0, parsed, errIPv4PartTooLarge
|
||||
}
|
||||
octet = octet*10 + k
|
||||
}
|
||||
return octet, parsed, nil
|
||||
}
|
||||
|
||||
// ParseUfloat parses unsigned float from buf.
|
||||
func ParseUfloat(buf []byte) (float64, error) {
|
||||
// The implementation of parsing a float string is not easy.
|
||||
|
||||
+3
-5
@@ -2,6 +2,7 @@ package fasthttp
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"encoding/binary"
|
||||
"net"
|
||||
"sync"
|
||||
)
|
||||
@@ -136,10 +137,7 @@ func ip2uint32(ip net.IP) uint32 {
|
||||
}
|
||||
|
||||
func uint322ip(ip uint32) net.IP {
|
||||
b := make([]byte, 4)
|
||||
b[0] = byte(ip >> 24)
|
||||
b[1] = byte(ip >> 16)
|
||||
b[2] = byte(ip >> 8)
|
||||
b[3] = byte(ip)
|
||||
b := make(net.IP, net.IPv4len)
|
||||
binary.BigEndian.PutUint32(b, ip)
|
||||
return b
|
||||
}
|
||||
|
||||
+18
-7
@@ -136,13 +136,24 @@ func (p *Prefork) setTCPListenerFiles(addr string) error {
|
||||
}
|
||||
|
||||
func (p *Prefork) doCommand() (*exec.Cmd, error) {
|
||||
// #nosec G204
|
||||
cmd := exec.Command(os.Args[0], os.Args[1:]...)
|
||||
cmd.Stdout = os.Stdout
|
||||
cmd.Stderr = os.Stderr
|
||||
cmd.Env = append(os.Environ(), preforkChildEnvVariable+"=1")
|
||||
cmd.ExtraFiles = p.files
|
||||
err := cmd.Start()
|
||||
executable, err := os.Executable()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
args := make([]string, len(os.Args))
|
||||
args[0] = executable
|
||||
copy(args[1:], os.Args[1:])
|
||||
|
||||
cmd := &exec.Cmd{
|
||||
Path: executable,
|
||||
Args: args,
|
||||
Stdout: os.Stdout,
|
||||
Stderr: os.Stderr,
|
||||
Env: append(os.Environ(), preforkChildEnvVariable+"=1"),
|
||||
ExtraFiles: p.files,
|
||||
}
|
||||
err = cmd.Start()
|
||||
return cmd, err
|
||||
}
|
||||
|
||||
|
||||
+14
-1
@@ -66,8 +66,14 @@ func (cfg *Config) NewListener(network, addr string) (net.Listener, error) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
fdUintptr, err := safeIntToUintptr(fd)
|
||||
if err != nil {
|
||||
unix.Close(fd)
|
||||
return nil, fmt.Errorf("unexpected convert socket fd int to uintptr: %w", err)
|
||||
}
|
||||
|
||||
name := fmt.Sprintf("reuseport.%d.%s.%s", os.Getpid(), network, addr)
|
||||
file := os.NewFile(uintptr(fd), name)
|
||||
file := os.NewFile(fdUintptr, name)
|
||||
ln, err := net.FileListener(file)
|
||||
if err != nil {
|
||||
file.Close()
|
||||
@@ -190,3 +196,10 @@ func safeIntToUint32(i int) (uint32, error) {
|
||||
}
|
||||
return uint32(ui), nil
|
||||
}
|
||||
|
||||
func safeIntToUintptr(i int) (uintptr, error) {
|
||||
if i < 0 {
|
||||
return 0, errors.New("value is negative, cannot convert to uintptr")
|
||||
}
|
||||
return uintptr(i), nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user