LGTM alerts audit (#7440)

* LGTM alerts audit * Update x/simulation/mock_tendermint.go Co-authored-by: Alessio Treglia <alessio@tendermint.com> * Update x/staking/keeper/delegation.go Co-authored-by: Alessio Treglia <alessio@tendermint.com> * comment false positive Co-authored-by: Alessio Treglia <alessio@tendermint.com>
2020-10-02 15:13:58 +02:00 · 2020-10-02 15:13:58 +02:00 · 82c9ae3949
parent 2c93ec7a0c
commit 82c9ae3949
5 changed files with 16 additions and 19 deletions
--- a/client/debug/main.go
+++ b/client/debug/main.go
@ -174,7 +174,7 @@ Example:
 $ %s debug raw-bytes [72 101 108 108 111 44 32 112 108 97 121 103 114 111 117 110 100]
 			`, version.AppName),
 		Args: cobra.ExactArgs(1),
-		RunE: func(cmd *cobra.Command, args []string) error {
+		RunE: func(_ *cobra.Command, args []string) error {
 			stringBytes := args[0]
 			stringBytes = strings.Trim(stringBytes, "[")
 			stringBytes = strings.Trim(stringBytes, "]")
@ -182,7 +182,7 @@ $ %s debug raw-bytes [72 101 108 108 111 44 32 112 108 97 121 103 114 111 117 11

 			byteArray := []byte{}
 			for _, s := range spl {
-				b, err := strconv.Atoi(s)
+				b, err := strconv.ParseInt(s, 10, 8)
 				if err != nil {
 					return err
 				}
--- a/crypto/hd/hdpath.go
+++ b/crypto/hd/hdpath.go
@ -4,7 +4,6 @@ import (
 	"crypto/hmac"
 	"crypto/sha512"
 	"encoding/binary"
-	"errors"
 	"fmt"
 	"math/big"
 	"strconv"
@ -100,16 +99,12 @@ func NewParamsFromPath(path string) (*BIP44Params, error) {

 func hardenedInt(field string) (uint32, error) {
 	field = strings.TrimSuffix(field, "'")
-	i, err := strconv.Atoi(field)

+	i, err := strconv.ParseUint(field, 10, 32)
 	if err != nil {
 		return 0, err
 	}

-	if i < 0 {
-		return 0, fmt.Errorf("fields must not be negative. got %d", i)
-	}
-
 	return uint32(i), nil
 }

@ -178,16 +173,11 @@ func DerivePrivateKeyForPath(privKeyBytes, chainCode [32]byte, path string) ([]b
 			part = part[:len(part)-1]
 		}

-		idx, err := strconv.Atoi(part)
-
+		idx, err := strconv.ParseUint(part, 10, 32)
 		if err != nil {
 			return []byte{}, fmt.Errorf("invalid BIP 32 path: %s", err)
 		}

-		if idx < 0 {
-			return []byte{}, errors.New("invalid BIP 32 path: index negative ot too large")
-		}
-
 		data, chainCode = derivePrivateKey(data, chainCode, uint32(idx), harden)
 	}

--- a/crypto/keyring/keyring.go
+++ b/crypto/keyring/keyring.go
@ -643,6 +643,10 @@ func newRealPrompt(dir string, buf io.Reader) func(string) (string, error) {
 			buf := bufio.NewReader(buf)
 			pass, err := input.GetPassword("Enter keyring passphrase:", buf)
 			if err != nil {
+				// NOTE: LGTM.io reports a false positive alert that states we are printing the password,
+				// but we only log the error.
+				//
+				// lgtm [go/clear-text-logging]
 				fmt.Fprintln(os.Stderr, err)
 				continue
 			}
@ -658,6 +662,10 @@ func newRealPrompt(dir string, buf io.Reader) func(string) (string, error) {

 			reEnteredPass, err := input.GetPassword("Re-enter keyring passphrase:", buf)
 			if err != nil {
+				// NOTE: LGTM.io reports a false positive alert that states we are printing the password,
+				// but we only log the error.
+				//
+				// lgtm [go/clear-text-logging]
 				fmt.Fprintln(os.Stderr, err)
 				continue
 			}
--- a/x/simulation/mock_tendermint.go
+++ b/x/simulation/mock_tendermint.go
@ -99,9 +99,8 @@ func updateValidators(

 			event("end_block", "validator_updates", "kicked")
 			delete(current, str)
-		} else if mVal, ok := current[str]; ok {
+		} else if _, ok := current[str]; ok {
 			// validator already exists
-			mVal.val = update
 			event("end_block", "validator_updates", "updated")

 		} else {
--- a/x/staking/keeper/delegation.go
+++ b/x/staking/keeper/delegation.go
@ -542,7 +542,7 @@ func (k Keeper) DequeueAllMatureRedelegationQueue(ctx sdk.Context, currTime time
 	return matureRedelegations
 }

-// Perform a delegation, set/update everything necessary within the store.
+// Delegate performs a delegation, set/update everything necessary within the store.
 // tokenSrc indicates the bond status of the incoming funds.
 func (k Keeper) Delegate(
 	ctx sdk.Context, delAddr sdk.AccAddress, bondAmt sdk.Int, tokenSrc sdk.BondStatus,
@ -614,7 +614,7 @@ func (k Keeper) Delegate(
 		}
 	}

-	validator, newShares = k.AddValidatorTokensAndShares(ctx, validator, bondAmt)
+	_, newShares = k.AddValidatorTokensAndShares(ctx, validator, bondAmt)

 	// Update delegation
 	delegation.Shares = delegation.Shares.Add(newShares)
@ -626,7 +626,7 @@ func (k Keeper) Delegate(
 	return newShares, nil
 }

-// unbond a particular delegation and perform associated store operations
+// Unbond a particular delegation and perform associated store operations.
 func (k Keeper) Unbond(
 	ctx sdk.Context, delAddr sdk.AccAddress, valAddr sdk.ValAddress, shares sdk.Dec,
 ) (amount sdk.Int, err error) {