Skip to content

Commit 5352c2e

Browse files
harp-intelharp-intel
authored
address issues identified by gosec (#371)
Signed-off-by: Harper, Jason M <[email protected]>
1 parent c2e5096 commit 5352c2e

File tree

2 files changed

+11
-2
lines changed

2 files changed

+11
-2
lines changed

cmd/metrics/metrics_server.go

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ import (
99
"net/http"
1010
"regexp"
1111
"strings"
12+
"time"
1213

1314
"github.com/prometheus/client_golang/prometheus"
1415
"github.com/prometheus/client_golang/prometheus/promhttp"
@@ -37,7 +38,12 @@ func startPrometheusServer(listenAddr string) {
3738
mux.Handle("/metrics", promhttp.Handler())
3839
slog.Info("Starting Prometheus metrics server", slog.String("address", listenAddr))
3940
go func() {
40-
err := http.ListenAndServe(listenAddr, mux)
41+
server := &http.Server{
42+
Addr: listenAddr,
43+
Handler: mux,
44+
ReadHeaderTimeout: 3 * time.Second,
45+
}
46+
err := server.ListenAndServe()
4147
if err != nil && err != http.ErrServerClosed {
4248
slog.Error("Prometheus HTTP server ListenAndServe error", slog.String("error", err.Error()))
4349
}

internal/util/util.go

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -511,7 +511,10 @@ func CreateFlatTGZ(files []string, tarballPath string) error {
511511
}
512512

513513
if _, err := io.Copy(tarWriter, srcFile); err != nil {
514-
srcFile.Close() // Ensure file is closed before returning
514+
closeErr := srcFile.Close() // Ensure file is closed before returning
515+
if closeErr != nil {
516+
return fmt.Errorf("failed to close file %s after copy error: %w", file, closeErr)
517+
}
515518
return fmt.Errorf("failed to copy file %s to tarball: %w", file, err)
516519
}
517520

0 commit comments

Comments
 (0)