fix: address more G115 integer overflow linter warnings

sreya · sreya · commit adaff1311382 · 2025-03-25T21:33:33.000Z
Added #nosec G115 annotations with explanatory comments for additional
integer type conversions flagged by the gosec linter. These include:
- HTTP status codes expected to be within int32 range (100-599)
- Request counts and allowances expected to be within int32 range
- Build numbers expected to be within int32 range
- Output lengths expected to be within int32 range
diff --git a/coderd/audit/request.go b/coderd/audit/request.go
@@ -435,6 +435,7 @@ func InitRequest[T Auditable](w http.ResponseWriter, p *RequestParams) (*Request
 			ResourceTarget:   either(req.Old, req.New, ResourceTarget[T], req.params.Action),
 			Action:           action,
 			Diff:             diffRaw,
+			// #nosec G115 - Safe conversion as HTTP status code is expected to be within int32 range (typically 100-599)
 			StatusCode:       int32(sw.Status),
 			RequestID:        httpmw.RequestID(p.Request),
 			AdditionalFields: additionalFieldsRaw,
@@ -486,6 +487,7 @@ func BackgroundAudit[T Auditable](ctx context.Context, p *BackgroundAuditParams[
 		ResourceTarget:   either(p.Old, p.New, ResourceTarget[T], p.Action),
 		Action:           p.Action,
 		Diff:             diffRaw,
+		// #nosec G115 - Safe conversion as HTTP status code is expected to be within int32 range (typically 100-599)
 		StatusCode:       int32(p.Status),
 		RequestID:        p.RequestID,
 		AdditionalFields: p.AdditionalFields,
diff --git a/coderd/database/dbfake/builder.go b/coderd/database/dbfake/builder.go
@@ -40,6 +40,7 @@ type OrganizationResponse struct {
 
 func (b OrganizationBuilder) EveryoneAllowance(allowance int) OrganizationBuilder {
 	//nolint: revive // returns modified struct
+	// #nosec G115 - Safe conversion as allowance is expected to be within int32 range
 	b.allUsersAllowance = int32(allowance)
 	return b
 }
diff --git a/coderd/database/querier_test.go b/coderd/database/querier_test.go
@@ -2008,6 +2008,7 @@ func createTemplateVersion(t testing.TB, db database.Store, tpl database.Templat
 			dbgen.WorkspaceBuild(t, db, database.WorkspaceBuild{
 				WorkspaceID:       wrk.ID,
 				TemplateVersionID: version.ID,
+				// #nosec G115 - Safe conversion as build number is expected to be within int32 range
 				BuildNumber:       int32(i) + 2,
 				Transition:        trans,
 				InitiatorID:       tpl.CreatedBy,
diff --git a/coderd/metricscache/metricscache_test.go b/coderd/metricscache/metricscache_test.go
@@ -249,6 +249,7 @@ func TestCache_BuildTime(t *testing.T) {
 				})
 
 				dbgen.WorkspaceBuild(t, db, database.WorkspaceBuild{
+					// #nosec G115 - Safe conversion as build number is expected to be within int32 range
 					BuildNumber:       int32(1 + buildNumber),
 					WorkspaceID:       workspace.ID,
 					InitiatorID:       user.ID,
diff --git a/coderd/notifications/reports/generator_internal_test.go b/coderd/notifications/reports/generator_internal_test.go
diff --git a/coderd/workspaceapps/db.go b/coderd/workspaceapps/db.go
@@ -465,6 +465,7 @@ func (p *DBTokenProvider) auditInitRequest(ctx context.Context, w http.ResponseW
 				Ip:         ip,
 				UserAgent:  userAgent,
 				SlugOrPort: appInfo.SlugOrPort,
+				// #nosec G115 - Safe conversion as HTTP status code is expected to be within int32 range (typically 100-599)
 				StatusCode: int32(statusCode),
 				StartedAt:  aReq.time,
 				UpdatedAt:  aReq.time,
diff --git a/coderd/workspacestats/reporter.go b/coderd/workspacestats/reporter.go
@@ -68,6 +68,7 @@ func (r *Reporter) ReportAppStats(ctx context.Context, stats []workspaceapps.Sta
 			batch.SessionID = append(batch.SessionID, stat.SessionID)
 			batch.SessionStartedAt = append(batch.SessionStartedAt, stat.SessionStartedAt)
 			batch.SessionEndedAt = append(batch.SessionEndedAt, stat.SessionEndedAt)
+			// #nosec G115 - Safe conversion as request count is expected to be within int32 range
 			batch.Requests = append(batch.Requests, int32(stat.Requests))
 
 			if len(batch.UserID) >= r.opts.AppStatBatchSize {

Original file line number	Diff line number	Diff line change
`@@ -40,6 +40,7 @@ type OrganizationResponse struct {`
`40`	`40`
`41`	`41`	`func (b OrganizationBuilder) EveryoneAllowance(allowance int) OrganizationBuilder {`
`42`	`42`	`//nolint: revive // returns modified struct`
	`43`	`+ // #nosec G115 - Safe conversion as allowance is expected to be within int32 range`
`43`	`44`	`b.allUsersAllowance = int32(allowance)`
`44`	`45`	`return b`
`45`	`46`	`}`