Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2026-01-13 04:11:20 -05:00
Code Issues Packages Projects Releases Wiki Activity

plugin: fix gosec G115 integer overflow warnings (#7799)

Browse Source 
Fix integer overflow conversion warnings (G115) by adding appropriate
suppressions where values are provably bounded.

Fixes: https://github.com/coredns/coredns/issues/7793

Changes:
- Updated 56 G115 annotations to use consistent // #nosec G115 format
- Added 2 //nolint:gosec suppressions for conditional expressions
- Removed G115 exclusion from golangci.yml (now explicitly handled per-line)

Suppressions justify why each conversion is safe (e.g., port numbers
are bounded 1-65535, DNS TTL limits, pool lengths, etc.)

Signed-off-by: Azeez Syed <syedazeez337@gmail.com>
This commit is contained in:
Syed Azeez
2026-01-01 13:50:29 +05:30
committed by GitHub
parent be934b2b06
commit 7b38eb8625
26 changed files with 58 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
core/dnsserver/server_quic.go
View File

@@ -363,7 +363,8 @@ func readDOQMessage(r io.Reader) ([]byte, error) {
// A client or server receives a STREAM FIN before receiving all the bytes
// for a message indicated in the 2-octet length field.
// See https://www.rfc-editor.org/rfc/rfc9250#section-4.3.3-2.2
if size != uint16(len(buf)) {
//nolint:gosec
if size != uint16(len(buf)) { // #nosec G115 -- buf length fits in uint16
return nil, fmt.Errorf("message size does not match 2-byte prefix")
}