chore: Enable G103 rule for gosec (#13038)

2023-04-12 15:32:46 +02:00 · 2023-04-12 15:32:46 +02:00 · 55e4bb6808
parent 9bb2d1562d
commit 55e4bb6808
10 changed files with 54 additions and 92 deletions
--- a/.golangci.yml
+++ b/.golangci.yml
@ -90,6 +90,7 @@ linters-settings:
    includes:
      - G101
      - G102
+      - G103
      - G106
      - G107
      - G108
--- a/plugins/inputs/procstat/win_service_windows.go
+++ b/plugins/inputs/procstat/win_service_windows.go
@ -39,7 +39,7 @@ func queryPidWithWinServiceName(winServiceName string) (uint32, error) {
 	}

 	buf = make([]byte, bytesNeeded)
-	p = (*windows.SERVICE_STATUS_PROCESS)(unsafe.Pointer(&buf[0]))
+	p = (*windows.SERVICE_STATUS_PROCESS)(unsafe.Pointer(&buf[0])) //nolint:gosec // G103: Valid use of unsafe call to create SERVICE_STATUS_PROCESS
 	if err := windows.QueryServiceStatusEx(srv.Handle, windows.SC_STATUS_PROCESS_INFO, &buf[0], uint32(len(buf)), &bytesNeeded); err != nil {
 		return 0, err
 	}
--- a/plugins/inputs/vsphere/vsphere_test.go
+++ b/plugins/inputs/vsphere/vsphere_test.go
@ -9,7 +9,6 @@ import (
 	"strings"
 	"testing"
 	"time"
-	"unsafe"

 	"github.com/stretchr/testify/require"
 	"github.com/vmware/govmomi/object"
@ -220,12 +219,6 @@ func TestMaxQuery(t *testing.T) {
 		t.Skip("Skipping long test in short mode")
 	}

-	// Don't run test on 32-bit machines due to bug in simulator.
-	// https://github.com/vmware/govmomi/issues/1330
-	var i int
-	if unsafe.Sizeof(i) < 8 {
-		return
-	}
 	m, s, err := createSim(0)
 	require.NoError(t, err)
 	defer m.Remove()
@ -273,13 +266,6 @@ func TestFinder(t *testing.T) {
 		t.Skip("Skipping long test in short mode")
 	}

-	// Don't run test on 32-bit machines due to bug in simulator.
-	// https://github.com/vmware/govmomi/issues/1330
-	var i int
-	if unsafe.Sizeof(i) < 8 {
-		return
-	}
-
 	m, s, err := createSim(0)
 	require.NoError(t, err)
 	defer m.Remove()
@ -397,13 +383,6 @@ func TestFolders(t *testing.T) {
 		t.Skip("Skipping long test in short mode")
 	}

-	// Don't run test on 32-bit machines due to bug in simulator.
-	// https://github.com/vmware/govmomi/issues/1330
-	var i int
-	if unsafe.Sizeof(i) < 8 {
-		return
-	}
-
 	m, s, err := createSim(1)
 	require.NoError(t, err)
 	defer m.Remove()
@ -486,13 +465,6 @@ func testCollection(t *testing.T, excludeClusters bool) {
 		v.Username = config.NewSecret([]byte(username))
 		v.Password = config.NewSecret([]byte(password))
 	} else {
-		// Don't run test on 32-bit machines due to bug in simulator.
-		// https://github.com/vmware/govmomi/issues/1330
-		var i int
-		if unsafe.Sizeof(i) < 8 {
-			return
-		}
-
 		m, s, err := createSim(0)
 		require.NoError(t, err)
 		defer m.Remove()
--- a/plugins/inputs/win_eventlog/util.go
+++ b/plugins/inputs/win_eventlog/util.go
@ -51,7 +51,7 @@ func GetFromSnapProcess(pid uint32) (uint32, uint32, string, error) {
 	}
 	defer windows.CloseHandle(snap)
 	var pe32 windows.ProcessEntry32
-	pe32.Size = uint32(unsafe.Sizeof(pe32))
+	pe32.Size = uint32(unsafe.Sizeof(pe32)) //nolint:gosec // G103: Valid use of unsafe call to determine the size of the struct
 	if err = windows.Process32First(snap, &pe32); err != nil {
 		return 0, 0, "", err
 	}
--- a/plugins/inputs/win_eventlog/zsyscall_windows.go
+++ b/plugins/inputs/win_eventlog/zsyscall_windows.go
@ -94,8 +94,8 @@ func _EvtSubscribe(
 		8,
 		uintptr(session),
 		uintptr(signalEvent),
-		uintptr(unsafe.Pointer(channelPath)),
-		uintptr(unsafe.Pointer(query)),
+		uintptr(unsafe.Pointer(channelPath)), //nolint:gosec // G103: Valid use of unsafe call to pass channelPath
+		uintptr(unsafe.Pointer(query)),       //nolint:gosec // G103: Valid use of unsafe call to pass query
 		uintptr(bookmark),
 		uintptr(context),
 		uintptr(callback),
@ -129,9 +129,9 @@ func _EvtRender(
 		uintptr(fragment),
 		uintptr(flags),
 		uintptr(bufferSize),
-		uintptr(unsafe.Pointer(buffer)),
-		uintptr(unsafe.Pointer(bufferUsed)),
-		uintptr(unsafe.Pointer(propertyCount)),
+		uintptr(unsafe.Pointer(buffer)),        //nolint:gosec // G103: Valid use of unsafe call to pass buffer
+		uintptr(unsafe.Pointer(bufferUsed)),    //nolint:gosec // G103: Valid use of unsafe call to pass bufferUsed
+		uintptr(unsafe.Pointer(propertyCount)), //nolint:gosec // G103: Valid use of unsafe call to pass propertyCount
 		0,
 		0,
 	)
@ -163,10 +163,10 @@ func _EvtNext(resultSet EvtHandle, eventArraySize uint32, eventArray *EvtHandle,
 		6,
 		uintptr(resultSet),
 		uintptr(eventArraySize),
-		uintptr(unsafe.Pointer(eventArray)),
+		uintptr(unsafe.Pointer(eventArray)), //nolint:gosec // G103: Valid use of unsafe call to pass eventArray
 		uintptr(timeout),
 		uintptr(flags),
-		uintptr(unsafe.Pointer(numReturned)),
+		uintptr(unsafe.Pointer(numReturned)), //nolint:gosec // G103: Valid use of unsafe call to pass numReturned
 	)
 	if r1 == 0 {
 		if e1 != 0 {
@ -199,8 +199,8 @@ func _EvtFormatMessage(
 		uintptr(values),
 		uintptr(flags),
 		uintptr(bufferSize),
-		uintptr(unsafe.Pointer(buffer)),
-		uintptr(unsafe.Pointer(bufferUsed)),
+		uintptr(unsafe.Pointer(buffer)),     //nolint:gosec // G103: Valid use of unsafe call to pass buffer
+		uintptr(unsafe.Pointer(bufferUsed)), //nolint:gosec // G103: Valid use of unsafe call to pass bufferUsed
 	)
 	if r1 == 0 {
 		if e1 != 0 {
@ -217,8 +217,8 @@ func _EvtOpenPublisherMetadata(session EvtHandle, publisherIdentity *uint16, log
 		procEvtOpenPublisherMetadata.Addr(),
 		5,
 		uintptr(session),
-		uintptr(unsafe.Pointer(publisherIdentity)),
-		uintptr(unsafe.Pointer(logFilePath)),
+		uintptr(unsafe.Pointer(publisherIdentity)), //nolint:gosec // G103: Valid use of unsafe call to pass publisherIdentity
+		uintptr(unsafe.Pointer(logFilePath)),       //nolint:gosec // G103: Valid use of unsafe call to pass logFilePath
 		uintptr(locale),
 		uintptr(flags),
 		0,
@ -235,6 +235,7 @@ func _EvtOpenPublisherMetadata(session EvtHandle, publisherIdentity *uint16, log
 }

 func _EvtCreateBookmark(bookmarkXML *uint16) (EvtHandle, error) {
+	//nolint:gosec // G103: Valid use of unsafe call to pass bookmarkXML
 	r0, _, e1 := syscall.Syscall(procEvtCreateBookmark.Addr(), 1, uintptr(unsafe.Pointer(bookmarkXML)), 0, 0)
 	handle := EvtHandle(r0)
 	if handle != 0 {
--- a/plugins/inputs/win_perf_counters/pdh.go
+++ b/plugins/inputs/win_perf_counters/pdh.go
@ -337,9 +337,9 @@ func PdhAddCounter(hQuery PDH_HQUERY, szFullCounterPath string, dwUserData uintp
 	ptxt, _ := syscall.UTF16PtrFromString(szFullCounterPath)
 	ret, _, _ := pdh_AddCounterW.Call(
 		uintptr(hQuery),
-		uintptr(unsafe.Pointer(ptxt)),
+		uintptr(unsafe.Pointer(ptxt)), //nolint:gosec // G103: Valid use of unsafe call to pass ptxt
 		dwUserData,
-		uintptr(unsafe.Pointer(phCounter)))
+		uintptr(unsafe.Pointer(phCounter))) //nolint:gosec // G103: Valid use of unsafe call to pass phCounter

 	return uint32(ret)
 }
@ -361,9 +361,9 @@ func PdhAddEnglishCounter(hQuery PDH_HQUERY, szFullCounterPath string, dwUserDat
 	ptxt, _ := syscall.UTF16PtrFromString(szFullCounterPath)
 	ret, _, _ := pdh_AddEnglishCounterW.Call(
 		uintptr(hQuery),
-		uintptr(unsafe.Pointer(ptxt)),
+		uintptr(unsafe.Pointer(ptxt)), //nolint:gosec // G103: Valid use of unsafe call to pass ptxt
 		dwUserData,
-		uintptr(unsafe.Pointer(phCounter)))
+		uintptr(unsafe.Pointer(phCounter))) //nolint:gosec // G103: Valid use of unsafe call to pass phCounter

 	return uint32(ret)
 }
@ -407,13 +407,14 @@ func PdhCollectQueryData(hQuery PDH_HQUERY) uint32 {
 // Converts the filetime structure to a GO time class and returns the native time.
 func PdhCollectQueryDataWithTime(hQuery PDH_HQUERY) (uint32, time.Time) {
 	var localFileTime FILETIME
+	//nolint:gosec // G103: Valid use of unsafe call to pass localFileTime
 	ret, _, _ := pdh_CollectQueryDataWithTime.Call(uintptr(hQuery), uintptr(unsafe.Pointer(&localFileTime)))

 	if ret == ERROR_SUCCESS {
 		var utcFileTime FILETIME
 		ret, _, _ := krn_LocalFileTimeToFileTime.Call(
-			uintptr(unsafe.Pointer(&localFileTime)),
-			uintptr(unsafe.Pointer(&utcFileTime)))
+			uintptr(unsafe.Pointer(&localFileTime)), //nolint:gosec // G103: Valid use of unsafe call to pass localFileTime
+			uintptr(unsafe.Pointer(&utcFileTime)))   //nolint:gosec // G103: Valid use of unsafe call to pass utcFileTime

 		if ret == 0 {
 			return uint32(ERROR_FAILURE), time.Now()
@ -439,8 +440,8 @@ func PdhGetFormattedCounterValueDouble(hCounter PDH_HCOUNTER, lpdwType *uint32,
 	ret, _, _ := pdh_GetFormattedCounterValue.Call(
 		uintptr(hCounter),
 		uintptr(PDH_FMT_DOUBLE|PDH_FMT_NOCAP100),
-		uintptr(unsafe.Pointer(lpdwType)),
-		uintptr(unsafe.Pointer(pValue)))
+		uintptr(unsafe.Pointer(lpdwType)), //nolint:gosec // G103: Valid use of unsafe call to pass lpdwType
+		uintptr(unsafe.Pointer(pValue)))   //nolint:gosec // G103: Valid use of unsafe call to pass pValue

 	return uint32(ret)
 }
@ -486,9 +487,9 @@ func PdhGetFormattedCounterArrayDouble(hCounter PDH_HCOUNTER, lpdwBufferSize *ui
 	ret, _, _ := pdh_GetFormattedCounterArrayW.Call(
 		uintptr(hCounter),
 		uintptr(PDH_FMT_DOUBLE|PDH_FMT_NOCAP100),
-		uintptr(unsafe.Pointer(lpdwBufferSize)),
-		uintptr(unsafe.Pointer(lpdwBufferCount)),
-		uintptr(unsafe.Pointer(itemBuffer)))
+		uintptr(unsafe.Pointer(lpdwBufferSize)),  //nolint:gosec // G103: Valid use of unsafe call to pass lpdwBufferSize
+		uintptr(unsafe.Pointer(lpdwBufferCount)), //nolint:gosec // G103: Valid use of unsafe call to pass lpdwBufferCount
+		uintptr(unsafe.Pointer(itemBuffer)))      //nolint:gosec // G103: Valid use of unsafe call to pass itemBuffer

 	return uint32(ret)
 }
@ -504,7 +505,7 @@ func PdhOpenQuery(szDataSource uintptr, dwUserData uintptr, phQuery *PDH_HQUERY)
 	ret, _, _ := pdh_OpenQuery.Call(
 		szDataSource,
 		dwUserData,
-		uintptr(unsafe.Pointer(phQuery)))
+		uintptr(unsafe.Pointer(phQuery))) //nolint:gosec // G103: Valid use of unsafe call to pass phQuery

 	return uint32(ret)
 }
@ -544,20 +545,19 @@ func PdhExpandWildCardPath(szWildCardPath string, mszExpandedPathList *uint16, p
 	ptxt, _ := syscall.UTF16PtrFromString(szWildCardPath)
 	flags := uint32(0) // expand instances and counters
 	ret, _, _ := pdh_ExpandWildCardPathW.Call(
-		uintptr(unsafe.Pointer(nil)), // search counters on local computer
-		uintptr(unsafe.Pointer(ptxt)),
-		uintptr(unsafe.Pointer(mszExpandedPathList)),
-		uintptr(unsafe.Pointer(pcchPathListLength)),
-		uintptr(unsafe.Pointer(&flags)))
+		0,                             // search counters on local computer
+		uintptr(unsafe.Pointer(ptxt)), //nolint:gosec // G103: Valid use of unsafe call to pass ptxt
+		uintptr(unsafe.Pointer(mszExpandedPathList)), //nolint:gosec // G103: Valid use of unsafe call to pass mszExpandedPathList
+		uintptr(unsafe.Pointer(pcchPathListLength)),  //nolint:gosec // G103: Valid use of unsafe call to pass pcchPathListLength
+		uintptr(unsafe.Pointer(&flags)))              //nolint:gosec // G103: Valid use of unsafe call to pass flags

 	return uint32(ret)
 }

-// PdhValidatePath validates a path. Will return ERROR_SUCCESS when ok, or PDH_CSTATUS_BAD_COUNTERNAME when the path is
-// erroneous.
+// PdhValidatePath validates a path. Will return ERROR_SUCCESS when ok, or PDH_CSTATUS_BAD_COUNTERNAME when the path is erroneous.
 func PdhValidatePath(path string) uint32 {
 	ptxt, _ := syscall.UTF16PtrFromString(path)
-	ret, _, _ := pdh_ValidatePathW.Call(uintptr(unsafe.Pointer(ptxt)))
+	ret, _, _ := pdh_ValidatePathW.Call(uintptr(unsafe.Pointer(ptxt))) //nolint:gosec // G103: Valid use of unsafe call to pass ptxt

 	return uint32(ret)
 }
@ -588,8 +588,8 @@ func PdhGetCounterInfo(hCounter PDH_HCOUNTER, bRetrieveExplainText int, pdwBuffe
 	ret, _, _ := pdh_GetCounterInfoW.Call(
 		uintptr(hCounter),
 		uintptr(bRetrieveExplainText),
-		uintptr(unsafe.Pointer(pdwBufferSize)),
-		uintptr(unsafe.Pointer(lpBuffer)))
+		uintptr(unsafe.Pointer(pdwBufferSize)), //nolint:gosec // G103: Valid use of unsafe call to pass pdwBufferSize
+		uintptr(unsafe.Pointer(lpBuffer)))      //nolint:gosec // G103: Valid use of unsafe call to pass lpBuffer

 	return uint32(ret)
 }
@ -610,8 +610,8 @@ func PdhGetCounterInfo(hCounter PDH_HCOUNTER, bRetrieveExplainText int, pdwBuffe
 func PdhGetRawCounterValue(hCounter PDH_HCOUNTER, lpdwType *uint32, pValue *PDH_RAW_COUNTER) uint32 {
 	ret, _, _ := pdh_GetRawCounterValue.Call(
 		uintptr(hCounter),
-		uintptr(unsafe.Pointer(lpdwType)),
-		uintptr(unsafe.Pointer(pValue)))
+		uintptr(unsafe.Pointer(lpdwType)), //nolint:gosec // G103: Valid use of unsafe call to pass lpdwType
+		uintptr(unsafe.Pointer(pValue)))   //nolint:gosec // G103: Valid use of unsafe call to pass pValue

 	return uint32(ret)
 }
@ -635,8 +635,8 @@ func PdhGetRawCounterValue(hCounter PDH_HCOUNTER, lpdwType *uint32, pValue *PDH_
 func PdhGetRawCounterArray(hCounter PDH_HCOUNTER, lpdwBufferSize *uint32, lpdwBufferCount *uint32, itemBuffer *byte) uint32 {
 	ret, _, _ := pdh_GetRawCounterArrayW.Call(
 		uintptr(hCounter),
-		uintptr(unsafe.Pointer(lpdwBufferSize)),
-		uintptr(unsafe.Pointer(lpdwBufferCount)),
-		uintptr(unsafe.Pointer(itemBuffer)))
+		uintptr(unsafe.Pointer(lpdwBufferSize)),  //nolint:gosec // G103: Valid use of unsafe call to pass lpdwBufferSize
+		uintptr(unsafe.Pointer(lpdwBufferCount)), //nolint:gosec // G103: Valid use of unsafe call to pass lpdwBufferCount
+		uintptr(unsafe.Pointer(itemBuffer)))      //nolint:gosec // G103: Valid use of unsafe call to pass itemBuffer
 	return uint32(ret)
 }
--- a/plugins/inputs/win_perf_counters/performance_query.go
+++ b/plugins/inputs/win_perf_counters/performance_query.go
@ -129,7 +129,7 @@ func (m *PerformanceQueryImpl) GetCounterPath(counterHandle PDH_HCOUNTER) (strin
 		buff = make([]byte, bufSize)
 		bufSize = uint32(len(buff))
 		if ret = PdhGetCounterInfo(counterHandle, 0, &bufSize, &buff[0]); ret == ERROR_SUCCESS {
-			ci := (*PDH_COUNTER_INFO)(unsafe.Pointer(&buff[0]))
+			ci := (*PDH_COUNTER_INFO)(unsafe.Pointer(&buff[0])) //nolint:gosec // G103: Valid use of unsafe call to create PDH_COUNTER_INFO
 			return UTF16PtrToString(ci.SzFullPath), nil
 		}
 	}
@ -180,6 +180,7 @@ func (m *PerformanceQueryImpl) GetFormattedCounterArrayDouble(hCounter PDH_HCOUN
 		buff := make([]byte, buffSize)

 		if ret = PdhGetFormattedCounterArrayDouble(hCounter, &buffSize, &itemCount, &buff[0]); ret == ERROR_SUCCESS {
+			//nolint:gosec // G103: Valid use of unsafe call to create PDH_FMT_COUNTERVALUE_ITEM_DOUBLE
 			items := (*[1 << 20]PDH_FMT_COUNTERVALUE_ITEM_DOUBLE)(unsafe.Pointer(&buff[0]))[:itemCount]
 			values := make([]CounterValue, 0, itemCount)
 			for _, item := range items {
@ -203,6 +204,7 @@ func (m *PerformanceQueryImpl) GetRawCounterArray(hCounter PDH_HCOUNTER) ([]Coun
 		buff := make([]byte, buffSize)

 		if ret = PdhGetRawCounterArray(hCounter, &buffSize, &itemCount, &buff[0]); ret == ERROR_SUCCESS {
+			//nolint:gosec // G103: Valid use of unsafe call to create PDH_RAW_COUNTER_ITEM
 			items := (*[1 << 20]PDH_RAW_COUNTER_ITEM)(unsafe.Pointer(&buff[0]))[:itemCount]
 			values := make([]CounterValue, 0, itemCount)
 			for _, item := range items {
@ -270,6 +272,7 @@ func UTF16PtrToString(s *uint16) string {
 	if s == nil {
 		return ""
 	}
+	//nolint:gosec // G103: Valid use of unsafe call to create string from Windows API LPTSTR (pointer to string)
 	return syscall.UTF16ToString((*[1 << 29]uint16)(unsafe.Pointer(s))[0:])
 }

--- a/plugins/outputs/application_insights/application_insights.go
+++ b/plugins/outputs/application_insights/application_insights.go
@ -5,8 +5,8 @@ import (
 	_ "embed"
 	"fmt"
 	"math"
+	"strconv"
 	"time"
-	"unsafe"

 	"github.com/microsoft/ApplicationInsights-Go/appinsights"

@ -40,11 +40,6 @@ type ApplicationInsights struct {
 	diagMsgListener   appinsights.DiagnosticsMessageListener
 }

-var (
-	is32Bit        bool
-	is32BitChecked bool
-)
-
 func (*ApplicationInsights) SampleConfig() string {
 	return sampleConfig
 }
@ -281,20 +276,10 @@ func toFloat64(value interface{}) (float64, error) {
 }

 func toInt(value interface{}) (int, error) {
-	if !is32BitChecked {
-		is32BitChecked = true
-		var i int
-		if unsafe.Sizeof(i) == 4 {
-			is32Bit = true
-		} else {
-			is32Bit = false
-		}
-	}
-
 	// Out of all Golang numerical types Telegraf only uses int64, unit64 and float64 for fields
 	switch v := value.(type) {
 	case uint64:
-		if is32Bit {
+		if strconv.IntSize == 32 {
 			if v > math.MaxInt32 {
 				return 0, fmt.Errorf("value [%d] out of range of 32-bit integers", v)
 			}
@ -307,7 +292,7 @@ func toInt(value interface{}) (int, error) {
 		return int(v), nil

 	case int64:
-		if is32Bit {
+		if strconv.IntSize == 32 {
 			if v > math.MaxInt32 || v < math.MinInt32 {
 				return 0, fmt.Errorf("value [%d] out of range of 32-bit integers", v)
 			}
--- a/plugins/outputs/postgresql/sqltemplate/template.go
+++ b/plugins/outputs/postgresql/sqltemplate/template.go
@ -322,11 +322,10 @@ func (cols Columns) Keys() Columns {

 // Sorted returns a sorted copy of Columns.
 //
-// Columns are sorted so that they are in order as: [Time, Tags, Fields], with the columns within each group sorted
-// alphabetically.
+// Columns are sorted so that they are in order as: [Time, Tags, Fields], with the columns within each group sorted alphabetically.
 func (cols Columns) Sorted() Columns {
 	newCols := append([]Column{}, cols...)
-	(*utils.ColumnList)(unsafe.Pointer(&newCols)).Sort()
+	(*utils.ColumnList)(unsafe.Pointer(&newCols)).Sort() //nolint:gosec // G103: Valid use of unsafe call to speed up sorting
 	return newCols
 }

--- a/plugins/parsers/influx/escape.go
+++ b/plugins/parsers/influx/escape.go
@ -79,14 +79,15 @@ func parseBoolBytes(b []byte) (bool, error) {

 // unsafeBytesToString converts a []byte to a string without a heap allocation.
 //
-// It is unsafe, and is intended to prepare input to short-lived functions
-// that require strings.
+// It is unsafe, and is intended to prepare input to short-lived functions that require strings.
 func unsafeBytesToString(in []byte) string {
+	//nolint:gosec // G103: Valid use of unsafe call to convert []byte to SliceHeader (without a heap allocation)
 	src := *(*reflect.SliceHeader)(unsafe.Pointer(&in))
 	dst := reflect.StringHeader{
 		Data: src.Data,
 		Len:  src.Len,
 	}
+	//nolint:gosec // G103: Valid use of unsafe call to convert StringHeader to string (without a heap allocation)
 	s := *(*string)(unsafe.Pointer(&dst))
 	return s
 }