mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2025-06-13 02:33:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

cleanup: address gosec warnings

Browse Source 
gosec warns about security problems by scanning the
Go AST.

Issues Reported:
G101 (CWE-798): Potential hardcoded credentials (Confidence: LOW, Severity: HIGH)
G204 (CWE-78): Subprocess launched with variable (Confidence: HIGH, Severity: MEDIUM)
G304 (CWE-22): Potential file inclusion via variable (Confidence: HIGH, Severity: MEDIUM)

Signed-off-by: Yug <yuggupta27@gmail.com>
This commit is contained in:
Yug
2020-07-20 18:19:05 +05:30
committed by mergify[bot]
parent 48fa43270f
commit e73fe64a0d
7 changed files with 17 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/cephfs/util.go
View File

@ -34,7 +34,7 @@ type volumeID string
func execCommand(ctx context.Context, program string, args ...string) (stdout, stderr []byte, err error) {
var (
cmd = exec.Command(program, args...) // nolint: gosec, #nosec
cmd = exec.Command(program, args...) // #nosec:G204, not called with user specified parameters.
sanitizedArgs = util.StripSecretInArgs(args)
stdoutBuf bytes.Buffer
stderrBuf bytes.Buffer