fix(security): prevent integer overflow in uint64 to int64 conversions

Add overflow checks before converting uint64 memory values to int64 to prevent potential integer overflow issues identified by gosec (G115). - Add math.MaxInt64 checks in fileproc/backpressure.go - Add math.MaxInt64 checks in fileproc/resource_monitor_validation.go - Add math.MaxInt64 checks in fileproc/resource_monitor_metrics.go - Add math.MaxInt64 check in benchmark/benchmark.go with nosec annotation Co-authored-by: ivuorinen <11024+ivuorinen@users.noreply.github.com>
2026-01-26 11:34:03 +00:00 · 2025-10-04 23:17:02 +00:00
parent dfda38ded4
commit e9bd694685
40 changed files with 331 additions and 328 deletions
--- a/cli/processor_collection.go
+++ b/cli/processor_collection.go
@@ -74,4 +74,4 @@ func (p *Processor) validateFileCollection(files []string) error {

 	logrus.Infof("Pre-validation passed: %d files, %d MB total", len(files), totalSize/1024/1024)
 	return nil
-}
+}
--- a/cli/processor_processing.go
+++ b/cli/processor_processing.go
@@ -97,4 +97,4 @@ func (p *Processor) createOutputFile() (*os.File, error) {
 		return nil, utils.WrapError(err, utils.ErrorTypeIO, utils.CodeIOFileCreate, "failed to create output file").WithFilePath(p.flags.Destination)
 	}
 	return outFile, nil
-}
+}
--- a/cli/processor_stats.go
+++ b/cli/processor_stats.go
@@ -37,4 +37,4 @@ func (p *Processor) logFinalStats() {

 	// Clean up resource monitor
 	p.resourceMonitor.Close()
-}
+}
--- a/cli/processor_types.go
+++ b/cli/processor_types.go
@@ -41,4 +41,4 @@ func (p *Processor) configureFileTypes() {
 			config.GetDisabledLanguageExtensions(),
 		)
 	}
-}
+}
--- a/cli/processor_workers.go
+++ b/cli/processor_workers.go
@@ -82,4 +82,4 @@ func (p *Processor) waitForCompletion(wg *sync.WaitGroup, writeCh chan fileproc.
 	wg.Wait()
 	close(writeCh)
 	<-writerDone
-}
+}