From 12854a1ae5bd27dade72fa277562241f1b6aea6b Mon Sep 17 00:00:00 2001 From: Eng Zer Jun Date: Thu, 13 Jan 2022 01:22:32 +0800 Subject: [PATCH] chore: fix gosec G304 lint issue Signed-off-by: Eng Zer Jun --- internal/metrics/collectors/processes.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/internal/metrics/collectors/processes.go b/internal/metrics/collectors/processes.go index d6be989d04..3a8da2f19d 100644 --- a/internal/metrics/collectors/processes.go +++ b/internal/metrics/collectors/processes.go @@ -4,7 +4,9 @@ import ( "bytes" "fmt" "os" + "path/filepath" "strconv" + "strings" "github.com/golang/glog" "github.com/prometheus/client_golang/prometheus" @@ -56,7 +58,10 @@ func getWorkerProcesses() (int, int, error) { continue } - cmdlineFile := fmt.Sprintf("/proc/%v/cmdline", folder.Name()) + cmdlineFile := filepath.Clean(fmt.Sprintf("/proc/%v/cmdline", folder.Name())) + if !strings.HasPrefix(cmdlineFile, "/proc/") { + panic(fmt.Errorf("unsafe input")) + } content, err := os.ReadFile(cmdlineFile) if err != nil { return 0, 0, fmt.Errorf("unable to read file %v: %w", cmdlineFile, err)