-
Notifications
You must be signed in to change notification settings - Fork 194
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: fix new gosec
reported issues
#4259
base: main
Are you sure you want to change the base?
Conversation
@@ -925,13 +925,13 @@ func (c *AskerConsole) Handles() ConsoleHandles { | |||
} | |||
|
|||
// consoleWidth the number of columns in the active console window | |||
func consoleWidth() int { | |||
func consoleWidth() int64 { | |||
width, _ := consolesize.GetConsoleSize() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just threw more memory (and maybe slightly more CPU cycles) at the problem here -- there wasn't an actual overflow risk.
The underlying row/column counts are actually uint16
, being returned as int
. But the safest thing for us to do is to always give more buffer.
} | ||
|
||
if count == 1 { | ||
return items[0] | ||
} | ||
|
||
if count == 2 { | ||
//nolint:gosec // G602: slice index out of range - false positive, we know the slice has at least 2 elements |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I haven't found a better way to rewrite the function in a cleaner fashion. Here, gosec
isn't correctly inferring count
refers to len(items)
in this usage.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder if a switch
on len(items)
would help the analysis here? 🤷.
@@ -517,7 +517,7 @@ func extractFromTar(src, dst string) (string, error) { | |||
// cspell: disable-next-line `Typeflag` is comming fron *tar.Header | |||
if fileHeader.Typeflag == tar.TypeReg && fileName == "gh" { | |||
filePath := filepath.Join(dst, fileName) | |||
ghCliFile, err := os.OpenFile(filePath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, os.FileMode(fileHeader.Mode)) | |||
ghCliFile, err := os.OpenFile(filePath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, fileHeader.FileInfo().Mode()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is shifting the problem to the std library without actually changing behavior.. Under the covers, the same conversion happens. It at least safer in some regards since we're no longer holding the burden here, but I'm really open to any suggestions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can't think of anything better here either.
Azure Dev CLI Install InstructionsInstall scriptsMacOS/Linux
bash:
pwsh:
WindowsPowerShell install
MSI install
Standalone Binary
MSI
Documentationlearn.microsoft.com documentationtitle: Azure Developer CLI reference
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM - Thanks for the cleanups.
Fixing new reported
gosec
issues. Issues are largely false-positive in nature that don't matter in practice.