gosec fix: made changes based on gosec analyzer results

hypersign-protocol · Nov 25, 2023 · 7197f3c · 7197f3c
1 parent c863a58
commit 7197f3c
Show file tree

Hide file tree

Showing 8 changed files with 19 additions and 10 deletions.
diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml
@@ -1,4 +1,4 @@
-name: Run Gosec
+name: Gosec
 on:
   pull_request:
 

diff --git a/app/export.go b/app/export.go
@@ -150,6 +150,8 @@ func (app *HidnodeApp) prepForZeroHeightGenesis(ctx sdk.Context, jailAllowedAddr
 	iter := sdk.KVStoreReversePrefixIterator(store, stakingtypes.ValidatorsKey)
 	counter := int16(0)
 
+	defer iter.Close()
+
 	for ; iter.Valid(); iter.Next() {
 		addr := sdk.ValAddress(iter.Key()[1:])
 		validator, found := app.StakingKeeper.GetValidator(ctx, addr)
@@ -166,8 +168,6 @@ func (app *HidnodeApp) prepForZeroHeightGenesis(ctx sdk.Context, jailAllowedAddr
 		counter++
 	}
 
-	iter.Close()
-
 	if _, err := app.StakingKeeper.ApplyAndReturnValidatorSetUpdates(ctx); err != nil {
 		panic(err)
 	}

diff --git a/cmd/hid-noded/cmd/debug_extensions.go b/cmd/hid-noded/cmd/debug_extensions.go
@@ -2,7 +2,7 @@ package cmd
 
 import (
 	"crypto/ed25519"
-	"crypto/rand"
+	"crypto/rand" /* #nosec G702 */
 	"crypto/sha256"
 	"encoding/base64"
 	"encoding/hex"

diff --git a/x/ssi/ante/decorators.go b/x/ssi/ante/decorators.go
@@ -63,7 +63,7 @@ func (mfd MempoolFeeDecorator) AnteHandle(ctx sdk.Context, tx sdk.Tx, simulate b
 
 			// Determine the required fees by multiplying each required minimum gas
 			// price by the gas limit, where fee = ceil(minGasPrice * gasLimit).
-			glDec := sdk.NewDec(int64(gas))
+			glDec := sdk.NewDec(int64(gas)) /* #nosec G701 */
 			for i, gp := range minGasPrices {
 				fee := gp.Amount.Mul(glDec)
 				requiredFees[i] = sdk.NewCoin(gp.Denom, fee.Ceil().RoundInt())

diff --git a/x/ssi/keeper/msg_server_create_credential.go b/x/ssi/keeper/msg_server_create_credential.go
@@ -54,7 +54,10 @@ func (k msgServer) RegisterCredentialStatus(goCtx context.Context, msg *types.Ms
 	}
 
 	// Check if the created date before issuance date
-	currentDate, _ := time.Parse(time.RFC3339, msgCredProof.Created)
+	currentDate, err := time.Parse(time.RFC3339, msgCredProof.Created)
+	if err != nil {
+		return nil, err
+	}
 	if currentDate.Before(issuanceDateParsed) {
 		return nil, sdkerrors.Wrapf(types.ErrInvalidDate, "proof attached has a creation date before issuance date")
 	}

diff --git a/x/ssi/keeper/msg_server_update_credential.go b/x/ssi/keeper/msg_server_update_credential.go
@@ -3,7 +3,7 @@ package keeper
 import (
 	"context"
 	"fmt"
-	"reflect"
+	"reflect" /* #nosec G702 */
 	"time"
 
 	sdk "github.com/cosmos/cosmos-sdk/types"
@@ -89,7 +89,10 @@ func (k msgServer) UpdateCredentialStatus(goCtx context.Context, msg *types.MsgU
 	}
 
 	// Check if the created date before issuance date
-	currentDate, _ := time.Parse(time.RFC3339, msgNewCredProof.Created)
+	currentDate, err := time.Parse(time.RFC3339, msgNewCredProof.Created)
+	if err != nil {
+		return nil, err
+	}
 	if currentDate.Before(newIssuanceDateParsed) {
 		return nil, sdkerrors.Wrapf(types.ErrInvalidDate, "proof attached has a creation date before issuance date")
 	}

diff --git a/x/ssi/keeper/msg_server_update_did.go b/x/ssi/keeper/msg_server_update_did.go
@@ -3,7 +3,7 @@ package keeper
 import (
 	"context"
 	"fmt"
-	"reflect"
+	"reflect" /* #nosec G702 */
 
 	sdk "github.com/cosmos/cosmos-sdk/types"
 	sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"

diff --git a/x/ssi/types/genesis.go b/x/ssi/types/genesis.go
@@ -18,7 +18,10 @@ func DefaultGenesis() *GenesisState {
 func (gs GenesisState) Validate() error {
 	namespace := gs.ChainNamespace
 
-	regexPattern, _ := regexp.Compile("^[a-zA-Z0-9-]*$") // Matches string containing whitespaces and tabs
+	regexPattern, err := regexp.Compile("^[a-zA-Z0-9-]*$") // Matches string containing whitespaces and tabs
+	if err != nil {
+		return err
+	}
 	maxChainNamespaceLength := 10
 
 	if len(namespace) > maxChainNamespaceLength {