lint: Address int overflow issues

golangci-lint v1.60.2 reports potential int overflows when values are downcasted to a 'smaller' int type. This commit addresses these: - it assumes casting an uintptr file descriptor to int will always be fine - it adds a check that `vsockPort uint` is actually lower than `math.MaxUint` - it replaces `strconv.Atoi` with `strconv.ParseUint(_, _, 32)` as the latter guarantees that the returned value won't overflow an uint32. Signed-off-by: Christophe Fergeau <[email protected]>
cfergeau · Aug 22, 2024 · 47ece27 · 47ece27
1 parent 3b96df4
commit 47ece27
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 7 deletions.
diff --git a/pkg/vf/virtio.go b/pkg/vf/virtio.go
@@ -202,7 +202,7 @@ func (dev *VirtioRng) AddToVirtualMachineConfig(vmConfig *VirtualMachineConfigur
 // https://developer.apple.com/documentation/virtualization/running_linux_in_a_virtual_machine?language=objc#:~:text=Configure%20the%20Serial%20Port%20Device%20for%20Standard%20In%20and%20Out
 func setRawMode(f *os.File) error {
 	// Get settings for terminal
-	attr, _ := unix.IoctlGetTermios(int(f.Fd()), unix.TIOCGETA)
+	attr, _ := unix.IoctlGetTermios(int(f.Fd()), unix.TIOCGETA) //#nosec G115
 
 	// Put stdin into raw mode, disabling local echo, input canonicalization,
 	// and CR-NL mapping.
@@ -216,7 +216,7 @@ func setRawMode(f *os.File) error {
 	attr.Cc[syscall.VTIME] = 0
 
 	// reflects the changed settings
-	return unix.IoctlSetTermios(int(f.Fd()), unix.TIOCSETA, attr)
+	return unix.IoctlSetTermios(int(f.Fd()), unix.TIOCSETA, attr) //#nosec G115
 }
 
 func (dev *VirtioSerial) toVz() (*vz.VirtioConsoleDeviceSerialPortConfiguration, error) {

diff --git a/pkg/vf/virtionet.go b/pkg/vf/virtionet.go
@@ -64,10 +64,10 @@ func (dev *VirtioNet) connectUnixPath() error {
 		return err
 	}
 	err = rawConn.Control(func(fd uintptr) {
-		if err = syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_SNDBUF, 1*1024*1024); err != nil {
+		if err = syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_SNDBUF, 1*1024*1024); err != nil { //#nosec G115
 			return
 		}
-		if err = syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_RCVBUF, 4*1024*1024); err != nil {
+		if err = syscall.SetsockoptInt(int(fd), syscall.SOL_SOCKET, syscall.SO_RCVBUF, 4*1024*1024); err != nil { //#nosec G115
 			return
 		}
 	})

diff --git a/pkg/vf/vsock.go b/pkg/vf/vsock.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 	"io"
+	"math"
 	"net"
 	"net/url"
 	"strconv"
@@ -19,13 +20,17 @@ func ExposeVsock(vm *VirtualMachine, port uint, vsockPath string, listen bool) (
 }
 
 func ConnectVsockSync(vm *VirtualMachine, port uint) (net.Conn, error) {
+	if port > math.MaxUint32 {
+		return nil, fmt.Errorf("Port number (%d) is too high", port)
+	}
+
 	socketDevices := vm.SocketDevices()
 	if len(socketDevices) != 1 {
 		return nil, fmt.Errorf("VM has too many/not enough virtio-vsock devices (%d)", len(socketDevices))
 	}
 	vsockDevice := socketDevices[0]
 
-	conn, err := vsockDevice.Connect(uint32(port))
+	conn, err := vsockDevice.Connect(uint32(port)) //#nosec G115 -- 'port' is checked against MaxUint32
 	if err != nil {
 		// we can't `return vsockDevice.Connect()` directly, see https://go.dev/doc/faq#nil_error
 		// checking the return value for nil won't work as expected if we don't do this
@@ -84,15 +89,15 @@ func listenVsock(vm *VirtualMachine, port uint, vsockPath string) (io.Closer, er
 		}
 		switch parsed.Scheme {
 		case "vsock":
-			port, err := strconv.Atoi(parsed.Port())
+			port, err := strconv.ParseUint(parsed.Port(), 10, 32)
 			if err != nil {
 				return nil, err
 			}
 			socketDevices := vm.SocketDevices()
 			if len(socketDevices) != 1 {
 				return nil, fmt.Errorf("VM has too many/not enough virtio-vsock devices (%d)", len(socketDevices))
 			}
-			return socketDevices[0].Listen(uint32(port))
+			return socketDevices[0].Listen(uint32(port)) //#nosec G115 -- strconv.ParseUint(.., .., 32) guarantees no overflow
 		default:
 			return nil, fmt.Errorf("unexpected scheme '%s'", parsed.Scheme)
 		}