Update workflow and fix gosec reported issue (#14)

dell · Feb 7, 2022 · df34fd2 · df34fd2
1 parent 96c2320
commit df34fd2
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 4 deletions.
diff --git a/.github/workflows/actions.yml b/.github/workflows/actions.yml
@@ -23,6 +23,8 @@ jobs:
         uses: actions/checkout@v2
       - name: Run Go Security
         uses: securego/gosec@master
+        with:
+          args: ./...
   malware_security_scan:
     name: Malware Scanner
     runs-on: ubuntu-latest

diff --git a/inttests/common.go b/inttests/common.go
@@ -19,9 +19,9 @@
 package inttests
 
 import (
-	"math/rand"
+	"crypto/rand"
+	"math/big"
 	"testing"
-	"time"
 )
 
 func checkAPIErr(t *testing.T, err error) {
@@ -40,10 +40,14 @@ func skipTestOnError(t *testing.T, err error) {
 const letters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
 
 func randString(n int) string {
-	rand.Seed(time.Now().UnixNano())
 	b := make([]byte, n)
 	for i := range b {
-		b[i] = letters[rand.Intn(len(letters))]
+		if len(letters) > 0 {
+			n, err := rand.Int(rand.Reader, big.NewInt(int64(len(letters))))
+			if err == nil {
+				b[i] = letters[n.Int64()]
+			}
+		}
 	}
 	return string(b)
 }