Quiet warnings about integer truncation (#586)

Both MinVersion and MaxVersion of crypto/tls.Config are uint16, so the
int16 fields of rules.insecureConfigTLS are too small. GetInt()
interprets integer literals as fitting within 64-bits, so simplify
things by using int64.
This commit is contained in:
Chris Bandy 2021-03-03 03:05:33 -06:00 committed by GitHub
parent bf2cd2392b
commit 27a5ffb5c8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -26,12 +26,12 @@ import (
type insecureConfigTLS struct {
gosec.MetaData
MinVersion int16
MaxVersion int16
MinVersion int64
MaxVersion int64
requiredType string
goodCiphers []string
actualMinVersion int16
actualMaxVersion int16
actualMinVersion int64
actualMaxVersion int64
}
func (t *insecureConfigTLS) ID() string {
@ -86,7 +86,7 @@ func (t *insecureConfigTLS) processTLSConfVal(n *ast.KeyValueExpr, c *gosec.Cont
case "MinVersion":
if ival, ierr := gosec.GetInt(n.Value); ierr == nil {
t.actualMinVersion = (int16)(ival)
t.actualMinVersion = ival
} else {
if se, ok := n.Value.(*ast.SelectorExpr); ok {
if pkg, ok := se.X.(*ast.Ident); ok && pkg.Name == "tls" {
@ -97,7 +97,7 @@ func (t *insecureConfigTLS) processTLSConfVal(n *ast.KeyValueExpr, c *gosec.Cont
case "MaxVersion":
if ival, ierr := gosec.GetInt(n.Value); ierr == nil {
t.actualMaxVersion = (int16)(ival)
t.actualMaxVersion = ival
} else {
if se, ok := n.Value.(*ast.SelectorExpr); ok {
if pkg, ok := se.X.(*ast.Ident); ok && pkg.Name == "tls" {
@ -117,8 +117,8 @@ func (t *insecureConfigTLS) processTLSConfVal(n *ast.KeyValueExpr, c *gosec.Cont
return nil
}
func (t *insecureConfigTLS) mapVersion(version string) int16 {
var v int16
func (t *insecureConfigTLS) mapVersion(version string) int64 {
var v int64
switch version {
case "VersionTLS13":
v = tls.VersionTLS13