gosec: G401, G501 - Weak cryptographic primitive
azure, koji and gcp use md5 hashes. Gosec is not happy with it, so we create exceptions for them (G401, G501).
This commit is contained in:
Juan Abia
Alexander Todorov
parent
5a1460a6d1
commit
c8cf835db3
3 changed files with 12 additions and 0 deletions
|
|
@ -4,6 +4,8 @@ import (
|
|||
"bufio"
|
||||
"bytes"
|
||||
"context"
|
||||
// azure uses MD5 hashes
|
||||
/* #nosec G501 */
|
||||
"crypto/md5"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
|
@ -88,6 +90,8 @@ func (c StorageClient) UploadPageBlob(metadata BlobMetadata, fileName string, th
|
|||
}
|
||||
|
||||
// Hash the imageFile
|
||||
// azure uses MD5 hashes
|
||||
/* #nosec G401 */
|
||||
imageFileHash := md5.New()
|
||||
if _, err := io.Copy(imageFileHash, imageFile); err != nil {
|
||||
return fmt.Errorf("cannot create md5 of the image: %v", err)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue