Skip to content
This repository was archived by the owner on Apr 4, 2024. It is now read-only.

ENG 256 fix gosec issues #779

Merged
merged 10 commits into from
Nov 25, 2021
4 changes: 3 additions & 1 deletion app/export.go
Original file line number Diff line number Diff line change
Expand Up @@ -186,7 +186,9 @@ func (app *EthermintApp) prepForZeroHeightGenesis(ctx sdk.Context, jailAllowedAd
app.StakingKeeper.SetValidator(ctx, validator)
}

iter.Close()
if err := iter.Close(); err != nil {
return err
}

if _, err := app.StakingKeeper.ApplyAndReturnValidatorSetUpdates(ctx); err != nil {
return err
Expand Down
5 changes: 4 additions & 1 deletion client/testnet.go
Original file line number Diff line number Diff line change
Expand Up @@ -556,7 +556,10 @@ func startTestnet(cmd *cobra.Command, args startArgs) error {
}

cmd.Println("press the Enter Key to terminate")
fmt.Scanln() // wait for Enter Key
_, err = fmt.Scanln() // wait for Enter Key
if err != nil {
return err
}
testnet.Cleanup()

return nil
Expand Down
2 changes: 1 addition & 1 deletion cmd/ethermintd/root.go
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ func NewRootCmd() (*cobra.Command, params.EncodingConfig) {
txCommand(),
ethermintclient.KeyCommands(app.DefaultNodeHome),
)
rootCmd = srvflags.AddTxFlags(rootCmd)
rootCmd, _ = srvflags.AddTxFlags(rootCmd)

// add rosetta
rootCmd.AddCommand(sdkserver.RosettaCommand(encodingConfig.InterfaceRegistry, encodingConfig.Marshaler))
Expand Down
10 changes: 8 additions & 2 deletions rpc/ethereum/namespaces/debug/api.go
Original file line number Diff line number Diff line change
Expand Up @@ -351,7 +351,10 @@ func (a *API) StartCPUProfile(file string) error {
}
if err := pprof.StartCPUProfile(f); err != nil {
a.logger.Debug("cpu profiling already in use", "error", err.Error())
f.Close()
if err := f.Close(); err != nil {
a.logger.Debug("failed to close cpu profile file")
return errors.New("failed to close cpu profile file")
}
return err
}

Expand All @@ -375,7 +378,10 @@ func (a *API) StopCPUProfile() error {
case a.handler.cpuFile != nil:
a.logger.Info("Done writing CPU profile", "profile", a.handler.cpuFilename)
pprof.StopCPUProfile()
a.handler.cpuFile.Close()
if err := a.handler.cpuFile.Close(); err != nil {
a.logger.Debug("failed to close cpu file")
return errors.New("failed to close cpu file")
}
a.handler.cpuFile = nil
a.handler.cpuFilename = ""
return nil
Expand Down
11 changes: 9 additions & 2 deletions rpc/ethereum/namespaces/debug/trace.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,11 @@ func (a *API) StartGoTrace(file string) error {
}
if err := trace.Start(f); err != nil {
a.logger.Debug("Go tracing already started", "error", err.Error())
f.Close()
if err := f.Close(); err != nil {
a.logger.Debug("failed to close trace file")
return errors.New("failed to close trace file")
}

return err
}
a.handler.traceFile = f
Expand All @@ -68,7 +72,10 @@ func (a *API) StopGoTrace() error {
return errors.New("trace not in progress")
}
a.logger.Info("Done writing Go trace", "dump", a.handler.traceFilename)
a.handler.traceFile.Close()
if err := a.handler.traceFile.Close(); err != nil {
a.logger.Debug("failed to close trace file")
return errors.New("failed to close trace file")
}
a.handler.traceFile = nil
a.handler.traceFilename = ""
return nil
Expand Down
4 changes: 3 additions & 1 deletion rpc/ethereum/namespaces/debug/utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,9 @@ func writeProfile(name, file string, log log.Logger) error {
}

if err := p.WriteTo(f, 0); err != nil {
f.Close()
if err := f.Close(); err != nil {
return err
}
return err
}

Expand Down
20 changes: 11 additions & 9 deletions server/flags/flags.go
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ const (
)

// AddTxFlags adds common flags for commands to post tx
func AddTxFlags(cmd *cobra.Command) *cobra.Command {
func AddTxFlags(cmd *cobra.Command) (*cobra.Command, error) {
cmd.PersistentFlags().String(flags.FlagChainID, "testnet", "Specify Chain ID for sending Tx")
cmd.PersistentFlags().String(flags.FlagFrom, "", "Name or address of private key with which to sign")
cmd.PersistentFlags().String(flags.FlagFees, "", "Fees to pay along with transaction; eg: 10aphoton")
Expand All @@ -67,12 +67,14 @@ func AddTxFlags(cmd *cobra.Command) *cobra.Command {

// viper.BindPFlag(flags.FlagTrustNode, cmd.Flags().Lookup(flags.FlagTrustNode))

// TODO: we need to handle the errors for these, decide if we should return error upward and handle
// nolint: errcheck
viper.BindPFlag(flags.FlagNode, cmd.Flags().Lookup(flags.FlagNode))
// nolint: errcheck
viper.BindPFlag(flags.FlagKeyringBackend, cmd.Flags().Lookup(flags.FlagKeyringBackend))
// nolint: errcheck
cmd.MarkFlagRequired(flags.FlagChainID)
return cmd
if err := viper.BindPFlag(flags.FlagNode, cmd.Flags().Lookup(flags.FlagNode)); err != nil {
return nil, err
}
if err := viper.BindPFlag(flags.FlagKeyringBackend, cmd.Flags().Lookup(flags.FlagKeyringBackend)); err != nil {
return nil, err
}
if err := cmd.MarkFlagRequired(flags.FlagChainID); err != nil {
return nil, err
}
return cmd, nil
}
16 changes: 11 additions & 5 deletions server/start.go
Original file line number Diff line number Diff line change
Expand Up @@ -244,7 +244,9 @@ func startInProcess(ctx *server.Context, clientCtx client.Context, appCreator ty
cpuProfileCleanup = func() {
ctx.Logger.Info("stopping CPU profiler", "profile", cpuProfile)
pprof.StopCPUProfile()
f.Close()
if err := f.Close(); err != nil {
logger.Error("failed to close CPU profiler file", "error", err.Error())
}
}
}

Expand Down Expand Up @@ -359,7 +361,7 @@ func startInProcess(ctx *server.Context, clientCtx client.Context, appCreator ty
if config.GRPCWeb.Enable {
grpcWebSrv, err = servergrpc.StartGRPCWeb(grpcSrv, config.Config)
if err != nil {
ctx.Logger.Error("failed to start grpc-web http server: ", err)
ctx.Logger.Error("failed to start grpc-web http server", "error", err)
return err
}
}
Expand Down Expand Up @@ -439,7 +441,9 @@ func startInProcess(ctx *server.Context, clientCtx client.Context, appCreator ty
if grpcSrv != nil {
grpcSrv.Stop()
if grpcWebSrv != nil {
grpcWebSrv.Close()
if err := grpcWebSrv.Close(); err != nil {
logger.Error("failed to close the grpcWebSrc", "error", err.Error())
}
}
}

Expand Down Expand Up @@ -474,9 +478,11 @@ func openTraceWriter(traceWriterFile string) (w io.Writer, err error) {
if traceWriterFile == "" {
return
}

filePath := filepath.Clean(traceWriterFile)
return os.OpenFile(
traceWriterFile,
filePath,
os.O_WRONLY|os.O_APPEND|os.O_CREATE,
0o666,
0o600,
)
}
4 changes: 2 additions & 2 deletions testutil/network/network.go
Original file line number Diff line number Diff line change
Expand Up @@ -334,12 +334,12 @@ func New(l Logger, baseDir string, cfg Config) (*Network, error) {
clientDir := filepath.Join(network.BaseDir, nodeDirName, "evmoscli")
gentxsDir := filepath.Join(network.BaseDir, "gentxs")

err := os.MkdirAll(filepath.Join(nodeDir, "config"), 0o755)
err := os.MkdirAll(filepath.Join(nodeDir, "config"), 0o750)
if err != nil {
return nil, err
}

err = os.MkdirAll(clientDir, 0o755)
err = os.MkdirAll(clientDir, 0o750)
if err != nil {
return nil, err
}
Expand Down