Skip to content

Commit

Permalink
security: conform to gosec G114 (#1860)
Browse files Browse the repository at this point in the history 
(cherry picked from commit 97b4112)
  • Loading branch information
@sober-wang @oilbeater
sober-wang authored and oilbeater committed Sep 7, 2022
1 parent ceb3855 commit 493b42d
Show file tree
Hide file tree
Showing 5 changed files with 44 additions and 5 deletions.
10 changes: 9 additions & 1 deletion cmd/controller/controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,15 @@ func CmdMain() {
mux.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
mux.HandleFunc("/debug/pprof/trace", pprof.Trace)
}
klog.Fatal(http.ListenAndServe(fmt.Sprintf("0.0.0.0:%d", config.PprofPort), mux))

// conform to Gosec G114
// https://github.com/securego/gosec#available-rules
server := &http.Server{
Addr: fmt.Sprintf("0.0.0.0:%d", config.PprofPort),
ReadHeaderTimeout: 3 * time.Second,
Handler: mux,
}
klog.Fatal(server.ListenAndServe())
}()

ctl := controller.NewController(config)
Expand Down
10 changes: 9 additions & 1 deletion cmd/daemon/cniserver.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,15 @@ func CmdMain() {
mux.HandleFunc("/debug/pprof/symbol", pprof.Symbol)
mux.HandleFunc("/debug/pprof/trace", pprof.Trace)
}
klog.Fatal(http.ListenAndServe(fmt.Sprintf("0.0.0.0:%d", config.PprofPort), mux))

// conform to Gosec G114
// https://github.com/securego/gosec#available-rules
server := &http.Server{
Addr: fmt.Sprintf("0.0.0.0:%d", config.PprofPort),
ReadHeaderTimeout: 3 * time.Second,
Handler: mux,
}
klog.Fatal(server.ListenAndServe())
}

func mvCNIConf() error {
Expand Down
10 changes: 9 additions & 1 deletion cmd/ovn_monitor/ovn_monitor.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package ovn_monitor

import (
"net/http"
"time"

"github.com/prometheus/client_golang/prometheus/promhttp"
"k8s.io/klog/v2"
Expand All @@ -28,5 +29,12 @@ func CmdMain() {

http.Handle(config.MetricsPath, promhttp.Handler())
klog.Infoln("Listening on", config.ListenAddress)
klog.Fatal(http.ListenAndServe(config.ListenAddress, nil))

// conform to Gosec G114
// https://github.com/securego/gosec#available-rules
server := &http.Server{
Addr: config.ListenAddress,
ReadHeaderTimeout: 3 * time.Second,
}
klog.Fatal(server.ListenAndServe())
}
9 changes: 8 additions & 1 deletion cmd/pinger/pinger.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"github.com/kubeovn/kube-ovn/pkg/util"
"net/http"
_ "net/http/pprof" // #nosec
"time"

"github.com/prometheus/client_golang/prometheus/promhttp"
"k8s.io/klog/v2"
Expand All @@ -26,7 +27,13 @@ func CmdMain() {
if config.Mode == "server" {
http.Handle("/metrics", promhttp.Handler())
go func() {
klog.Fatal(http.ListenAndServe(fmt.Sprintf("0.0.0.0:%d", config.Port), nil))
// conform to Gosec G114
// https://github.com/securego/gosec#available-rules
server := &http.Server{
Addr: fmt.Sprintf("0.0.0.0:%d", config.Port),
ReadHeaderTimeout: 3 * time.Second,
}
klog.Fatal(server.ListenAndServe())
}()
}
e := pinger.NewExporter(config)
Expand Down
10 changes: 9 additions & 1 deletion cmd/speaker/speaker.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package speaker
import (
"fmt"
"net/http"
"time"

"github.com/prometheus/client_golang/prometheus/promhttp"
"k8s.io/klog/v2"
Expand All @@ -26,7 +27,14 @@ func CmdMain() {

go func() {
http.Handle("/metrics", promhttp.Handler())
klog.Fatal(http.ListenAndServe(fmt.Sprintf("0.0.0.0:%d", config.PprofPort), nil))

// conform to Gosec G114
// https://github.com/securego/gosec#available-rules
server := &http.Server{
Addr: fmt.Sprintf("0.0.0.0:%d", config.PprofPort),
ReadHeaderTimeout: 3 * time.Second,
}
klog.Fatal(server.ListenAndServe())
}()

ctl.Run(stopCh)
Expand Down

0 comments on commit 493b42d

Please sign in to comment.