Browse code

linting: suppress false positive for G404 (gosec)

The linter falsely detects this as using "math/rand":

libnetwork/networkdb/cluster.go:721:14: G404: Use of weak random number generator (math/rand instead of crypto/rand) (gosec)
val, err := rand.Int(rand.Reader, big.NewInt(int64(n)))
^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

Sebastiaan van Stijn authored on 2022/09/04 21:07:32
Showing 1 changed files
... ...
@@ -718,7 +718,7 @@ func randomOffset(n int) int {
718 718
 		return 0
719 719
 	}
720 720
 
721
-	val, err := rand.Int(rand.Reader, big.NewInt(int64(n)))
721
+	val, err := rand.Int(rand.Reader, big.NewInt(int64(n))) // #nosec G404 -- False positive; see https://github.com/securego/gosec/issues/862
722 722
 	if err != nil {
723 723
 		logrus.Errorf("Failed to get a random offset: %v", err)
724 724
 		return 0