Networks/Reticulum-Go
2
1
Fork 0
Code Issues 4 Pull Requests 1 Actions Packages Projects 1 Releases 1 Wiki Activity

Add 'bearer:disable go_gosec_filesystem_filereadtaint' comments to file loading functions across config and identity modules to suppress specific security scanner warnings

Browse Source
This commit is contained in:
ivan
2025-12-29 22:33:07 -06:00
parent b25f2c2bdc
commit fcfd04c0c2
4 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/config/config.go
View File

@@ -70,7 +70,7 @@ func parseValue(value string) interface{} {
// LoadConfig loads the configuration from the specified path
func LoadConfig(path string) (*common.ReticulumConfig, error) {
// bearer:disable
// bearer:disable go_gosec_filesystem_filereadtaint
file, err := os.Open(path) // #nosec G304
if err != nil {
return nil, err

2
internal/storage/storage.go
View File

@@ -136,7 +136,7 @@ func (m *Manager) LoadRatchets(identityHash []byte) (map[string][]byte, error) {
}
filePath := filepath.Join(ratchetDir, entry.Name())
// bearer:disable
// bearer:disable go_gosec_filesystem_filereadtaint
data, err := os.ReadFile(filePath) // #nosec G304 - reading from controlled directory
if err != nil {
debug.Log(debug.DEBUG_ERROR, "Failed to read ratchet file", "file", entry.Name(), "error", err)

2
pkg/config/config.go
View File

@@ -39,7 +39,7 @@ type Config struct {
}
func LoadConfig(path string) (*Config, error) {
// bearer:disable
// bearer:disable go_gosec_filesystem_filereadtaint
file, err := os.Open(path) // #nosec G304
if err != nil {
return nil, err

4
pkg/identity/identity.go
View File

@@ -503,7 +503,7 @@ func FromFile(path string) (*Identity, error) {
debug.Log(debug.DEBUG_ALL, "Loading identity from file", "path", path)
// Read the private key bytes from file
// bearer:disable
// bearer:disable go_gosec_filesystem_filereadtaint
data, err := os.ReadFile(path) // #nosec G304
if err != nil {
return nil, fmt.Errorf("failed to read identity file: %w", err)
@@ -670,6 +670,7 @@ func (i *Identity) saveRatchets(path string) error {
func RecallIdentity(path string) (*Identity, error) {
debug.Log(debug.DEBUG_ALL, "Attempting to recall identity", "path", path)
// bearer:disable go_gosec_filesystem_filereadtaint
file, err := os.Open(path) // #nosec G304
if err != nil {
debug.Log(debug.DEBUG_CRITICAL, "Failed to open identity file", "error", err)
@@ -727,6 +728,7 @@ func (i *Identity) loadRatchets(path string) error {
i.mutex.Lock()
defer i.mutex.Unlock()
// bearer:disable go_gosec_filesystem_filereadtaint
file, err := os.Open(path) // #nosec G304
if err != nil {
if os.IsNotExist(err) {