Fix CodeQL code scanning alerts (#36858)
Fixes 10 CodeQL code scanning alerts: - Change `NewPagination`/`SetLinkHeader` to accept `int64` for total count, clamping internally to fix incorrect-integer-conversion alerts ([#110](https://github.com/go-gitea/gitea/security/code-scanning/110), [#114](https://github.com/go-gitea/gitea/security/code-scanning/114), [#115](https://github.com/go-gitea/gitea/security/code-scanning/115), [#116](https://github.com/go-gitea/gitea/security/code-scanning/116)) - Use `strconv.Atoi()` in `htmlrenderer.go` to avoid int64 intermediate ([#105](https://github.com/go-gitea/gitea/security/code-scanning/105), [#106](https://github.com/go-gitea/gitea/security/code-scanning/106)) - Clamp regex match indices in `escape_stream.go` to fix allocation-size-overflow ([#161](https://github.com/go-gitea/gitea/security/code-scanning/161), [#162](https://github.com/go-gitea/gitea/security/code-scanning/162), [#163](https://github.com/go-gitea/gitea/security/code-scanning/163)) - Cap slice pre-allocation in `GetIssueDependencies` ([#181](https://github.com/go-gitea/gitea/security/code-scanning/181)) --------- Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This commit is contained in:
@@ -354,7 +354,7 @@ func ListVariables(ctx *context.APIContext) {
|
||||
}
|
||||
}
|
||||
|
||||
ctx.SetLinkHeader(int(count), listOptions.PageSize)
|
||||
ctx.SetLinkHeader(count, listOptions.PageSize)
|
||||
ctx.SetTotalCountHeader(count)
|
||||
ctx.JSON(http.StatusOK, variables)
|
||||
}
|
||||
|
||||
@@ -31,7 +31,7 @@ func listUserFollowers(ctx *context.APIContext, u *user_model.User) {
|
||||
return
|
||||
}
|
||||
|
||||
ctx.SetLinkHeader(int(count), listOptions.PageSize)
|
||||
ctx.SetLinkHeader(count, listOptions.PageSize)
|
||||
ctx.SetTotalCountHeader(count)
|
||||
responseAPIUsers(ctx, users)
|
||||
}
|
||||
@@ -97,7 +97,7 @@ func listUserFollowing(ctx *context.APIContext, u *user_model.User) {
|
||||
return
|
||||
}
|
||||
|
||||
ctx.SetLinkHeader(int(count), listOptions.PageSize)
|
||||
ctx.SetLinkHeader(count, listOptions.PageSize)
|
||||
ctx.SetTotalCountHeader(count)
|
||||
responseAPIUsers(ctx, users)
|
||||
}
|
||||
|
||||
@@ -94,7 +94,7 @@ func listPublicKeys(ctx *context.APIContext, user *user_model.User) {
|
||||
}
|
||||
}
|
||||
|
||||
ctx.SetLinkHeader(int(count), listOptions.PageSize)
|
||||
ctx.SetLinkHeader(count, listOptions.PageSize)
|
||||
ctx.SetTotalCountHeader(count)
|
||||
ctx.JSON(http.StatusOK, &apiKeys)
|
||||
}
|
||||
|
||||
@@ -47,7 +47,7 @@ func listUserRepos(ctx *context.APIContext, u *user_model.User, private bool) {
|
||||
}
|
||||
}
|
||||
|
||||
ctx.SetLinkHeader(int(count), opts.PageSize)
|
||||
ctx.SetLinkHeader(count, opts.PageSize)
|
||||
ctx.SetTotalCountHeader(count)
|
||||
ctx.JSON(http.StatusOK, &apiRepos)
|
||||
}
|
||||
@@ -130,7 +130,7 @@ func ListMyRepos(ctx *context.APIContext) {
|
||||
results[i] = convert.ToRepo(ctx, repo, permission)
|
||||
}
|
||||
|
||||
ctx.SetLinkHeader(int(count), opts.ListOptions.PageSize)
|
||||
ctx.SetLinkHeader(count, opts.ListOptions.PageSize)
|
||||
ctx.SetTotalCountHeader(count)
|
||||
ctx.JSON(http.StatusOK, &results)
|
||||
}
|
||||
|
||||
@@ -76,7 +76,7 @@ func GetStarredRepos(ctx *context.APIContext) {
|
||||
return
|
||||
}
|
||||
|
||||
ctx.SetLinkHeader(ctx.ContextUser.NumStars, utils.GetListOptions(ctx).PageSize)
|
||||
ctx.SetLinkHeader(int64(ctx.ContextUser.NumStars), utils.GetListOptions(ctx).PageSize)
|
||||
ctx.SetTotalCountHeader(int64(ctx.ContextUser.NumStars))
|
||||
ctx.JSON(http.StatusOK, &repos)
|
||||
}
|
||||
@@ -108,7 +108,7 @@ func GetMyStarredRepos(ctx *context.APIContext) {
|
||||
ctx.APIErrorInternal(err)
|
||||
}
|
||||
|
||||
ctx.SetLinkHeader(ctx.Doer.NumStars, utils.GetListOptions(ctx).PageSize)
|
||||
ctx.SetLinkHeader(int64(ctx.Doer.NumStars), utils.GetListOptions(ctx).PageSize)
|
||||
ctx.SetTotalCountHeader(int64(ctx.Doer.NumStars))
|
||||
ctx.JSON(http.StatusOK, &repos)
|
||||
}
|
||||
|
||||
@@ -91,7 +91,7 @@ func Search(ctx *context.APIContext) {
|
||||
}
|
||||
}
|
||||
|
||||
ctx.SetLinkHeader(int(maxResults), listOptions.PageSize)
|
||||
ctx.SetLinkHeader(maxResults, listOptions.PageSize)
|
||||
ctx.SetTotalCountHeader(maxResults)
|
||||
|
||||
ctx.JSON(http.StatusOK, map[string]any{
|
||||
|
||||
@@ -71,7 +71,7 @@ func GetWatchedRepos(ctx *context.APIContext) {
|
||||
ctx.APIErrorInternal(err)
|
||||
}
|
||||
|
||||
ctx.SetLinkHeader(int(total), utils.GetListOptions(ctx).PageSize)
|
||||
ctx.SetLinkHeader(total, utils.GetListOptions(ctx).PageSize)
|
||||
ctx.SetTotalCountHeader(total)
|
||||
ctx.JSON(http.StatusOK, &repos)
|
||||
}
|
||||
@@ -100,7 +100,7 @@ func GetMyWatchedRepos(ctx *context.APIContext) {
|
||||
if err != nil {
|
||||
ctx.APIErrorInternal(err)
|
||||
}
|
||||
ctx.SetLinkHeader(int(total), utils.GetListOptions(ctx).PageSize)
|
||||
ctx.SetLinkHeader(total, utils.GetListOptions(ctx).PageSize)
|
||||
ctx.SetTotalCountHeader(total)
|
||||
ctx.JSON(http.StatusOK, &repos)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user