From 15d4ca630cf43eb213a7206c8dbbadace9b2cca1 Mon Sep 17 00:00:00 2001 From: Lynwee Date: Wed, 28 Feb 2024 18:39:57 +0800 Subject: [PATCH] fix(security): fix cwe-276, (parts of)cwe-22 (#7045) * fix(security): fix cwe-276, (parts of)cwe-22 * fix(test): fix errors * fix(test): fix errors * fix(test): fix errors --- backend/impls/logruslog/stream.go | 2 +- backend/test/helper/utils.go | 22 +++++++--------------- 2 files changed, 8 insertions(+), 16 deletions(-) diff --git a/backend/impls/logruslog/stream.go b/backend/impls/logruslog/stream.go index d5429e19bd7..aa6770f24ad 100644 --- a/backend/impls/logruslog/stream.go +++ b/backend/impls/logruslog/stream.go @@ -32,7 +32,7 @@ func GetFileStream(path string) (io.Writer, errors.Error) { if err != nil { return nil, errors.Convert(err) } - file, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE|os.O_APPEND, 0777) + file, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE|os.O_APPEND, 0644) if err != nil { return nil, errors.Convert(err) } diff --git a/backend/test/helper/utils.go b/backend/test/helper/utils.go index 7bf60364233..f1e22882555 100644 --- a/backend/test/helper/utils.go +++ b/backend/test/helper/utils.go @@ -31,10 +31,16 @@ import ( // IsWSL FIXME func IsWSL() bool { - lines, err := readFile("/proc/version") + file, err := os.Open("/proc/version") if err != nil { return false } + defer file.Close() + var lines []string + scanner := bufio.NewScanner(file) + for scanner.Scan() { + lines = append(lines, scanner.Text()) + } for _, line := range lines { l := strings.ToLower(line) if strings.Contains(l, "microsoft") { @@ -85,17 +91,3 @@ func Contains[T any](list []T, elem any) bool { } return false } - -func readFile(path string) ([]string, error) { - file, err := os.Open(path) - if err != nil { - return nil, err - } - defer file.Close() - var lines []string - scanner := bufio.NewScanner(file) - for scanner.Scan() { - lines = append(lines, scanner.Text()) - } - return lines, scanner.Err() -}