Skip to content

Commit

Permalink
fix: correct initial CodeQL findings
Browse files Browse the repository at this point in the history
- Incorrect conversion between integer types
- Size computation for allocation may overflow
  • Loading branch information
dnwe committed Apr 28, 2021
1 parent 1c17804 commit d2ff778
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 16 deletions.
12 changes: 10 additions & 2 deletions admin.go
Original file line number Diff line number Diff line change
Expand Up @@ -619,7 +619,11 @@ func (ca *clusterAdmin) DescribeConfig(resource ConfigResource) ([]ConfigEntry,

// DescribeConfig of broker/broker logger must be sent to the broker in question
if dependsOnSpecificNode(resource) {
id, _ := strconv.Atoi(resource.Name)
var id int64
id, err = strconv.ParseInt(resource.Name, 10, 32)
if err != nil {
return nil, err
}
b, err = ca.findBroker(int32(id))
} else {
b, err = ca.findAnyBroker()
Expand Down Expand Up @@ -670,7 +674,11 @@ func (ca *clusterAdmin) AlterConfig(resourceType ConfigResourceType, name string

// AlterConfig of broker/broker logger must be sent to the broker in question
if dependsOnSpecificNode(ConfigResource{Name: name, Type: resourceType}) {
id, _ := strconv.Atoi(name)
var id int64
id, err = strconv.ParseInt(name, 10, 32)
if err != nil {
return err
}
b, err = ca.findBroker(int32(id))
} else {
b, err = ca.findAnyBroker()
Expand Down
2 changes: 1 addition & 1 deletion broker.go
Original file line number Diff line number Diff line change
Expand Up @@ -816,7 +816,7 @@ func (b *Broker) encode(pe packetEncoder, version int16) (err error) {
return err
}

port, err := strconv.Atoi(portstr)
port, err := strconv.ParseInt(portstr, 10, 32)
if err != nil {
return err
}
Expand Down
22 changes: 9 additions & 13 deletions gssapi_kerberos.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,10 @@ package sarama
import (
"encoding/asn1"
"encoding/binary"
"errors"
"fmt"
"io"
"math"
"strings"
"time"

Expand Down Expand Up @@ -53,15 +55,14 @@ type KerberosClient interface {
Destroy()
}

/*
*
* Appends length in big endian before payload, and send it to kafka
*
*/

// writePackage appends length in big endian before the payload, and sends it to kafka
func (krbAuth *GSSAPIKerberosAuth) writePackage(broker *Broker, payload []byte) (int, error) {
length := len(payload)
finalPackage := make([]byte, length+4) //4 byte length header + payload
size := length + 4 // 4 byte length header + payload
if size > math.MaxUint32 {
return 0, errors.New("payload too large, will overflow uint32")
}
finalPackage := make([]byte, size)
copy(finalPackage[4:], payload)
binary.BigEndian.PutUint32(finalPackage, uint32(length))
bytes, err := broker.conn.Write(finalPackage)
Expand All @@ -71,12 +72,7 @@ func (krbAuth *GSSAPIKerberosAuth) writePackage(broker *Broker, payload []byte)
return bytes, nil
}

/*
*
* Read length (4 bytes) and then read the payload
*
*/

// readPackage reads payload length (4 bytes) and then reads the payload into []byte
func (krbAuth *GSSAPIKerberosAuth) readPackage(broker *Broker) ([]byte, int, error) {
bytesRead := 0
lengthInBytes := make([]byte, 4)
Expand Down

0 comments on commit d2ff778

Please sign in to comment.