github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

linting: address gosec G112/G114

Browse Source 
GOGC=75 golangci-lint run
    services/server/server.go:320:27: G114: Use of net/http serve function that has no support for setting timeouts (gosec)
        return trapClosedConnErr(http.Serve(l, m))
                                 ^
    services/server/server.go:340:27: G114: Use of net/http serve function that has no support for setting timeouts (gosec)
        return trapClosedConnErr(http.Serve(l, m))
                                 ^
    cmd/containerd-stress/main.go:238:13: G114: Use of net/http serve function that has no support for setting timeouts (gosec)
            if err := http.ListenAndServe(c.Metrics, metrics.Handler()); err != nil {
                      ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2022-10-08 13:25:33 +02:00
parent e6b5311508
commit 3ebeb6d79b
No known key found for this signature in database
GPG Key ID: 76698F39D527CE8C
2 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cmd/containerd-stress/main.go
View File

@ -235,7 +235,12 @@ func (c config) newClient() (*containerd.Client, error) {
func serve(c config) error { func serve(c config) error {
go func() { go func() {
if err := http.ListenAndServe(c.Metrics, metrics.Handler()); err != nil { srv := &http.Server{
Addr: c.Metrics,
Handler: metrics.Handler(),
ReadHeaderTimeout: 5 * time.Minute, // "G112: Potential Slowloris Attack (gosec)"; not a real concern for our use, so setting a long timeout.
}
if err := srv.ListenAndServe(); err != nil {
logrus.WithError(err).Error("listen and serve") logrus.WithError(err).Error("listen and serve")
} }
}() }()

12
services/server/server.go
View File

@ -317,7 +317,11 @@ func (s *Server) ServeTTRPC(l net.Listener) error {
func (s *Server) ServeMetrics(l net.Listener) error { func (s *Server) ServeMetrics(l net.Listener) error {
m := http.NewServeMux() m := http.NewServeMux()
m.Handle("/v1/metrics", metrics.Handler()) m.Handle("/v1/metrics", metrics.Handler())
return trapClosedConnErr(http.Serve(l, m)) srv := &http.Server{
Handler: m,
ReadHeaderTimeout: 5 * time.Minute, // "G112: Potential Slowloris Attack (gosec)"; not a real concern for our use, so setting a long timeout.
}
return trapClosedConnErr(srv.Serve(l))
} }
// ServeTCP allows services to serve over tcp // ServeTCP allows services to serve over tcp
@ -337,7 +341,11 @@ func (s *Server) ServeDebug(l net.Listener) error {
m.Handle("/debug/pprof/profile", http.HandlerFunc(pprof.Profile)) m.Handle("/debug/pprof/profile", http.HandlerFunc(pprof.Profile))
m.Handle("/debug/pprof/symbol", http.HandlerFunc(pprof.Symbol)) m.Handle("/debug/pprof/symbol", http.HandlerFunc(pprof.Symbol))
m.Handle("/debug/pprof/trace", http.HandlerFunc(pprof.Trace)) m.Handle("/debug/pprof/trace", http.HandlerFunc(pprof.Trace))
return trapClosedConnErr(http.Serve(l, m)) srv := &http.Server{
Handler: m,
ReadHeaderTimeout: 5 * time.Minute, // "G112: Potential Slowloris Attack (gosec)"; not a real concern for our use, so setting a long timeout.
}
return trapClosedConnErr(srv.Serve(l))
} }
// Stop the containerd server canceling any open connections // Stop the containerd server canceling any open connections