Problem: medium shiftleft scan findings (fix #127)

fix lint issue use closure for file.close fix manual file validity check display error in closing file fix lint issue
crypto-org-chain · Oct 22, 2020 · f3e377b · f3e377b
1 parent 59b2dad
commit f3e377b
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 6 deletions.
diff --git a/cmd/chain-maind/app/app.go b/cmd/chain-maind/app/app.go
@@ -3,8 +3,10 @@ package app
 import (
 	"context"
 	"encoding/json"
+	"fmt"
 	"io"
 	"os"
+	"path/filepath"
 
 	"github.com/cosmos/cosmos-sdk/codec"
 	"github.com/crypto-com/chain-main/app/params"
@@ -142,11 +144,19 @@ func initRootCmd(rootCmd *cobra.Command, encodingConfig params.EncodingConfig) {
 		config.SetRoot(clientCtx.HomeDir)
 		path := config.GenesisFile()
 
-		file, err := os.OpenFile(path, os.O_RDWR, 0644)
+		cleanedPath := filepath.Clean(path)
+		// nolint: gosec
+		file, err := os.OpenFile(cleanedPath, os.O_RDWR, 0600)
 		if err != nil {
 			return err
 		}
-		defer file.Close()
+
+		defer func() {
+			if closeErr := file.Close(); closeErr != nil {
+				fmt.Printf("Error closing file: %s\n", closeErr)
+			}
+		}()
+
 		var genesis map[string]interface{}
 		if err := json.NewDecoder(file).Decode(&genesis); err != nil {
 			return err
@@ -161,6 +171,7 @@ func initRootCmd(rootCmd *cobra.Command, encodingConfig params.EncodingConfig) {
 		if _, err := file.Seek(0, 0); err != nil {
 			return err
 		}
+
 		return json.NewEncoder(file).Encode(&genesis)
 	}
 

diff --git a/x/chainmain/client/cli/testnet.go b/x/chainmain/client/cli/testnet.go
@@ -527,7 +527,7 @@ func writeFile(name string, dir string, contents []byte) error {
 		return err
 	}
 
-	err = tmos.WriteFile(file, contents, 0644)
+	err = tmos.WriteFile(file, contents, 0600)
 	if err != nil {
 		return err
 	}

diff --git a/x/genutil/client/cli/gentx.go b/x/genutil/client/cli/gentx.go
@@ -245,18 +245,25 @@ func readUnsignedGenTxFile(clientCtx client.Context, r io.Reader) (sdk.Tx, error
 }
 
 func writeSignedGenTx(clientCtx client.Context, outputDocument string, tx sdk.Tx) error {
-	outputFile, err := os.OpenFile(outputDocument, os.O_CREATE|os.O_EXCL|os.O_WRONLY, 0644)
+	cleanedPath := filepath.Clean(outputDocument)
+	// nolint: gosec
+	outputFile, err := os.OpenFile(cleanedPath, os.O_CREATE|os.O_EXCL|os.O_WRONLY, 0600)
+
 	if err != nil {
 		return err
 	}
-	defer outputFile.Close()
+
+	defer func() {
+		if closeErr := outputFile.Close(); closeErr != nil {
+			fmt.Printf("Error closing file: %s\n", closeErr)
+		}
+	}()
 
 	json, err := clientCtx.TxConfig.TxJSONEncoder()(tx)
 	if err != nil {
 		return err
 	}
 
 	_, err = fmt.Fprintf(outputFile, "%s\n", json)
-
 	return err
 }