Networks/Reticulum-Go
2
1
Fork 0
Code Issues 5 Pull Requests 1 Actions Packages Projects 1 Releases 1 Wiki Activity

fix: add security comments to handle non-critical errors in ratchet persistence

Browse Source
This commit is contained in:
ivan
2025-11-20 18:04:26 -06:00
parent 4859f5513a
commit 4f37df2fc0
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/destination/destination.go
View File

@@ -524,19 +524,24 @@ func (d *Destination) persistRatchets() error {
} }
if _, err := file.Write(finalData); err != nil { if _, err := file.Write(finalData); err != nil {
// #nosec G104 - Error already being handled, cleanup errors are non-critical
file.Close() file.Close()
// #nosec G104 - Error already being handled, cleanup errors are non-critical
os.Remove(tempPath) os.Remove(tempPath)
return fmt.Errorf("failed to write ratchet data: %w", err) return fmt.Errorf("failed to write ratchet data: %w", err)
} }
// #nosec G104 - File is being closed after successful write, error is non-critical
file.Close() file.Close()
// Remove old file if exists // Remove old file if exists
if _, err := os.Stat(d.ratchetPath); err == nil { if _, err := os.Stat(d.ratchetPath); err == nil {
// #nosec G104 - Removing old file, error is non-critical if it doesn't exist
os.Remove(d.ratchetPath) os.Remove(d.ratchetPath)
} }
// Atomic rename // Atomic rename
if err := os.Rename(tempPath, d.ratchetPath); err != nil { if err := os.Rename(tempPath, d.ratchetPath); err != nil {
// #nosec G104 - Error already being handled, cleanup errors are non-critical
os.Remove(tempPath) os.Remove(tempPath)
return fmt.Errorf("failed to rename ratchet file: %w", err) return fmt.Errorf("failed to rename ratchet file: %w", err)
} }