Skip to content

Commit

Permalink
fix: converstion issues found via gosec
Browse files Browse the repository at this point in the history
  • Loading branch information
@adamdecaf
adamdecaf committed Oct 9, 2024
1 parent 6d0b09d commit b3f078d
Show file tree
Hide file tree
Showing 4 changed files with 45 additions and 14 deletions.
23 changes: 17 additions & 6 deletions converters.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,12 @@ func (c *converters) parseAlphaField(r string, max uint) string {
if ln > max {
return r[ln-max:]
}
if count := int(max - ln); validSize(count) {
r += strings.Repeat(" ", count)

rem := max - ln
if !validSizeUint(rem) {
return ""
} else {
r += strings.Repeat(" ", int(rem)) //nolint:gosec
}
return r
}
Expand All @@ -44,8 +48,12 @@ func (c *converters) numericStringField(s string, max uint) string {
if ln > max {
return s[ln-max:]
}
if count := int(max - ln); validSize(count) {
s = strings.Repeat("0", count) + s

rem := max - ln
if !validSizeUint(rem) {
return ""
} else {
s = strings.Repeat("0", int(rem)) + s //nolint:gosec
}
return s
}
Expand All @@ -65,8 +73,11 @@ func (c *converters) formatAlphaField(s string, max uint, options FormatOptions)
return s[:max]
}
if !options.VariableLengthFields {
if count := int(max - ln); validSize(count) {
s += strings.Repeat(" ", count)
rem := max - ln
if !validSizeUint(rem) {
return ""
} else {
s += strings.Repeat(" ", int(rem)) //nolint:gosec
}
}
return s
Expand Down
8 changes: 6 additions & 2 deletions unstructuredAddenda.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ func (ua *UnstructuredAddenda) String() string {
buf.WriteString(ua.tag)
buf.WriteString(ua.AddendaLengthField())

if size := ua.parseNumField(ua.AddendaLength); validSize(size) {
if size := ua.parseNumField(ua.AddendaLength); validSizeInt(size) {
buf.Grow(size)
}

Expand Down Expand Up @@ -123,5 +123,9 @@ func (ua *UnstructuredAddenda) AddendaLengthField() string {

// AddendaField gets a string of the Addenda field
func (ua *UnstructuredAddenda) AddendaField() string {
return ua.alphaField(ua.Addenda, uint(ua.parseNumField(ua.AddendaLength)))
max := ua.parseNumField(ua.AddendaLength)
if max < 0 || !validSizeInt(max) {
return ""
}
return ua.alphaField(ua.Addenda, uint(max))
}
6 changes: 5 additions & 1 deletion validators.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,10 +31,14 @@ const (
maxBufferGrowth = 1e8
)

func validSize(n int) bool {
func validSizeInt(n int) bool {
return n > 0 && n < maxBufferGrowth
}

func validSizeUint(n uint) bool {
return n < maxBufferGrowth
}

// validator is common validation and formatting of golang types to WIRE type strings
type validator struct{}

Expand Down
22 changes: 17 additions & 5 deletions validators_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,19 +13,31 @@ import (
)

func TestValidSize(t *testing.T) {
require.True(t, validSize(10))
require.True(t, validSize(1e7))
require.True(t, validSizeInt(10))
require.True(t, validSizeInt(1e7))

require.False(t, validSize(1e8+1))
require.False(t, validSize(1e9))
require.False(t, validSize(math.MaxInt))
require.False(t, validSizeInt(1e8+1))
require.False(t, validSizeInt(1e9))
require.False(t, validSizeInt(math.MaxInt))

t.Run("don't grow", func(t *testing.T) {
ua := &UnstructuredAddenda{}
ua.AddendaLength = fmt.Sprintf("%0.0f", 1e9)
expected := "1000"
require.Equal(t, expected, ua.String())
})

t.Run("int", func(t *testing.T) {
require.False(t, validSizeInt(int(1e9)))
})

t.Run("uint", func(t *testing.T) {
a := uint(100)
b := uint(201)

require.False(t, validSizeUint(a-b))
require.True(t, validSizeUint(b-a))
})
}

func TestValidators__validateOptionFName(t *testing.T) {
Expand Down

0 comments on commit b3f078d

Please sign in to comment.