gosec: G601 - Implicit memory aliasing in for loop

G601 warning doen't mean there's a vulnerabilty. But this code could have unintended bugs. Disabling warnings locally.
2021-12-04 14:08:00 +01:00 · 2021-12-04 14:08:00 +01:00 · 610db6563a
commit 610db6563a
parent 8136209d17
7 changed files with 24 additions and 0 deletions
--- a/internal/cloud/awscloud/awscloud.go
+++ b/internal/cloud/awscloud/awscloud.go
@ -202,6 +202,8 @@ func (a *AWS) Register(name, bucket, key string, shareWith []string, rpmArch str
 		log.Printf("[AWS] 🎥 Sharing ec2 snapshot")
 		var userIds []*string
 		for _, v := range shareWith {
+			// Implicit memory alasing doesn't couse any bug in this case
+			/* #nosec G601 */
 			userIds = append(userIds, &v)
 		}
 		_, err := a.ec2.ModifySnapshotAttribute(
@ -281,6 +283,8 @@ func (a *AWS) Register(name, bucket, key string, shareWith []string, rpmArch str
 		var launchPerms []*ec2.LaunchPermission
 		for _, id := range shareWith {
 			launchPerms = append(launchPerms, &ec2.LaunchPermission{
+				// Implicit memory alasing doesn't couse any bug in this case
+				/* #nosec G601 */
 				UserId: &id,
 			})
 		}
--- a/internal/cloudapi/v2/errors.go
+++ b/internal/cloudapi/v2/errors.go
@ -193,6 +193,8 @@ func APIErrorList(page int, pageSize int, c echo.Context) *ErrorList {

 	errs := getServiceErrors()[min(page*pageSize, len(getServiceErrors())):min(((page+1)*pageSize), len(getServiceErrors()))]
 	for _, e := range errs {
+		// Implicit memory alasing doesn't couse any bug in this case
+		/* #nosec G601 */
 		list.Items = append(list.Items, *APIError(e.code, &e, c))
 	}
 	list.Size = len(list.Items)
--- a/internal/distro/rhel85/pipelines.go
+++ b/internal/distro/rhel85/pipelines.go
@ -512,6 +512,8 @@ func tarInstallerPipelines(t *imageType, customizations *blueprint.Customization
 	installerPackages := packageSetSpecs[installerPkgsKey]
 	for _, pkg := range installerPackages {
 		if pkg.Name == "kernel" {
+			// Implicit memory alasing doesn't couse any bug in this case
+			/* #nosec G601 */
 			kernelPkg = &pkg
 			break
 		}
@ -1345,6 +1347,8 @@ func kernelVerStr(pkgs []rpmmd.PackageSpec, kernelName, arch string) string {
 	kernelPkg := new(rpmmd.PackageSpec)
 	for _, pkg := range pkgs {
 		if pkg.Name == kernelName {
+			// Implicit memory alasing doesn't couse any bug in this case
+			/* #nosec G601 */
 			kernelPkg = &pkg
 			break
 		}
--- a/internal/distro/rhel86/pipelines.go
+++ b/internal/distro/rhel86/pipelines.go
@ -679,6 +679,8 @@ func tarInstallerPipelines(t *imageType, customizations *blueprint.Customization
 	installerPackages := packageSetSpecs[installerPkgsKey]
 	for _, pkg := range installerPackages {
 		if pkg.Name == "kernel" {
+			// Implicit memory alasing doesn't couse any bug in this case
+			/* #nosec G601 */
 			kernelPkg = &pkg
 			break
 		}
@ -1487,6 +1489,8 @@ func kernelVerStr(pkgs []rpmmd.PackageSpec, kernelName, arch string) string {
 	kernelPkg := new(rpmmd.PackageSpec)
 	for _, pkg := range pkgs {
 		if pkg.Name == kernelName {
+			// Implicit memory alasing doesn't couse any bug in this case
+			/* #nosec G601 */
 			kernelPkg = &pkg
 			break
 		}
--- a/internal/distro/rhel90/pipelines.go
+++ b/internal/distro/rhel90/pipelines.go
@ -669,6 +669,8 @@ func tarInstallerPipelines(t *imageType, customizations *blueprint.Customization
 	installerPackages := packageSetSpecs[installerPkgsKey]
 	for _, pkg := range installerPackages {
 		if pkg.Name == "kernel" {
+			// Implicit memory alasing doesn't couse any bug in this case
+			/* #nosec G601 */
 			kernelPkg = &pkg
 			break
 		}
@ -1487,6 +1489,8 @@ func kernelVerStr(pkgs []rpmmd.PackageSpec, kernelName, arch string) string {
 	kernelPkg := new(rpmmd.PackageSpec)
 	for _, pkg := range pkgs {
 		if pkg.Name == kernelName {
+			// Implicit memory alasing doesn't couse any bug in this case
+			/* #nosec G601 */
 			kernelPkg = &pkg
 			break
 		}
--- a/internal/distro/rhel90beta/pipelines.go
+++ b/internal/distro/rhel90beta/pipelines.go
@ -644,6 +644,8 @@ func tarInstallerPipelines(t *imageType, customizations *blueprint.Customization
 	installerPackages := packageSetSpecs[installerPkgsKey]
 	for _, pkg := range installerPackages {
 		if pkg.Name == "kernel" {
+			// Implicit memory alasing doesn't couse any bug in this case
+			/* #nosec G601 */
 			kernelPkg = &pkg
 			break
 		}
@ -1157,6 +1159,8 @@ func kernelVerStr(pkgs []rpmmd.PackageSpec, kernelName, arch string) string {
 	kernelPkg := new(rpmmd.PackageSpec)
 	for _, pkg := range pkgs {
 		if pkg.Name == kernelName {
+			// Implicit memory alasing doesn't couse any bug in this case
+			/* #nosec G601 */
 			kernelPkg = &pkg
 			break
 		}
--- a/internal/osbuild2/result.go
+++ b/internal/osbuild2/result.go
@ -151,6 +151,8 @@ func convertStageResults(v1Stages []osbuild1.StageResult) (PipelineResult, Pipel
 	result := make([]StageResult, len(v1Stages))
 	metadata := make(map[string]StageMetadata)
 	for idx, srv1 := range v1Stages {
+		// Implicit memory alasing doesn't couse any bug in this case
+		/* #nosec G601 */
 		stageResult, stageMetadata := convertStageResult(&srv1)
 		result[idx] = *stageResult
 		if stageMetadata != nil {