From a2cf933c733920ef5de573940d76104d3cf65f57 Mon Sep 17 00:00:00 2001 From: huof6890 <68298506@qq.com> Date: Thu, 14 Jul 2022 16:41:18 +0800 Subject: [PATCH 1/5] fix gosec error --- pkg/recovery/recovery.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/pkg/recovery/recovery.go b/pkg/recovery/recovery.go index a2612817d3..35127ce3a0 100644 --- a/pkg/recovery/recovery.go +++ b/pkg/recovery/recovery.go @@ -79,14 +79,18 @@ func LogCrash(r interface{}) { } func writeHeapProfile(path string) { - f, err := os.OpenFile(path, os.O_CREATE|os.O_RDWR, 0644) + f, err := os.OpenFile(filepath.Clean(path), os.O_CREATE|os.O_RDWR, 0600) if err != nil { log.S().Errorf("crashlog: open heap profile error: %v", err) return } - defer f.Close() if err := pprof.WriteHeapProfile(f); err != nil { log.S().Errorf("crashlog: write heap profile error: %v", err) + return + } + if err = f.Close(); err != nil { + log.S().Errorf("crashlog: close heap profile error: %v", err) + return } } From 6e5b292427717ac18ec9ae221b67d135e566baea Mon Sep 17 00:00:00 2001 From: huof6890 <68298506@qq.com> Date: Thu, 14 Jul 2022 16:50:09 +0800 Subject: [PATCH 2/5] fix ioctl/doc gosec --- ioctl/doc/doc.go | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/ioctl/doc/doc.go b/ioctl/doc/doc.go index 2a7cebed66..1afdb80d86 100644 --- a/ioctl/doc/doc.go +++ b/ioctl/doc/doc.go @@ -32,19 +32,17 @@ func GenMarkdownTreeCustom(c *cobra.Command, dir string, name string, path strin filename = filepath.Join(path, "README.md") } - f, err := os.Create(filename) + f, err := os.Create(filepath.Clean(filename)) if err != nil { return err } - defer f.Close() - if _, err := io.WriteString(f, filePrepender(filename)); err != nil { return err } if err := GenMarkdownCustom(c, f, linkHandler); err != nil { return err } - return nil + return f.Close() } // GenMarkdownCustom creates custom markdown output. From 7b5e8e760b0c172987919797bdf4d309f5b2537d Mon Sep 17 00:00:00 2001 From: huof6890 <68298506@qq.com> Date: Mon, 18 Jul 2022 20:42:41 +0800 Subject: [PATCH 3/5] move into defer --- ioctl/doc/doc.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ioctl/doc/doc.go b/ioctl/doc/doc.go index 1afdb80d86..44ccf98803 100644 --- a/ioctl/doc/doc.go +++ b/ioctl/doc/doc.go @@ -36,13 +36,16 @@ func GenMarkdownTreeCustom(c *cobra.Command, dir string, name string, path strin if err != nil { return err } + defer func() error { + return f.Close() + }() if _, err := io.WriteString(f, filePrepender(filename)); err != nil { return err } if err := GenMarkdownCustom(c, f, linkHandler); err != nil { return err } - return f.Close() + return nil } // GenMarkdownCustom creates custom markdown output. From 5c265dda38911f984ac249f0a6302408770ee8b1 Mon Sep 17 00:00:00 2001 From: huof6890 <68298506@qq.com> Date: Tue, 19 Jul 2022 09:45:58 +0800 Subject: [PATCH 4/5] move f.Close() into defer --- ioctl/doc/doc.go | 6 +++--- pkg/recovery/recovery.go | 10 ++++++---- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/ioctl/doc/doc.go b/ioctl/doc/doc.go index 44ccf98803..cc88297a76 100644 --- a/ioctl/doc/doc.go +++ b/ioctl/doc/doc.go @@ -36,8 +36,8 @@ func GenMarkdownTreeCustom(c *cobra.Command, dir string, name string, path strin if err != nil { return err } - defer func() error { - return f.Close() + defer func() { + err = f.Close() }() if _, err := io.WriteString(f, filePrepender(filename)); err != nil { return err @@ -45,7 +45,7 @@ func GenMarkdownTreeCustom(c *cobra.Command, dir string, name string, path strin if err := GenMarkdownCustom(c, f, linkHandler); err != nil { return err } - return nil + return err } // GenMarkdownCustom creates custom markdown output. diff --git a/pkg/recovery/recovery.go b/pkg/recovery/recovery.go index 35127ce3a0..b9c012e494 100644 --- a/pkg/recovery/recovery.go +++ b/pkg/recovery/recovery.go @@ -84,14 +84,16 @@ func writeHeapProfile(path string) { log.S().Errorf("crashlog: open heap profile error: %v", err) return } + defer func() { + if err = f.Close(); err != nil { + log.S().Errorf("crashlog: close heap profile error: %v", err) + return + } + }() if err := pprof.WriteHeapProfile(f); err != nil { log.S().Errorf("crashlog: write heap profile error: %v", err) return } - if err = f.Close(); err != nil { - log.S().Errorf("crashlog: close heap profile error: %v", err) - return - } } func printInfo(name string, info func() (interface{}, error)) { From 7907629128bffca43f0963d523e1aaef66a0e918 Mon Sep 17 00:00:00 2001 From: huof6890 <68298506@qq.com> Date: Tue, 19 Jul 2022 13:16:27 +0800 Subject: [PATCH 5/5] fix err return wrong --- ioctl/doc/doc.go | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/ioctl/doc/doc.go b/ioctl/doc/doc.go index cc88297a76..37573ca7ae 100644 --- a/ioctl/doc/doc.go +++ b/ioctl/doc/doc.go @@ -16,12 +16,12 @@ import ( // GenMarkdownTreeCustom is the the same as GenMarkdownTree, but // with custom filePrepender and linkHandler. func GenMarkdownTreeCustom(c *cobra.Command, dir string, name string, path string, filePrepender func(string) string, - linkHandler func(*cobra.Command, string) string) error { + linkHandler func(*cobra.Command, string) string) (err error) { for _, child := range c.Commands() { if !child.IsAvailableCommand() || child.IsAdditionalHelpTopicCommand() { continue } - if err := GenMarkdownTreeCustom(child, dir, name, path, filePrepender, linkHandler); err != nil { + if err = GenMarkdownTreeCustom(child, dir, name, path, filePrepender, linkHandler); err != nil { return err } } @@ -32,17 +32,18 @@ func GenMarkdownTreeCustom(c *cobra.Command, dir string, name string, path strin filename = filepath.Join(path, "README.md") } - f, err := os.Create(filepath.Clean(filename)) + var f *os.File + f, err = os.Create(filepath.Clean(filename)) if err != nil { return err } defer func() { err = f.Close() }() - if _, err := io.WriteString(f, filePrepender(filename)); err != nil { + if _, err = io.WriteString(f, filePrepender(filename)); err != nil { return err } - if err := GenMarkdownCustom(c, f, linkHandler); err != nil { + if err = GenMarkdownCustom(c, f, linkHandler); err != nil { return err } return err