mirror of
https://github.com/securego/gosec.git
synced 2024-12-25 03:55:54 +00:00
Quiet warnings about integer truncation (#586)
Both MinVersion and MaxVersion of crypto/tls.Config are uint16, so the int16 fields of rules.insecureConfigTLS are too small. GetInt() interprets integer literals as fitting within 64-bits, so simplify things by using int64.
This commit is contained in:
parent
bf2cd2392b
commit
27a5ffb5c8
1 changed files with 8 additions and 8 deletions
16
rules/tls.go
16
rules/tls.go
|
@ -26,12 +26,12 @@ import (
|
|||
|
||||
type insecureConfigTLS struct {
|
||||
gosec.MetaData
|
||||
MinVersion int16
|
||||
MaxVersion int16
|
||||
MinVersion int64
|
||||
MaxVersion int64
|
||||
requiredType string
|
||||
goodCiphers []string
|
||||
actualMinVersion int16
|
||||
actualMaxVersion int16
|
||||
actualMinVersion int64
|
||||
actualMaxVersion int64
|
||||
}
|
||||
|
||||
func (t *insecureConfigTLS) ID() string {
|
||||
|
@ -86,7 +86,7 @@ func (t *insecureConfigTLS) processTLSConfVal(n *ast.KeyValueExpr, c *gosec.Cont
|
|||
|
||||
case "MinVersion":
|
||||
if ival, ierr := gosec.GetInt(n.Value); ierr == nil {
|
||||
t.actualMinVersion = (int16)(ival)
|
||||
t.actualMinVersion = ival
|
||||
} else {
|
||||
if se, ok := n.Value.(*ast.SelectorExpr); ok {
|
||||
if pkg, ok := se.X.(*ast.Ident); ok && pkg.Name == "tls" {
|
||||
|
@ -97,7 +97,7 @@ func (t *insecureConfigTLS) processTLSConfVal(n *ast.KeyValueExpr, c *gosec.Cont
|
|||
|
||||
case "MaxVersion":
|
||||
if ival, ierr := gosec.GetInt(n.Value); ierr == nil {
|
||||
t.actualMaxVersion = (int16)(ival)
|
||||
t.actualMaxVersion = ival
|
||||
} else {
|
||||
if se, ok := n.Value.(*ast.SelectorExpr); ok {
|
||||
if pkg, ok := se.X.(*ast.Ident); ok && pkg.Name == "tls" {
|
||||
|
@ -117,8 +117,8 @@ func (t *insecureConfigTLS) processTLSConfVal(n *ast.KeyValueExpr, c *gosec.Cont
|
|||
return nil
|
||||
}
|
||||
|
||||
func (t *insecureConfigTLS) mapVersion(version string) int16 {
|
||||
var v int16
|
||||
func (t *insecureConfigTLS) mapVersion(version string) int64 {
|
||||
var v int64
|
||||
switch version {
|
||||
case "VersionTLS13":
|
||||
v = tls.VersionTLS13
|
||||
|
|
Loading…
Reference in a new issue