scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 11:08:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix semgrep false-positive due to co-dependent returns (#17984)

Browse Source 
We previously tried to extract this log into a function (shouldExit),
but semgrep doesn't expand function invocations, leading us to be forced
to add another rule to the regex.

Instead, add the extraneous `err != nil` conditional into the if
statements, even though skip/err should always be true in these cases
and it should never be evaluated.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
This commit is contained in:
Alexander Scheel
2022-11-17 09:26:13 -05:00
committed by GitHub
parent 7c1a0ad8bc
commit d1ad4469b3
4 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
command/healthcheck/pki_ca_validity_period.go
View File

@@ -100,7 +100,7 @@ func (h *CAValidityPeriod) FetchResources(e *Executor) error {
exit, _, issuers, err := pkiFetchIssuers(e, func() {
h.UnsupportedVersion = true
})
if exit {
if exit || err != nil {
return err
}
@@ -108,7 +108,7 @@ func (h *CAValidityPeriod) FetchResources(e *Executor) error {
skip, _, cert, err := pkiFetchIssuer(e, issuer, func() {
h.UnsupportedVersion = true
})
if skip {
if skip || err != nil {
if err != nil {
return err
}

6
command/healthcheck/pki_crl_validity_period.go
View File

@@ -73,7 +73,7 @@ func (h *CRLValidityPeriod) FetchResources(e *Executor) error {
exit, _, issuers, err := pkiFetchIssuers(e, func() {
h.UnsupportedVersion = true
})
if exit {
if exit || err != nil {
return err
}
@@ -81,7 +81,7 @@ func (h *CRLValidityPeriod) FetchResources(e *Executor) error {
exit, _, crl, err := pkiFetchIssuerCRL(e, issuer, false, func() {
h.UnsupportedVersion = true
})
if exit {
if exit || err != nil {
if err != nil {
return err
}
@@ -93,7 +93,7 @@ func (h *CRLValidityPeriod) FetchResources(e *Executor) error {
exit, _, delta, err := pkiFetchIssuerCRL(e, issuer, true, func() {
h.NoDeltas = true
})
if exit {
if exit || err != nil {
if err != nil {
return err
}

6
command/healthcheck/pki_hardware_backed_root.go
View File

@@ -52,7 +52,7 @@ func (h *HardwareBackedRoot) FetchResources(e *Executor) error {
exit, _, issuers, err := pkiFetchIssuers(e, func() {
h.UnsupportedVersion = true
})
if exit {
if exit || err != nil {
return err
}
@@ -60,7 +60,7 @@ func (h *HardwareBackedRoot) FetchResources(e *Executor) error {
skip, ret, entry, err := pkiFetchIssuerEntry(e, issuer, func() {
h.UnsupportedVersion = true
})
if skip || entry == nil {
if skip || err != nil || entry == nil {
if err != nil {
return err
}
@@ -86,7 +86,7 @@ func (h *HardwareBackedRoot) FetchResources(e *Executor) error {
skip, _, keyEntry, err := pkiFetchKeyEntry(e, keyId, func() {
h.UnsupportedVersion = true
})
if skip || keyEntry == nil {
if skip || err != nil || keyEntry == nil {
if err != nil {
return err
}

8
command/healthcheck/pki_root_issued_leaves.go
View File

@@ -59,7 +59,7 @@ func (h *RootIssuedLeaves) FetchResources(e *Executor) error {
exit, _, issuers, err := pkiFetchIssuers(e, func() {
h.UnsupportedVersion = true
})
if exit {
if exit || err != nil {
return err
}
@@ -67,7 +67,7 @@ func (h *RootIssuedLeaves) FetchResources(e *Executor) error {
skip, _, cert, err := pkiFetchIssuer(e, issuer, func() {
h.UnsupportedVersion = true
})
if skip {
if skip || err != nil {
if err != nil {
return err
}
@@ -88,7 +88,7 @@ func (h *RootIssuedLeaves) FetchResources(e *Executor) error {
exit, _, leaves, err := pkiFetchLeaves(e, func() {
h.UnsupportedVersion = true
})
if exit {
if exit || err != nil {
return err
}
@@ -101,7 +101,7 @@ func (h *RootIssuedLeaves) FetchResources(e *Executor) error {
skip, _, cert, err := pkiFetchLeaf(e, serial, func() {
h.UnsupportedVersion = true
})
if skip {
if skip || err != nil {
if err != nil {
return err
}