cloud-on-k8s icon indicating copy to clipboard operation
cloud-on-k8s copied to clipboard

Published 20 hours ago verified publisher icon elastic

Enable gosec G115 check for potential integer overflow in type conversions

Open thbkrkr opened this issue 1 year ago • 0 comments
trafficstars

This ticket is to enable the gosec check brought by the update of golangci-lint to v1.61.0 in #8018, and currently disabled.

gosec:
    excludes:
      - G115 # potential integer overflow when converting between integer types

Per https://github.com/elastic/cloud-on-k8s/pull/8018#discussion_r1782184468, there are indeed some cases where conversion is not needed or maybe dangerous, so it would be good to remove the exclusion and do a proper refactoring.

Warnings:

pkg/controller/common/version/version.go:85:30: G115: integer overflow conversion int -> uint64 (gosec)
        return Version{Major: uint64(major), Minor: uint64(minor), Patch: uint64(patch)}
                                    ^
pkg/utils/log/log.go:123:44: G115: integer overflow conversion int -> int8 (gosec)
                return zap.NewAtomicLevelAt(zapcore.Level(*v * -1))
                                                         ^
pkg/dev/portforward/service_forwarder.go:113:24: G115: integer overflow conversion int -> int32 (gosec)
                if port.Port == int32(servicePort) {
                                     ^
pkg/dev/portforward/service_forwarder.go:139:34: G115: integer overflow conversion int -> int32 (gosec)
                        foundPort = port.Port == int32(targetPort.IntValue())
                                                      ^
pkg/controller/common/license/verifier.go:52:18: G115: integer overflow conversion int -> uint32 (gosec)
        maxLen := uint32(len(allParts))
                        ^
pkg/controller/common/license/verifier.go:266:39: G115: integer overflow conversion int -> uint32 (gosec)
        binary.BigEndian.PutUint32(in, uint32(i))
                                             ^
pkg/controller/elasticsearch/reconcile/state.go:122:33: G115: integer overflow conversion int -> int32 (gosec)
        s.status.AvailableNodes = int32(len(AvailableElasticsearchNodes(resourcesState.CurrentPods)))
                                       ^
pkg/telemetry/telemetry.go:271:34: G115: integer overflow conversion int -> int32 (gosec)
                        DistinctNodeLabelsCount: int32(distinctNodeLabels.Count()),
                                                      ^
pkg/telemetry/telemetry.go:280:41: G115: integer overflow conversion int -> int32 (gosec)
                stats.AutoscaledResourceCount += int32(len(esaList.Items))
                                                      ^
pkg/telemetry/telemetry.go:422:32: G115: integer overflow conversion int -> int32 (gosec)
                        stats[serviceCount] += int32(len(ls.Spec.Services))
                                                    ^
pkg/telemetry/telemetry.go:424:33: G115: integer overflow conversion int -> int32 (gosec)
                        stats[pipelineCount] += int32(len(ls.Spec.Pipelines))
                                                     ^
pkg/controller/elasticsearch/driver/downscale_invariants.go:64:9: G115: integer overflow conversion int -> int32 (gosec)
                        int32(len(nodesReady)),
                             ^
pkg/controller/elasticsearch/driver/fixtures.go:138:41: G115: integer overflow conversion int -> int32 (gosec)
                                        MaxUnavailable: ptr.To[int32](int32(maxUnavailable)),
                                                                           ^
test/e2e/test/elasticsearch/builder.go:225:15: G115: integer overflow conversion int -> int32 (gosec)
                Count: int32(count),
                            ^
test/e2e/test/elasticsearch/builder.go:236:15: G115: integer overflow conversion int -> int32 (gosec)
                Count: int32(count),
                            ^
test/e2e/test/elasticsearch/builder.go:247:15: G115: integer overflow conversion int -> int32 (gosec)
                Count: int32(count),
                            ^
test/e2e/test/elasticsearch/builder.go:258:21: G115: integer overflow conversion int -> int32 (gosec)
                Count:       int32(count),
                                  ^
test/e2e/test/elasticsearch/builder.go:287:15: G115: integer overflow conversion int -> int32 (gosec)
                Count: int32(count),
                            ^
test/e2e/test/elasticsearch/checks_budget.go:70:39: G115: integer overflow conversion int -> int32 (gosec)
                        PodCounts = append(PodCounts, int32(len(pods)))
                                                           ^
test/e2e/test/elasticsearch/checks_budget.go:71:49: G115: integer overflow conversion int -> int32 (gosec)
                        ReadyPodCounts = append(ReadyPodCounts, int32(len(podsReady)))
                                                                     ^
test/e2e/test/elasticsearch/checks_k8s.go:283:12: G115: integer overflow conversion int -> int32 (gosec)
                        if int32(len(pods)) != b.Elasticsearch.Spec.NodeCount() {
                                ^
test/e2e/test/logstash/builder.go:95:31: G115: integer overflow conversion int -> int32 (gosec)
        b.Logstash.Spec.Count = int32(count)
                                     ^
test/e2e/test/logstash/checks.go:284:29: G115: integer overflow conversion int -> int32 (gosec)
                                portsPerService := int32(len(r.Service.Spec.Ports))
                                                        ^
test/e2e/test/logstash/checks.go:299:13: G115: integer overflow conversion int -> int32 (gosec)
                                if int32(len(endpoints.Subsets[0].Addresses)*len(endpoints.Subsets[0].Ports)) != addrPortCount {
                                        ^
test/e2e/test/enterprisesearch/builder.go:143:39: G115: integer overflow conversion int -> int32 (gosec)
        b.EnterpriseSearch.Spec.Count = int32(count)

thbkrkr avatar Oct 01 '24 08:10 thbkrkr