lukaszraczylo/lolcathost
1
0
Fork 0
mirror of https://github.com/lukaszraczylo/lolcathost.git synced 2026-06-15 01:41:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

gosec govulncheck runs (#1)

Browse Source 
* gosec govulncheck runs

* Fix flaky TestRateLimiter_Matrix test

The test was failing due to two issues:
1. Test name generation used invalid character conversion (string(rune('0'+limit)))
   which produced non-printable characters for limits >= 10
2. Using 10ms windows with 100 requests caused race conditions - early requests
   would expire before all 100 were made, allowing the 101st request

Changed to use struct-based test cases with proper fmt.Sprintf naming and
a consistent 1-second window that won't expire during rapid test execution.
This commit is contained in:
Lukasz Raczylo
2025-12-09 01:07:16 +00:00
committed by GitHub
parent 27d5011ab1
commit 29263dc8a2
17 changed files with 80 additions and 215 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/daemon/hosts.go
+7 -2
View File
@@ -178,13 +178,14 @@ func (m *HostsManager) buildManagedSection(entries []HostEntry) string {
func (m *HostsManager) writeAtomic(content string) error {
// Write to temp file first
tmpFile := m.hostsPath + ".tmp"
// #nosec G306 -- hosts file must be world-readable
if err := os.WriteFile(tmpFile, []byte(content), 0644); err != nil {
return err
}
// Rename atomically
if err := os.Rename(tmpFile, m.hostsPath); err != nil {
os.Remove(tmpFile)
_ = os.Remove(tmpFile)
return err
}
@@ -193,6 +194,7 @@ func (m *HostsManager) writeAtomic(content string) error {
// CreateBackup creates a backup of the current hosts file.
func (m *HostsManager) CreateBackup() error {
// #nosec G301 -- backup directory should be world-readable for recovery
if err := os.MkdirAll(m.backupDir, 0755); err != nil {
return fmt.Errorf("failed to create backup directory: %w", err)
}
@@ -205,6 +207,7 @@ func (m *HostsManager) CreateBackup() error {
timestamp := time.Now().Format("20060102-150405")
backupPath := filepath.Join(m.backupDir, fmt.Sprintf("hosts.%s.bak", timestamp))
// #nosec G306 -- backup files should be world-readable for recovery
if err := os.WriteFile(backupPath, content, 0644); err != nil {
return fmt.Errorf("failed to write backup: %w", err)
}
@@ -243,7 +246,7 @@ func (m *HostsManager) cleanupBackups() error {
// Remove oldest backups
for i := MaxBackups; i < len(backups); i++ {
path := filepath.Join(m.backupDir, backups[i].Name())
os.Remove(path)
_ = os.Remove(path)
}
return nil
@@ -301,6 +304,7 @@ func (m *HostsManager) GetBackupContent(name string) (string, error) {
return "", fmt.Errorf("invalid backup name")
}
// #nosec G304 -- backupPath is validated above: filepath.Base(name) == name and prefix/suffix checks
content, err := os.ReadFile(backupPath)
if err != nil {
return "", fmt.Errorf("failed to read backup: %w", err)
@@ -318,6 +322,7 @@ func (m *HostsManager) RestoreBackup(name string) error {
return fmt.Errorf("invalid backup name")
}
// #nosec G304 -- backupPath is validated above: filepath.Base(name) == name and prefix/suffix checks
content, err := os.ReadFile(backupPath)
if err != nil {
return fmt.Errorf("failed to read backup: %w", err)