taigrr/wtf
1
0
Fork 0
mirror of https://github.com/taigrr/wtf synced 2025-01-18 04:03:14 -08:00
Code Issues Projects Releases Wiki Activity

20191217 gosec (#796)

Browse Source 
* Add gosec to the Makefile

Signed-off-by: Chris Cummer <chriscummer@me.com>

* Fix some issues found by gosec

Signed-off-by: Chris Cummer <chriscummer@me.com>
This commit is contained in:
Chris Cummer
2019-12-17 14:59:16 -08:00
committed by GitHub
parent cde904ff08
commit 10f761dbcb
11 changed files with 50 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
modules/gcal/client.go
View File

@@ -15,6 +15,7 @@ import (
"log"
"net/http"
"os"
"path/filepath"
"sort"
"time"
@@ -33,7 +34,7 @@ func (widget *Widget) Fetch() ([]*CalEvent, error) {
secretPath, _ := utils.ExpandHomeDir(widget.settings.secretFile)
b, err := ioutil.ReadFile(secretPath)
b, err := ioutil.ReadFile(filepath.Clean(secretPath))
if err != nil {
return nil, err
}
@@ -125,9 +126,9 @@ func isAuthenticated() bool {
}
func (widget *Widget) authenticate() {
secretPath, _ := utils.ExpandHomeDir(widget.settings.secretFile)
secretPath, _ := utils.ExpandHomeDir(filepath.Clean(widget.settings.secretFile))
b, err := ioutil.ReadFile(secretPath)
b, err := ioutil.ReadFile(filepath.Clean(secretPath))
if err != nil {
log.Fatalf("Unable to read secret file. %v", widget.settings.secretFile)
}
@@ -166,7 +167,7 @@ func tokenCacheFile() (string, error) {
// tokenFromFile retrieves a Token from a given file path.
// It returns the retrieved Token and any read error encountered.
func tokenFromFile(file string) (*oauth2.Token, error) {
f, err := os.Open(file)
f, err := os.Open(filepath.Clean(file))
if err != nil {
return nil, err
}