mirrors/crowdsec
1
0
Fork 0
mirror of https://github.com/crowdsecurity/crowdsec.git synced 2025-05-12 12:55:53 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

enable linter: revive (early-return) (#3051)

Browse source 
* enable linter: revive (early-return)

* lint
This commit is contained in:
mmetc 2024-06-07 16:53:23 +02:00 committed by GitHub
parent d3974894fc
commit 72b6da9925
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
8 changed files with 58 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.golangci.yml
View file

@ -102,7 +102,6 @@ linters-settings:
- "!**/pkg/csplugin/broker.go" - "!**/pkg/csplugin/broker.go"
- "!**/pkg/leakybucket/buckets_test.go" - "!**/pkg/leakybucket/buckets_test.go"
- "!**/pkg/leakybucket/manager_load.go" - "!**/pkg/leakybucket/manager_load.go"
- "!**/pkg/metabase/metabase.go"
- "!**/pkg/parser/node.go" - "!**/pkg/parser/node.go"
- "!**/pkg/parser/node_test.go" - "!**/pkg/parser/node_test.go"
- "!**/pkg/parser/parsing_test.go" - "!**/pkg/parser/parsing_test.go"
@ -139,8 +138,6 @@ linters-settings:
disabled: true disabled: true
- name: defer - name: defer
disabled: true disabled: true
- name: early-return
disabled: true
- name: empty-block - name: empty-block
disabled: true disabled: true
- name: empty-lines - name: empty-lines
@ -382,6 +379,7 @@ issues:
exclude-dirs: exclude-dirs:
- pkg/time/rate - pkg/time/rate
- pkg/metabase
exclude-files: exclude-files:
- pkg/yamlpatch/merge.go - pkg/yamlpatch/merge.go

14
pkg/acquisition/modules/s3/s3.go
View file

@ -131,7 +131,6 @@ func (s *S3Source) newS3Client() error {
} }
sess, err := session.NewSessionWithOptions(options) sess, err := session.NewSessionWithOptions(options)
if err != nil { if err != nil {
return fmt.Errorf("failed to create aws session: %w", err) return fmt.Errorf("failed to create aws session: %w", err)
} }
@ -146,7 +145,7 @@ func (s *S3Source) newS3Client() error {
s.s3Client = s3.New(sess, config) s.s3Client = s3.New(sess, config)
if s.s3Client == nil { if s.s3Client == nil {
return fmt.Errorf("failed to create S3 client") return errors.New("failed to create S3 client")
} }
return nil return nil
@ -167,7 +166,7 @@ func (s *S3Source) newSQSClient() error {
} }
if sess == nil { if sess == nil {
return fmt.Errorf("failed to create aws session") return errors.New("failed to create aws session")
} }
config := aws.NewConfig() config := aws.NewConfig()
if s.Config.AwsRegion != "" { if s.Config.AwsRegion != "" {
@ -178,7 +177,7 @@ func (s *S3Source) newSQSClient() error {
} }
s.sqsClient = sqs.New(sess, config) s.sqsClient = sqs.New(sess, config)
if s.sqsClient == nil { if s.sqsClient == nil {
return fmt.Errorf("failed to create SQS client") return errors.New("failed to create SQS client")
} }
return nil return nil
} }
@ -251,16 +250,15 @@ func (s *S3Source) listPoll() error {
continue continue
} }
for i := len(bucketObjects) - 1; i >= 0; i-- { for i := len(bucketObjects) - 1; i >= 0; i-- {
if bucketObjects[i].LastModified.After(lastObjectDate) { if !bucketObjects[i].LastModified.After(lastObjectDate) {
break
}
newObject = true newObject = true
logger.Debugf("Found new object %s", *bucketObjects[i].Key) logger.Debugf("Found new object %s", *bucketObjects[i].Key)
s.readerChan <- S3Object{ s.readerChan <- S3Object{
Bucket: s.Config.BucketName, Bucket: s.Config.BucketName,
Key: *bucketObjects[i].Key, Key: *bucketObjects[i].Key,
} }
} else {
break
}
} }
if newObject { if newObject {
lastObjectDate = *bucketObjects[len(bucketObjects)-1].LastModified lastObjectDate = *bucketObjects[len(bucketObjects)-1].LastModified

9
pkg/apiserver/papi.go
View file

@ -141,16 +141,17 @@ func (p *Papi) handleEvent(event longpollclient.Event, sync bool) error {
return errors.New("no source user in header message, skipping") return errors.New("no source user in header message, skipping")
} }
if operationFunc, ok := operationMap[message.Header.OperationType]; ok { operationFunc, ok := operationMap[message.Header.OperationType]
if !ok {
return fmt.Errorf("operation '%s' unknown, continue", message.Header.OperationType)
}
logger.Debugf("Calling operation '%s'", message.Header.OperationType) logger.Debugf("Calling operation '%s'", message.Header.OperationType)
err := operationFunc(message, p, sync) err := operationFunc(message, p, sync)
if err != nil { if err != nil {
return fmt.Errorf("'%s %s failed: %w", message.Header.OperationType, message.Header.OperationCmd, err) return fmt.Errorf("'%s %s failed: %w", message.Header.OperationType, message.Header.OperationCmd, err)
} }
} else {
return fmt.Errorf("operation '%s' unknown, continue", message.Header.OperationType)
}
return nil return nil
} }

25
pkg/appsec/appsec_rule/modsecurity.go
View file

@ -1,6 +1,7 @@
package appsec_rule package appsec_rule
import ( import (
"errors"
"fmt" "fmt"
"hash/fnv" "hash/fnv"
"strings" "strings"
@ -67,9 +68,7 @@ var bodyTypeMatch map[string]string = map[string]string{
} }
func (m *ModsecurityRule) Build(rule *CustomRule, appsecRuleName string) (string, []uint32, error) { func (m *ModsecurityRule) Build(rule *CustomRule, appsecRuleName string) (string, []uint32, error) {
rules, err := m.buildRules(rule, appsecRuleName, false, 0, 0) rules, err := m.buildRules(rule, appsecRuleName, false, 0, 0)
if err != nil { if err != nil {
return "", nil, err return "", nil, err
} }
@ -99,7 +98,7 @@ func (m *ModsecurityRule) buildRules(rule *CustomRule, appsecRuleName string, an
ret := make([]string, 0) ret := make([]string, 0)
if len(rule.And) != 0 && len(rule.Or) != 0 { if len(rule.And) != 0 && len(rule.Or) != 0 {
return nil, fmt.Errorf("cannot have both 'and' and 'or' in the same rule") return nil, errors.New("cannot have both 'and' and 'or' in the same rule")
} }
if rule.And != nil { if rule.And != nil {
@ -166,15 +165,15 @@ func (m *ModsecurityRule) buildRules(rule *CustomRule, appsecRuleName string, an
r.WriteByte(' ') r.WriteByte(' ')
if rule.Match.Type != "" { if rule.Match.Type != "" {
if match, ok := matchMap[rule.Match.Type]; ok { match, ok := matchMap[rule.Match.Type]
if !ok {
return nil, fmt.Errorf("unknown match type '%s'", rule.Match.Type)
}
prefix := "" prefix := ""
if rule.Match.Not { if rule.Match.Not {
prefix = "!" prefix = "!"
} }
r.WriteString(fmt.Sprintf(`"%s%s %s"`, prefix, match, rule.Match.Value)) r.WriteString(fmt.Sprintf(`"%s%s %s"`, prefix, match, rule.Match.Value))
} else {
return nil, fmt.Errorf("unknown match type '%s'", rule.Match.Type)
}
} }
//Should phase:2 be configurable? //Should phase:2 be configurable?
@ -186,20 +185,20 @@ func (m *ModsecurityRule) buildRules(rule *CustomRule, appsecRuleName string, an
continue continue
} }
r.WriteByte(',') r.WriteByte(',')
if mappedTransform, ok := transformMap[transform]; ok { mappedTransform, ok := transformMap[transform]
r.WriteString(mappedTransform) if !ok {
} else {
return nil, fmt.Errorf("unknown transform '%s'", transform) return nil, fmt.Errorf("unknown transform '%s'", transform)
} }
r.WriteString(mappedTransform)
} }
} }
if rule.BodyType != "" { if rule.BodyType != "" {
if mappedBodyType, ok := bodyTypeMatch[rule.BodyType]; ok { mappedBodyType, ok := bodyTypeMatch[rule.BodyType]
r.WriteString(fmt.Sprintf(",ctl:requestBodyProcessor=%s", mappedBodyType)) if !ok {
} else {
return nil, fmt.Errorf("unknown body type '%s'", rule.BodyType) return nil, fmt.Errorf("unknown body type '%s'", rule.BodyType)
} }
r.WriteString(fmt.Sprintf(",ctl:requestBodyProcessor=%s", mappedBodyType))
} }
if and { if and {

7
pkg/appsec/coraza_logger.go
View file

@ -90,14 +90,13 @@ func (e *crzLogEvent) Bool(key string, b bool) dbg.Event {
func (e *crzLogEvent) Int(key string, i int) dbg.Event { func (e *crzLogEvent) Int(key string, i int) dbg.Event {
if e.muted { if e.muted {
if key != "rule_id" || !GetRuleDebug(i) {
return e
}
// this allows us to have per-rule debug logging // this allows us to have per-rule debug logging
if key == "rule_id" && GetRuleDebug(i) {
e.muted = false e.muted = false
e.fields = map[string]interface{}{} e.fields = map[string]interface{}{}
e.level = log.DebugLevel e.level = log.DebugLevel
} else {
return e
}
} }
e.fields[key] = i e.fields[key] = i

5
pkg/csplugin/hclog_adapter.go
View file

@ -221,11 +221,10 @@ func merge(dst map[string]interface{}, k, v interface{}) {
func safeString(str fmt.Stringer) (s string) { func safeString(str fmt.Stringer) (s string) {
defer func() { defer func() {
if panicVal := recover(); panicVal != nil { if panicVal := recover(); panicVal != nil {
if v := reflect.ValueOf(str); v.Kind() == reflect.Ptr && v.IsNil() { if v := reflect.ValueOf(str); v.Kind() != reflect.Ptr || !v.IsNil() {
s = "NULL"
} else {
panic(panicVal) panic(panicVal)
} }
s = "NULL"
} }
}() }()

7
pkg/exprhelpers/crowdsec_cti.go
View file

@ -86,12 +86,11 @@ func CrowdsecCTI(params ...any) (any, error) {
if val, err := CTICache.Get(ip); err == nil && val != nil { if val, err := CTICache.Get(ip); err == nil && val != nil {
ctiClient.Logger.Debugf("cti cache fetch for %s", ip) ctiClient.Logger.Debugf("cti cache fetch for %s", ip)
ret, ok := val.(*cticlient.SmokeItem) ret, ok := val.(*cticlient.SmokeItem)
if !ok { if ok {
ctiClient.Logger.Warningf("CrowdsecCTI: invalid type in cache, removing")
CTICache.Remove(ip)
} else {
return ret, nil return ret, nil
} }
ctiClient.Logger.Warningf("CrowdsecCTI: invalid type in cache, removing")
CTICache.Remove(ip)
} }
if !CTIBackOffUntil.IsZero() && time.Now().Before(CTIBackOffUntil) { if !CTIBackOffUntil.IsZero() && time.Now().Before(CTIBackOffUntil) {

27
pkg/parser/parsing_test.go
View file

@ -278,26 +278,25 @@ func matchEvent(expected types.Event, out types.Event, debug bool) ([]string, bo
for mapIdx := 0; mapIdx < len(expectMaps); mapIdx++ { for mapIdx := 0; mapIdx < len(expectMaps); mapIdx++ {
for expKey, expVal := range expectMaps[mapIdx] { for expKey, expVal := range expectMaps[mapIdx] {
if outVal, ok := outMaps[mapIdx][expKey]; ok { outVal, ok := outMaps[mapIdx][expKey]
if outVal == expVal { //ok entry if !ok {
if debug {
retInfo = append(retInfo, fmt.Sprintf("ok %s[%s] %s == %s", outLabels[mapIdx], expKey, expVal, outVal))
}
valid = true
} else { //mismatch entry
if debug {
retInfo = append(retInfo, fmt.Sprintf("mismatch %s[%s] %s != %s", outLabels[mapIdx], expKey, expVal, outVal))
}
valid = false
goto checkFinished
}
} else { //missing entry
if debug { if debug {
retInfo = append(retInfo, fmt.Sprintf("missing entry %s[%s]", outLabels[mapIdx], expKey)) retInfo = append(retInfo, fmt.Sprintf("missing entry %s[%s]", outLabels[mapIdx], expKey))
} }
valid = false valid = false
goto checkFinished goto checkFinished
} }
if outVal != expVal { //ok entry
if debug {
retInfo = append(retInfo, fmt.Sprintf("mismatch %s[%s] %s != %s", outLabels[mapIdx], expKey, expVal, outVal))
}
valid = false
goto checkFinished
}
if debug {
retInfo = append(retInfo, fmt.Sprintf("ok %s[%s] %s == %s", outLabels[mapIdx], expKey, expVal, outVal))
}
valid = true
} }
} }
checkFinished: checkFinished: