G115: integer overflow conversion uint -> int

sapcc · Aug 26, 2024 · f34e540 · f34e540
1 parent 9e01e28
commit f34e540
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 11 deletions.
diff --git a/pkg/api/events.go b/pkg/api/events.go
@@ -23,6 +23,7 @@ import (
 	"net/http"
 
 	"fmt"
+	"math"
 	"reflect"
 	"strconv"
 	"strings"
@@ -193,14 +194,25 @@ func (p *v1Provider) ListEvents(res http.ResponseWriter, req *http.Request) {
 
 	// What protocol to use for PrevURL and NextURL?
 	protocol := getProtocol(req)
-	// Do we need a NextURL?
-	if int(filter.Offset+filter.Limit) < total {
-		req.Form.Set("offset", strconv.FormatUint(uint64(filter.Offset+filter.Limit), 10))
+
+	// Calculate and set the NextURL if there are more events to fetch
+	if uint64(filter.Offset)+uint64(filter.Limit) < uint64(total) {
+		// Calculate the offset for the next page, ensuring it doesn't exceed MaxUint32
+		nextOffset := uint64(filter.Offset) + uint64(filter.Limit)
+		if nextOffset > math.MaxUint32 {
+			nextOffset = math.MaxUint32
+		}
+		// Update the offset in the query parameters and construct the NextURL
+		req.Form.Set("offset", strconv.FormatUint(nextOffset, 10))
 		eventList.NextURL = fmt.Sprintf("%s://%s%s?%s", protocol, req.Host, req.URL.Path, req.Form.Encode())
 	}
-	// Do we need a PrevURL?
-	if int(filter.Offset-filter.Limit) >= 0 {
-		req.Form.Set("offset", strconv.FormatUint(uint64(filter.Offset-filter.Limit), 10))
+
+	// Calculate and set the PrevURL if we're not on the first page
+	if filter.Offset >= filter.Limit {
+		// Calculate the offset for the previous page
+		prevOffset := filter.Offset - filter.Limit
+		// Update the offset in the query parameters and construct the PrevURL
+		req.Form.Set("offset", strconv.FormatUint(uint64(prevOffset), 10))
 		eventList.PrevURL = fmt.Sprintf("%s://%s%s?%s", protocol, req.Host, req.URL.Path, req.Form.Encode())
 	}
 

diff --git a/pkg/storage/elasticsearch.go b/pkg/storage/elasticsearch.go
@@ -24,6 +24,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"log"
+	"math"
 	"strings"
 
 	elastic "github.com/olivere/elastic/v7"
@@ -197,9 +198,12 @@ func (es ElasticSearch) GetEvents(filter *EventFilter, tenantID string) ([]*cadf
 		}
 	}
 
+	offset := int(math.Min(float64(filter.Offset), float64(math.MaxInt32)))
+	limit := int(math.Min(float64(filter.Limit), float64(math.MaxInt32)))
+
 	esSearch = esSearch.
 		Sort(esFieldMapping["time"], false).
-		From(int(filter.Offset)).Size(int(filter.Limit))
+		From(offset).Size(limit)
 
 	searchResult, err := esSearch.Do(context.Background()) // execute
 	// errcheck already within an errchecek, this is for additional detail.
@@ -272,9 +276,10 @@ func (es ElasticSearch) GetAttributes(filter *AttributeFilter, tenantID string)
 	}
 	logg.Debug("Mapped Queryname: %s --> %s", filter.QueryName, esName)
 
-	queryAgg := elastic.NewTermsAggregation().Size(int(filter.Limit)).Field(esName)
+	limit := int(math.Min(float64(filter.Limit), float64(math.MaxInt32)))
+	queryAgg := elastic.NewTermsAggregation().Size(limit).Field(esName)
 
-	esSearch := es.client().Search().Index(index).Size(int(filter.Limit)).Aggregation("attributes", queryAgg)
+	esSearch := es.client().Search().Index(index).Size(limit).Aggregation("attributes", queryAgg)
 	searchResult, err := esSearch.Do(context.Background())
 	// errcheck already within an errcheck, this is for additional detail.
 	if err != nil {
@@ -303,6 +308,8 @@ func (es ElasticSearch) GetAttributes(filter *AttributeFilter, tenantID string)
 	}
 	logg.Debug("Number of Buckets: %d", len(termsAggRes.Buckets))
 
+	maxDepth := int(math.Min(float64(filter.MaxDepth), float64(math.MaxInt32)))
+
 	var unique []string
 	for _, bucket := range termsAggRes.Buckets {
 		logg.Debug("key: %s count: %d", bucket.Key, bucket.DocCount)
@@ -313,7 +320,7 @@ func (es ElasticSearch) GetAttributes(filter *AttributeFilter, tenantID string)
 		if filter.MaxDepth != 0 && strings.Contains(attribute, "/") {
 			s := strings.Split(attribute, "/")
 			l := len(s)
-			for i := 0; i < int(filter.MaxDepth) && i < l; i++ {
+			for i := 0; i < maxDepth && i < l; i++ {
 				if i != 0 {
 					att += "/"
 				}
@@ -331,7 +338,11 @@ func (es ElasticSearch) GetAttributes(filter *AttributeFilter, tenantID string)
 
 // MaxLimit grabs the configured maxlimit for results
 func (es ElasticSearch) MaxLimit() uint {
-	return uint(viper.GetInt("elasticsearch.max_result_window"))
+	maxLimit := viper.GetInt("elasticsearch.max_result_window")
+	if maxLimit < 0 {
+		return 0
+	}
+	return uint(maxLimit)
 }
 
 // indexName Generates the index name for a given TenantId. If no tenantID defaults to audit-*