Handle gosec findings

Yay! For automated security checks. It found a potentially dangerous memory aliasing in a for loop. Also, I'm suppressing the complaints about errors which the crypto.KeccakState implementations of Read and Write cannot throw.
OffchainLabs · Oct 5, 2024 · 26a835c · 26a835c
1 parent 209a423
commit 26a835c
Showing 1 changed file with 5 additions and 4 deletions.
diff --git a/state-commitments/history/history_commitment.go b/state-commitments/history/history_commitment.go
@@ -67,12 +67,13 @@ func (h *historyCommitter) hash(item ...*common.Hash) common.Hash {
 }
 
 // hashInto hashes the concatenation of the passed items into the result.
+// nolint:errcheck
 func (h *historyCommitter) hashInto(result *common.Hash, items ...*common.Hash) {
 	defer h.keccak.Reset()
 	for _, item := range items {
-		h.keccak.Write(item[:])
+		h.keccak.Write(item[:]) // #nosec G104 - KeccakState.Write never errors
 	}
-	h.keccak.Read(result[:]) // nolint:errcheck
+	h.keccak.Read(result[:]) // #nosec G104 - KeccakState.Read never errors
 }
 
 func (h *historyCommitter) ComputeRoot(leaves []common.Hash, virtual uint64) (common.Hash, error) {
@@ -97,8 +98,8 @@ func (h *historyCommitter) GeneratePrefixProof(prefixIndex uint64, leaves []comm
 // hashLeaves returns a slich of hashes of the leaves
 func (h *historyCommitter) hashLeaves(leaves []common.Hash) []common.Hash {
 	hashedLeaves := make([]common.Hash, len(leaves))
-	for i, leaf := range leaves {
-		hashedLeaves[i] = h.hash(&leaf)
+	for i := range leaves {
+		hashedLeaves[i] = h.hash(&leaves[i])
 	}
 	return hashedLeaves
 }