Skip to content

Commit

Permalink
[FIX] Security issues
Browse files Browse the repository at this point in the history
  • Loading branch information
@ruiztulio
ruiztulio committed Oct 18, 2024
1 parent b3ca668 commit c9b3aa8
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 3 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/golangci-lint.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,5 +15,5 @@ jobs:
- name: golangci-lint
uses: golangci/golangci-lint-action@v6
with:
version: v1.60
version: v1.61
skip-cache: true
4 changes: 2 additions & 2 deletions .github/workflows/gosec.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@ jobs:
GO111MODULE: on
steps:
- name: Checkout Source
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
args: -exclude=G306 ./...
args: -exclude=G306 -exclude=G115 ./...
8 changes: 8 additions & 0 deletions utils/bash.go
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package utils

import (
"math"
"os"
"os/exec"
"os/user"
Expand All @@ -24,11 +25,18 @@ func GetUserUIDs(username string) (uint32, uint32, error) {
if err != nil {
return 0, 0, err
}
if uid < 0 || uid > math.MaxUint32 {
uid = 0
}

gid, err := strconv.Atoi(u.Gid)
if err != nil {
return 0, 0, err
}
if gid < 0 || uid > math.MaxUint32 {
gid = 0
}

return uint32(uid), uint32(gid), nil
}

Expand Down

0 comments on commit c9b3aa8

Please sign in to comment.