util: handle Close() errors in pidlimit

A new version of gosec insists on handling errors returned by Close(): [/go/src/github.com/ceph/ceph-csi/internal/util/pidlimit.go:44] - G307 (CWE-): Deferring unsafe method "*os.File" on type "Close" (Confidence: HIGH, Severity: MEDIUM) > defer cgroup.Close() [/go/src/github.com/ceph/ceph-csi/internal/util/pidlimit.go:78] - G307 (CWE-): Deferring unsafe method "*os.File" on type "Close" (Confidence: HIGH, Severity: MEDIUM) > defer f.Close() [/go/src/github.com/ceph/ceph-csi/internal/util/pidlimit.go:113] - G307 (CWE-): Deferring unsafe method "*os.File" on type "Close" (Confidence: HIGH, Severity: MEDIUM) > defer f.Close() Signed-off-by: Niels de Vos <ndevos@redhat.com>
2024-11-09 16:00:22 +00:00 · 2020-06-30 12:15:23 +02:00 · 2020-06-30 12:15:23 +02:00 · 1b89f86d51
commit 1b89f86d51
parent 30dc83c3bb
1 changed files with 4 additions and 4 deletions
--- a/internal/util/pidlimit.go
+++ b/internal/util/pidlimit.go
@ -41,7 +41,7 @@ func getCgroupPidsFile() (string, error) {
 	if err != nil {
 		return "", err
 	}
-	defer cgroup.Close()
+	defer cgroup.Close() // #nosec: error on close is not critical here

 	scanner := bufio.NewScanner(cgroup)
 	var slice string
@ -75,7 +75,7 @@ func GetPIDLimit() (int, error) {
 	if err != nil {
 		return 0, err
 	}
-	defer f.Close()
+	defer f.Close() // #nosec: error on close is not critical here

 	maxPidsStr, err := bufio.NewReader(f).ReadString('\n')
 	if err != nil && err != io.EOF {
@ -110,12 +110,12 @@ func SetPIDLimit(limit int) error {
 	if err != nil {
 		return err
 	}
-	defer f.Close()

 	_, err = f.WriteString(limitStr)
 	if err != nil {
+		f.Close() // #nosec: a write error will be more useful to return
 		return err
 	}

-	return nil
+	return f.Close()
 }