From 471f9239e5ec0856df30029fa4be8e0f8d41d346 Mon Sep 17 00:00:00 2001 From: apoorvajagtap Date: Mon, 11 Mar 2024 12:36:55 +0530 Subject: [PATCH] removing error handling while closing connections --- client.go | 9 ++++++--- proxy.go | 11 ++++++++--- server.go | 23 ++++++++++++++--------- 3 files changed, 28 insertions(+), 15 deletions(-) diff --git a/client.go b/client.go index ade39252..f7ab8f60 100644 --- a/client.go +++ b/client.go @@ -293,7 +293,8 @@ func (d *Dialer) DialContext(ctx context.Context, urlStr string, requestHeader h } err = c.SetDeadline(deadline) if err != nil { - return nil, errors.Join(err, c.Close()) + c.Close() //#nosec G104 (CWE-703): Errors unhandled + return nil, err } return c, nil } @@ -332,7 +333,9 @@ func (d *Dialer) DialContext(ctx context.Context, urlStr string, requestHeader h defer func() { if netConn != nil { - netConn.Close() //#nosec:G104 (CWE-703) + // As mentioned in https://github.com/gorilla/websocket/pull/897#issuecomment-1947108098: + // It's safe to ignore the errors for netconn.Close() + netConn.Close() //#nosec G104 (CWE-703): Errors unhandled } }() @@ -427,7 +430,7 @@ func (d *Dialer) DialContext(ctx context.Context, urlStr string, requestHeader h return nil, nil, err } netConn = nil // to avoid close in defer. - return conn, resp, err + return conn, resp, nil } func cloneTLSConfig(cfg *tls.Config) *tls.Config { diff --git a/proxy.go b/proxy.go index 6160cd1b..0bdb5a0c 100644 --- a/proxy.go +++ b/proxy.go @@ -57,7 +57,10 @@ func (hpd *httpProxyDialer) Dial(network string, addr string) (net.Conn, error) } if err := connectReq.Write(conn); err != nil { - return nil, errors.Join(err, conn.Close()) + // As mentioned in https://github.com/gorilla/websocket/pull/897#issuecomment-1947108098: + // It's safe to ignore the errors for conn.Close() + conn.Close() //#nosec G104 (CWE-703): Errors unhandled + return nil, err } // Read response. It's OK to use and discard buffered reader here becaue @@ -65,12 +68,14 @@ func (hpd *httpProxyDialer) Dial(network string, addr string) (net.Conn, error) br := bufio.NewReader(conn) resp, err := http.ReadResponse(br, connectReq) if err != nil { - return nil, errors.Join(err, conn.Close()) + conn.Close() //#nosec G104 (CWE-703): Errors unhandled + return nil, err } if resp.StatusCode != http.StatusOK { + conn.Close() //#nosec G104 (CWE-703): Errors unhandled f := strings.SplitN(resp.Status, " ", 2) - return nil, errors.Join(errors.New(f[1]), conn.Close()) + return nil, errors.New(f[1]) } return conn, nil } diff --git a/server.go b/server.go index 20be4ede..94eb4885 100644 --- a/server.go +++ b/server.go @@ -8,6 +8,7 @@ import ( "bufio" "errors" "io" + "log" "net/http" "net/url" "strings" @@ -179,10 +180,10 @@ func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeade } if brw.Reader.Buffered() > 0 { - return nil, errors.Join( - errors.New("websocket: client sent data before handshake is complete"), - netConn.Close(), - ) + // As mentioned in https://github.com/gorilla/websocket/pull/897#issuecomment-1947108098: + // It's safe to ignore the errors for netconn.Close() + netConn.Close() //#nosec G104 (CWE-703): Errors unhandled + return nil, errors.New("websocket: client sent data before handshake is complete") } var br *bufio.Reader @@ -247,20 +248,24 @@ func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeade // Clear deadlines set by HTTP server. if err := netConn.SetDeadline(time.Time{}); err != nil { - return nil, errors.Join(err, netConn.Close()) + netConn.Close() //#nosec G104 (CWE-703): Errors unhandled + return nil, err } if u.HandshakeTimeout > 0 { if err := netConn.SetWriteDeadline(time.Now().Add(u.HandshakeTimeout)); err != nil { - return nil, errors.Join(err, netConn.Close()) + netConn.Close() //#nosec G104 (CWE-703): Errors unhandled + return nil, err } } if _, err = netConn.Write(p); err != nil { - return nil, errors.Join(err, netConn.Close()) + netConn.Close() //#nosec G104 (CWE-703): Errors unhandled + return nil, err } if u.HandshakeTimeout > 0 { if err := netConn.SetWriteDeadline(time.Time{}); err != nil { - return nil, errors.Join(err, netConn.Close()) + netConn.Close() //#nosec G104 (CWE-703): Errors unhandled + return nil, err } } @@ -363,7 +368,7 @@ func bufioWriterBuffer(originalWriter io.Writer, bw *bufio.Writer) []byte { panic(err) } if err := bw.Flush(); err != nil { - panic(err) + log.Printf("websocket: bufioWriterBuffer: Flush: %v", err) } bw.Reset(originalWriter)