3pp-mirror/pushbits
1
0
Fork 0
mirror of https://github.com/pushbits/server.git synced 2025-05-02 19:56:15 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add scans with gosec

Browse source
This commit is contained in:
eikendev 2022-02-13 15:06:54 +01:00
parent 56f39cf64c
commit 5cd3627dc6
No known key found for this signature in database
GPG key ID: A1BDB1B28C8EF694
8 changed files with 47 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Makefile
View file

@ -13,10 +13,12 @@ test:
gocyclo -over 10 $(shell find . -iname '*.go' -type f) gocyclo -over 10 $(shell find . -iname '*.go' -type f)
staticcheck ./... staticcheck ./...
go test -v -cover ./... go test -v -cover ./...
gosec -exclude-dir=tests ./...
.PHONY: setup .PHONY: setup
setup: setup:
go install github.com/fzipp/gocyclo/cmd/gocyclo@latest go install github.com/fzipp/gocyclo/cmd/gocyclo@latest
go install github.com/securego/gosec/v2/cmd/gosec@latest
go install github.com/swaggo/swag/cmd/swag@latest go install github.com/swaggo/swag/cmd/swag@latest
go install honnef.co/go/tools/cmd/staticcheck@latest go install honnef.co/go/tools/cmd/staticcheck@latest

5
cmd/pushbits/main.go
View file

@ -77,5 +77,8 @@ func main() {
engine := router.Create(c.Debug, cm, db, dp) engine := router.Create(c.Debug, cm, db, dp)
runner.Run(engine, c.HTTP.ListenAddress, c.HTTP.Port) err = runner.Run(engine, c.HTTP.ListenAddress, c.HTTP.Port)
if err != nil {
log.Fatal(err)
}
} }

7
internal/api/application.go
View file

@ -35,7 +35,11 @@ func (h *ApplicationHandler) registerApplication(ctx *gin.Context, a *model.Appl
} }
a.MatrixID = channelID a.MatrixID = channelID
h.DB.UpdateApplication(a)
err = h.DB.UpdateApplication(a)
if success := successOrAbort(ctx, http.StatusInternalServerError, err); !success {
return err
}
return nil return nil
} }
@ -55,7 +59,6 @@ func (h *ApplicationHandler) createApplication(ctx *gin.Context, u *model.User,
if err := h.registerApplication(ctx, &application, u); err != nil { if err := h.registerApplication(ctx, &application, u); err != nil {
err := h.DB.DeleteApplication(&application) err := h.DB.DeleteApplication(&application)
if success := successOrAbort(ctx, http.StatusInternalServerError, err); !success { if success := successOrAbort(ctx, http.StatusInternalServerError, err); !success {
log.Printf("Cannot delete application with ID %d.", application.ID) log.Printf("Cannot delete application with ID %d.", application.ID)
} }

6
internal/api/user.go
View file

@ -44,6 +44,8 @@ func (h *UserHandler) deleteApplications(ctx *gin.Context, u *model.User) error
} }
for _, application := range applications { for _, application := range applications {
application := application // See https://stackoverflow.com/a/68247837
if err := h.AH.deleteApplication(ctx, &application, u); err != nil { if err := h.AH.deleteApplication(ctx, &application, u); err != nil {
return err return err
} }
@ -59,6 +61,8 @@ func (h *UserHandler) updateChannels(ctx *gin.Context, u *model.User, matrixID s
} }
for _, application := range applications { for _, application := range applications {
application := application // See https://stackoverflow.com/a/68247837
err := h.DP.DeregisterApplication(&application, u) err := h.DP.DeregisterApplication(&application, u)
if success := successOrAbort(ctx, http.StatusInternalServerError, err); !success { if success := successOrAbort(ctx, http.StatusInternalServerError, err); !success {
return err return err
@ -68,6 +72,8 @@ func (h *UserHandler) updateChannels(ctx *gin.Context, u *model.User, matrixID s
u.MatrixID = matrixID u.MatrixID = matrixID
for _, application := range applications { for _, application := range applications {
application := application // See https://stackoverflow.com/a/68247837
err := h.AH.registerApplication(ctx, &application, u) err := h.AH.registerApplication(ctx, &application, u)
if err != nil { if err != nil {
return err return err

4
internal/authentication/credentials/hibp.go
View file

@ -1,7 +1,7 @@
package credentials package credentials
import ( import (
"crypto/sha1" "crypto/sha1" //#nosec G505 -- False positive, see the use below.
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"log" "log"
@ -21,7 +21,7 @@ func IsPasswordPwned(password string) (bool, error) {
return true, nil return true, nil
} }
hash := sha1.Sum([]byte(password)) hash := sha1.Sum([]byte(password)) //#nosec G401 -- False positive, only the first 5 bytes are transmitted.
hashStr := fmt.Sprintf("%X", hash) hashStr := fmt.Sprintf("%X", hash)
lookup := hashStr[0:5] lookup := hashStr[0:5]
match := hashStr[5:] match := hashStr[5:]

20
internal/database/database.go
View file

@ -24,8 +24,10 @@ type Database struct {
} }
func createFileDir(file string) { func createFileDir(file string) {
if _, err := os.Stat(filepath.Dir(file)); os.IsNotExist(err) { dir := filepath.Dir(file)
if err := os.MkdirAll(filepath.Dir(file), 0775); err != nil {
if _, err := os.Stat(dir); os.IsNotExist(err) {
if err := os.MkdirAll(dir, 0750); err != nil {
panic(err) panic(err)
} }
} }
@ -67,14 +69,20 @@ func Create(cm *credentials.Manager, dialect, connection string) (*Database, err
sql.SetConnMaxLifetime(9 * time.Minute) sql.SetConnMaxLifetime(9 * time.Minute)
} }
db.AutoMigrate(&model.User{}, &model.Application{}) err = db.AutoMigrate(&model.User{}, &model.Application{})
if err != nil {
return nil, err
}
return &Database{gormdb: db, sqldb: sql, credentialsManager: cm}, nil return &Database{gormdb: db, sqldb: sql, credentialsManager: cm}, nil
} }
// Close closes the database connection. // Close closes the database connection.
func (d *Database) Close() { func (d *Database) Close() {
d.sqldb.Close() err := d.sqldb.Close()
if err != nil {
log.Printf("Error while closing database: %s", err)
}
} }
// Populate fills the database with initial information like the admin user. // Populate fills the database with initial information like the admin user.
@ -111,12 +119,16 @@ func (d *Database) RepairChannels(dp Dispatcher) error {
} }
for _, user := range users { for _, user := range users {
user := user // See https://stackoverflow.com/a/68247837
applications, err := d.GetApplications(&user) applications, err := d.GetApplications(&user)
if err != nil { if err != nil {
return err return err
} }
for _, application := range applications { for _, application := range applications {
application := application // See https://stackoverflow.com/a/68247837
if err := dp.UpdateApplication(&application); err != nil { if err := dp.UpdateApplication(&application); err != nil {
return err return err
} }

6
internal/dispatcher/dispatcher.go
View file

@ -44,7 +44,11 @@ func Create(homeserver, username, password string, formatting configuration.Form
func (d *Dispatcher) Close() { func (d *Dispatcher) Close() {
log.Printf("Logging out.") log.Printf("Logging out.")
d.client.Logout() _, err := d.client.Logout()
if err != nil {
log.Printf("Error while logging out: %s", err)
}
d.client.ClearCredentials() d.client.ClearCredentials()
log.Printf("Successfully logged out.") log.Printf("Successfully logged out.")

9
internal/runner/runner.go
View file

@ -7,6 +7,11 @@ import (
) )
// Run starts the Gin engine. // Run starts the Gin engine.
func Run(engine *gin.Engine, address string, port int) { func Run(engine *gin.Engine, address string, port int) error {
engine.Run(fmt.Sprintf("%s:%d", address, port)) err := engine.Run(fmt.Sprintf("%s:%d", address, port))
if err != nil {
return err
}
return nil
} }