diff options
| author |  RENAN.BASTOS <renanbastos.tec@gmail.com>
| 2020-02-28 17:03:48 -0300 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2020-02-28 21:03:48 +0100 |
| commit | 695f713fcf594b33fd8c126cfa8dc9f119d4391b (patch) | |
| tree | 805d39603c15969c17b9a059814b89a221f840d3 /bytesconv.go | |
| parent | Run tests on 1.14 (diff) | |
| download | fasthttp-695f713fcf594b33fd8c126cfa8dc9f119d4391b.tar.gz fasthttp-695f713fcf594b33fd8c126cfa8dc9f119d4391b.tar.bz2 fasthttp-695f713fcf594b33fd8c126cfa8dc9f119d4391b.zip | |
feat: workflow to verify security using GoSec (#747)
* feat: workflow to valid security using GoSec
* Update security.yml
* Fix gosec problems
These are all either false positives or os.Open operations done on
filenames supplied by the fasthttp user which we have to assume is safe.
* Just ignore some rules globally
* Fix more warnings
* No more warnings
Co-authored-by: Erik Dubbelboer <erik@dubbelboer.com>
Diffstat (limited to 'bytesconv.go')
| -rw-r--r-- | bytesconv.go | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/bytesconv.go b/bytesconv.go index e8fbabb..a3b82e2 100644 --- a/bytesconv.go +++ b/bytesconv.go @@ -330,6 +330,7 @@ func lowercaseBytes(b []byte) { // Note it may break if string and/or slice header will change // in the future go versions. func b2s(b []byte) string { + /* #nosec G103 */ return *(*string)(unsafe.Pointer(&b)) } @@ -338,7 +339,9 @@ func b2s(b []byte) string { // Note it may break if string and/or slice header will change // in the future go versions. func s2b(s string) (b []byte) { + /* #nosec G103 */ bh := (*reflect.SliceHeader)(unsafe.Pointer(&b)) + /* #nosec G103 */ sh := *(*reflect.StringHeader)(unsafe.Pointer(&s)) bh.Data = sh.Data bh.Len = sh.Len |