From 27a5ffb5c8f6dd3b6dea3b8e6019a2b3d43bf0f9 Mon Sep 17 00:00:00 2001 From: Chris Bandy Date: Wed, 3 Mar 2021 03:05:33 -0600 Subject: [PATCH] Quiet warnings about integer truncation (#586) Both MinVersion and MaxVersion of crypto/tls.Config are uint16, so the int16 fields of rules.insecureConfigTLS are too small. GetInt() interprets integer literals as fitting within 64-bits, so simplify things by using int64. --- rules/tls.go | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/rules/tls.go b/rules/tls.go index 8fbcbcaa0e..dc0ab6aabc 100644 --- a/rules/tls.go +++ b/rules/tls.go @@ -26,12 +26,12 @@ import ( type insecureConfigTLS struct { gosec.MetaData - MinVersion int16 - MaxVersion int16 + MinVersion int64 + MaxVersion int64 requiredType string goodCiphers []string - actualMinVersion int16 - actualMaxVersion int16 + actualMinVersion int64 + actualMaxVersion int64 } func (t *insecureConfigTLS) ID() string { @@ -86,7 +86,7 @@ func (t *insecureConfigTLS) processTLSConfVal(n *ast.KeyValueExpr, c *gosec.Cont case "MinVersion": if ival, ierr := gosec.GetInt(n.Value); ierr == nil { - t.actualMinVersion = (int16)(ival) + t.actualMinVersion = ival } else { if se, ok := n.Value.(*ast.SelectorExpr); ok { if pkg, ok := se.X.(*ast.Ident); ok && pkg.Name == "tls" { @@ -97,7 +97,7 @@ func (t *insecureConfigTLS) processTLSConfVal(n *ast.KeyValueExpr, c *gosec.Cont case "MaxVersion": if ival, ierr := gosec.GetInt(n.Value); ierr == nil { - t.actualMaxVersion = (int16)(ival) + t.actualMaxVersion = ival } else { if se, ok := n.Value.(*ast.SelectorExpr); ok { if pkg, ok := se.X.(*ast.Ident); ok && pkg.Name == "tls" { @@ -117,8 +117,8 @@ func (t *insecureConfigTLS) processTLSConfVal(n *ast.KeyValueExpr, c *gosec.Cont return nil } -func (t *insecureConfigTLS) mapVersion(version string) int16 { - var v int16 +func (t *insecureConfigTLS) mapVersion(version string) int64 { + var v int64 switch version { case "VersionTLS13": v = tls.VersionTLS13