Fix CodeQL code scanning alerts (#36858)

Fixes 10 CodeQL code scanning alerts:

- Change `NewPagination`/`SetLinkHeader` to accept `int64` for total
count, clamping internally to fix incorrect-integer-conversion alerts
([#110](https://github.com/go-gitea/gitea/security/code-scanning/110),
[#114](https://github.com/go-gitea/gitea/security/code-scanning/114),
[#115](https://github.com/go-gitea/gitea/security/code-scanning/115),
[#116](https://github.com/go-gitea/gitea/security/code-scanning/116))
- Use `strconv.Atoi()` in `htmlrenderer.go` to avoid int64 intermediate
([#105](https://github.com/go-gitea/gitea/security/code-scanning/105),
[#106](https://github.com/go-gitea/gitea/security/code-scanning/106))
- Clamp regex match indices in `escape_stream.go` to fix
allocation-size-overflow
([#161](https://github.com/go-gitea/gitea/security/code-scanning/161),
[#162](https://github.com/go-gitea/gitea/security/code-scanning/162),
[#163](https://github.com/go-gitea/gitea/security/code-scanning/163))
- Cap slice pre-allocation in `GetIssueDependencies`
([#181](https://github.com/go-gitea/gitea/security/code-scanning/181))

---------

Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This commit is contained in:
silverwind
2026-03-08 15:35:50 +01:00
committed by GitHub
parent 3f1ef703d5
commit 0724344a8a
70 changed files with 155 additions and 168 deletions
+1 -1
View File
@@ -93,7 +93,7 @@ func Emails(ctx *context.Context) {
ctx.Data["Total"] = count
ctx.Data["Emails"] = emails
pager := context.NewPagination(int(count), opts.PageSize, opts.Page, 5)
pager := context.NewPagination(count, opts.PageSize, opts.Page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
+1 -1
View File
@@ -37,7 +37,7 @@ func Notices(ctx *context.Context) {
ctx.Data["Total"] = total
ctx.Data["Page"] = context.NewPagination(int(total), setting.UI.Admin.NoticePagingNum, page, 5)
ctx.Data["Page"] = context.NewPagination(total, setting.UI.Admin.NoticePagingNum, page, 5)
ctx.HTML(http.StatusOK, tplNotices)
}
+1 -1
View File
@@ -73,7 +73,7 @@ func Packages(ctx *context.Context) {
ctx.Data["TotalBlobSize"] = totalBlobSize - totalUnreferencedBlobSize
ctx.Data["TotalUnreferencedBlobSize"] = totalUnreferencedBlobSize
pager := context.NewPagination(int(total), setting.UI.PackagesPagingNum, page, 5)
pager := context.NewPagination(total, setting.UI.PackagesPagingNum, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
+1 -1
View File
@@ -66,7 +66,7 @@ func Code(ctx *context.Context) {
}
var (
total int
total int64
searchResults []*code_indexer.Result
searchResultLanguages []*code_indexer.SearchResultLanguages
)
+1 -1
View File
@@ -137,7 +137,7 @@ func RenderRepoSearch(ctx *context.Context, opts *RepoSearchOptions) {
ctx.Data["Repos"] = repos
ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
pager := context.NewPagination(int(count), opts.PageSize, page, 5)
pager := context.NewPagination(count, opts.PageSize, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
+1 -1
View File
@@ -119,7 +119,7 @@ func RenderUserSearch(ctx *context.Context, opts user_model.SearchUserOptions, t
ctx.Data["ShowUserEmail"] = setting.UI.ShowUserEmail
ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
pager := context.NewPagination(int(count), opts.PageSize, opts.Page, 5)
pager := context.NewPagination(count, opts.PageSize, opts.Page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
+1 -1
View File
@@ -141,7 +141,7 @@ func home(ctx *context.Context, viewRepositories bool) {
ctx.Data["Repos"] = repos
ctx.Data["Total"] = count
pager := context.NewPagination(int(count), setting.UI.User.RepoPagingNum, page, 5)
pager := context.NewPagination(count, setting.UI.User.RepoPagingNum, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
+1 -1
View File
@@ -56,7 +56,7 @@ func Members(ctx *context.Context) {
return
}
pager := context.NewPagination(int(total), setting.UI.MembersPagingNum, page, 5)
pager := context.NewPagination(total, setting.UI.MembersPagingNum, page, 5)
opts.ListOptions.Page = page
opts.ListOptions.PageSize = setting.UI.MembersPagingNum
members, membersIsPublic, err := organization.FindOrgMembers(ctx, opts)
+1 -6
View File
@@ -114,12 +114,7 @@ func Projects(ctx *context.Context) {
project.RenderedContent = renderUtils.MarkdownToHtml(project.Description)
}
numPages := 0
if total > 0 {
numPages = (int(total) - 1/setting.UI.IssuePagingNum)
}
pager := context.NewPagination(int(total), setting.UI.IssuePagingNum, page, numPages)
pager := context.NewPagination(total, setting.UI.IssuePagingNum, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
+1 -1
View File
@@ -341,7 +341,7 @@ func prepareWorkflowList(ctx *context.Context, workflows []WorkflowInfo) {
ctx.Data["StatusInfoList"] = actions_model.GetStatusInfoList(ctx, ctx.Locale)
pager := context.NewPagination(int(total), opts.PageSize, opts.Page, 5)
pager := context.NewPagination(total, opts.PageSize, opts.Page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
ctx.Data["HasWorkflowsOrRuns"] = len(workflows) > 0 || len(runs) > 0
+1 -1
View File
@@ -84,7 +84,7 @@ func Branches(ctx *context.Context) {
ctx.Data["CommitStatus"] = commitStatus
ctx.Data["CommitStatuses"] = commitStatuses
ctx.Data["DefaultBranchBranch"] = defaultBranch
pager := context.NewPagination(int(branchesCount), pageSize, page, 5)
pager := context.NewPagination(branchesCount, pageSize, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
ctx.HTML(http.StatusOK, tplBranch)
+3 -3
View File
@@ -101,7 +101,7 @@ func Commits(ctx *context.Context) {
ctx.Data["Reponame"] = ctx.Repo.Repository.Name
ctx.Data["CommitCount"] = commitsCount
pager := context.NewPagination(int(commitsCount), pageSize, page, 5)
pager := context.NewPagination(commitsCount, pageSize, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
ctx.HTML(http.StatusOK, tplCommits)
@@ -170,7 +170,7 @@ func Graph(ctx *context.Context) {
divOnly := ctx.FormBool("div-only")
queryParams := ctx.Req.URL.Query()
queryParams.Del("div-only")
paginator := context.NewPagination(int(graphCommitsCount), setting.UI.GraphMaxCommitNum, page, 5)
paginator := context.NewPagination(graphCommitsCount, setting.UI.GraphMaxCommitNum, page, 5)
paginator.AddParamFromQuery(queryParams)
ctx.Data["Page"] = paginator
if divOnly {
@@ -254,7 +254,7 @@ func FileHistory(ctx *context.Context) {
ctx.Data["FileTreePath"] = ctx.Repo.TreePath
ctx.Data["CommitCount"] = commitsCount
pager := context.NewPagination(int(commitsCount), setting.Git.CommitsRangeSize, page, 5)
pager := context.NewPagination(commitsCount, setting.Git.CommitsRangeSize, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
ctx.HTML(http.StatusOK, tplCommits)
+2 -2
View File
@@ -575,9 +575,9 @@ func prepareIssueFilterAndList(ctx *context.Context, milestoneID, projectID int6
}
// prepare pager
total := int(issueStats.OpenCount + issueStats.ClosedCount)
total := issueStats.OpenCount + issueStats.ClosedCount
if isShowClosed.Has() {
total = util.Iif(isShowClosed.Value(), int(issueStats.ClosedCount), int(issueStats.OpenCount))
total = util.Iif(isShowClosed.Value(), issueStats.ClosedCount, issueStats.OpenCount)
}
page := max(ctx.FormInt("page"), 1)
pager := context.NewPagination(total, setting.UI.IssuePagingNum, page, 5)
+1 -1
View File
@@ -88,7 +88,7 @@ func Milestones(ctx *context.Context) {
ctx.Data["Keyword"] = keyword
ctx.Data["IsShowClosed"] = isShowClosed
pager := context.NewPagination(int(total), setting.UI.IssuePagingNum, page, 5)
pager := context.NewPagination(total, setting.UI.IssuePagingNum, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
+1 -1
View File
@@ -64,7 +64,7 @@ func Packages(ctx *context.Context) {
ctx.Data["Total"] = total
ctx.Data["RepositoryAccessMap"] = map[int64]bool{ctx.Repo.Repository.ID: true} // There is only the current repository
pager := context.NewPagination(int(total), setting.UI.PackagesPagingNum, page, 5)
pager := context.NewPagination(total, setting.UI.PackagesPagingNum, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
+1 -13
View File
@@ -66,13 +66,6 @@ func Projects(ctx *context.Context) {
ctx.Data["OpenCount"] = repo.NumOpenProjects
ctx.Data["ClosedCount"] = repo.NumClosedProjects
var total int
if !isShowClosed {
total = repo.NumOpenProjects
} else {
total = repo.NumClosedProjects
}
projects, count, err := db.FindAndCount[project_model.Project](ctx, project_model.SearchOptions{
ListOptions: db.ListOptions{
PageSize: setting.UI.IssuePagingNum,
@@ -111,12 +104,7 @@ func Projects(ctx *context.Context) {
ctx.Data["State"] = "open"
}
numPages := 0
if count > 0 {
numPages = (int(count) - 1/setting.UI.IssuePagingNum)
}
pager := context.NewPagination(total, setting.UI.IssuePagingNum, page, numPages)
pager := context.NewPagination(count, setting.UI.IssuePagingNum, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
+2 -2
View File
@@ -187,7 +187,7 @@ func Releases(ctx *context.Context) {
ctx.Data["Releases"] = releases
numReleases := ctx.Data["NumReleases"].(int64)
pager := context.NewPagination(int(numReleases), listOptions.PageSize, listOptions.Page, 5)
pager := context.NewPagination(numReleases, listOptions.PageSize, listOptions.Page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
ctx.HTML(http.StatusOK, tplReleasesList)
@@ -239,7 +239,7 @@ func TagsList(ctx *context.Context) {
ctx.Data["Releases"] = releases
ctx.Data["TagCount"] = count
pager := context.NewPagination(int(count), opts.PageSize, opts.Page, 5)
pager := context.NewPagination(count, opts.PageSize, opts.Page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
ctx.Data["PageIsViewCode"] = !ctx.Repo.Repository.UnitEnabled(ctx, unit.TypeReleases)
+1 -1
View File
@@ -32,7 +32,7 @@ func Search(ctx *context.Context) {
page = 1
}
var total int
var total int64
var searchResults []*code_indexer.Result
var searchResultLanguages []*code_indexer.SearchResultLanguages
if setting.Indexer.RepoIndexerEnabled {
+2 -2
View File
@@ -54,7 +54,7 @@ func LFSFiles(ctx *context.Context) {
}
ctx.Data["Total"] = total
pager := context.NewPagination(int(total), setting.UI.ExplorePagingNum, page, 5)
pager := context.NewPagination(total, setting.UI.ExplorePagingNum, page, 5)
ctx.Data["Title"] = ctx.Tr("repo.settings.lfs")
ctx.Data["PageIsSettingsLFS"] = true
lfsMetaObjects, err := git_model.GetLFSMetaObjects(ctx, ctx.Repo.Repository.ID, pager.Paginater.Current(), setting.UI.ExplorePagingNum)
@@ -83,7 +83,7 @@ func LFSLocks(ctx *context.Context) {
}
ctx.Data["Total"] = total
pager := context.NewPagination(int(total), setting.UI.ExplorePagingNum, page, 5)
pager := context.NewPagination(total, setting.UI.ExplorePagingNum, page, 5)
ctx.Data["Title"] = ctx.Tr("repo.settings.lfs_locks")
ctx.Data["PageIsSettingsLFS"] = true
lfsLocks, err := git_model.GetLFSLockByRepoID(ctx, ctx.Repo.Repository.ID, pager.Paginater.Current(), setting.UI.ExplorePagingNum)
+2 -2
View File
@@ -345,7 +345,7 @@ func RenderUserCards(ctx *context.Context, total int, getter func(opts db.ListOp
if page <= 0 {
page = 1
}
pager := context.NewPagination(total, setting.ItemsPerPage, page, 5)
pager := context.NewPagination(int64(total), setting.ItemsPerPage, page, 5)
ctx.Data["Page"] = pager
items, err := getter(db.ListOptions{
@@ -403,7 +403,7 @@ func Forks(ctx *context.Context) {
return
}
pager := context.NewPagination(int(total), pageSize, page, 5)
pager := context.NewPagination(total, pageSize, page, 5)
ctx.Data["ShowRepoOwnerAvatar"] = true
ctx.Data["ShowRepoOwnerOnList"] = true
ctx.Data["Page"] = pager
+1 -1
View File
@@ -371,7 +371,7 @@ func renderRevisionPage(ctx *context.Context) (*git.Repository, *git.TreeEntry)
return nil, nil
}
pager := context.NewPagination(int(commitsCount), setting.Git.CommitsRangeSize, page, 5)
pager := context.NewPagination(commitsCount, setting.Git.CommitsRangeSize, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
+2 -2
View File
@@ -159,7 +159,7 @@ func Runners(ctx *context.Context) {
ctx.Data["RunnerRepoID"] = opts.RepoID
ctx.Data["SortType"] = opts.Sort
pager := context.NewPagination(int(count), opts.PageSize, opts.Page, 5)
pager := context.NewPagination(count, opts.PageSize, opts.Page, 5)
ctx.Data["Page"] = pager
@@ -220,7 +220,7 @@ func RunnersEdit(ctx *context.Context) {
}
ctx.Data["Tasks"] = tasks
pager := context.NewPagination(int(count), opts.PageSize, opts.Page, 5)
pager := context.NewPagination(count, opts.PageSize, opts.Page, 5)
ctx.Data["Page"] = pager
ctx.HTML(http.StatusOK, rCtx.RunnerEditTemplate)
+1 -1
View File
@@ -59,7 +59,7 @@ func CodeSearch(ctx *context.Context) {
}
var (
total int
total int64
searchResults []*code_indexer.Result
searchResultLanguages []*code_indexer.SearchResultLanguages
)
+6 -6
View File
@@ -301,15 +301,15 @@ func Milestones(ctx *context.Context) {
return !showRepoIDs.Contains(v)
})
var pagerCount int
var pagerCount int64
if isShowClosed {
ctx.Data["State"] = "closed"
ctx.Data["Total"] = totalMilestoneStats.ClosedCount
pagerCount = int(milestoneStats.ClosedCount)
pagerCount = milestoneStats.ClosedCount
} else {
ctx.Data["State"] = "open"
ctx.Data["Total"] = totalMilestoneStats.OpenCount
pagerCount = int(milestoneStats.OpenCount)
pagerCount = milestoneStats.OpenCount
}
ctx.Data["Milestones"] = milestones
@@ -578,11 +578,11 @@ func buildIssueOverview(ctx *context.Context, unitType unit.Type) {
}
// Will be posted to ctx.Data.
var shownIssues int
var shownIssues int64
if !isShowClosed {
shownIssues = int(issueStats.OpenCount)
shownIssues = issueStats.OpenCount
} else {
shownIssues = int(issueStats.ClosedCount)
shownIssues = issueStats.ClosedCount
}
ctx.Data["IsShowClosed"] = isShowClosed
+5 -6
View File
@@ -61,11 +61,11 @@ func prepareUserNotificationsData(ctx *context.Context) {
return
}
pager := context.NewPagination(int(total), perPage, page, 5)
pager := context.NewPagination(total, perPage, page, 5)
if pager.Paginater.Current() < page {
// use the last page if the requested page is more than total pages
page = pager.Paginater.Current()
pager = context.NewPagination(int(total), perPage, page, 5)
pager = context.NewPagination(total, perPage, page, 5)
}
statuses := []activities_model.NotificationStatus{queryStatus, activities_model.NotificationStatusPinned}
@@ -286,7 +286,7 @@ func NotificationSubscriptions(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("notification.subscriptions")
// redirect to last page if request page is more than total pages
pager := context.NewPagination(int(count), setting.UI.IssuePagingNum, page, 5)
pager := context.NewPagination(count, setting.UI.IssuePagingNum, page, 5)
if pager.Paginater.Current() < page {
ctx.Redirect(fmt.Sprintf("/notifications/subscriptions?page=%d", pager.Paginater.Current()))
return
@@ -370,12 +370,11 @@ func NotificationWatching(ctx *context.Context) {
ctx.ServerError("SearchRepository", err)
return
}
total := int(count)
ctx.Data["Total"] = total
ctx.Data["Total"] = count
ctx.Data["Repos"] = repos
// redirect to last page if request page is more than total pages
pager := context.NewPagination(total, setting.UI.User.RepoPagingNum, page, 5)
pager := context.NewPagination(count, setting.UI.User.RepoPagingNum, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
+2 -2
View File
@@ -127,7 +127,7 @@ func ListPackages(ctx *context.Context) {
ctx.Data["IsOrganizationOwner"] = false
}
}
pager := context.NewPagination(int(total), setting.UI.PackagesPagingNum, page, 5)
pager := context.NewPagination(total, setting.UI.PackagesPagingNum, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
ctx.HTML(http.StatusOK, tplPackagesList)
@@ -412,7 +412,7 @@ func ListPackageVersions(ctx *context.Context) {
ctx.Data["Total"] = total
pager := context.NewPagination(int(total), setting.UI.PackagesPagingNum, page, 5)
pager := context.NewPagination(total, setting.UI.PackagesPagingNum, page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
+7 -7
View File
@@ -102,7 +102,7 @@ func prepareUserProfileTabData(ctx *context.Context, profileDbRepo *repo_model.R
var (
repos []*repo_model.Repository
count int64
total int
total int64
curRows int
orderBy db.SearchOrderBy
)
@@ -157,10 +157,10 @@ func prepareUserProfileTabData(ctx *context.Context, profileDbRepo *repo_model.R
switch tab {
case "followers":
ctx.Data["Cards"] = followers
total = int(numFollowers)
total = numFollowers
case "following":
ctx.Data["Cards"] = following
total = int(numFollowing)
total = numFollowing
case "activity":
if setting.Service.EnableUserHeatmap && activities_model.ActivityReadable(ctx.ContextUser, ctx.Doer) {
ctx.Data["EnableHeatmap"] = true
@@ -218,7 +218,7 @@ func prepareUserProfileTabData(ctx *context.Context, profileDbRepo *repo_model.R
return
}
total = int(count)
total = count
case "watching":
repos, count, err = repo_model.SearchRepository(ctx, repo_model.SearchRepoOptions{
ListOptions: db.ListOptions{
@@ -245,7 +245,7 @@ func prepareUserProfileTabData(ctx *context.Context, profileDbRepo *repo_model.R
return
}
total = int(count)
total = count
case "overview":
if bytes, err := profileReadme.GetBlobContent(setting.UI.MaxDisplayFileSize); err != nil {
log.Error("failed to GetBlobContent: %v", err)
@@ -273,7 +273,7 @@ func prepareUserProfileTabData(ctx *context.Context, profileDbRepo *repo_model.R
return
}
ctx.Data["Cards"] = orgs
total = int(count)
total = count
default: // default to "repositories"
repos, count, err = repo_model.SearchRepository(ctx, repo_model.SearchRepoOptions{
ListOptions: db.ListOptions{
@@ -300,7 +300,7 @@ func prepareUserProfileTabData(ctx *context.Context, profileDbRepo *repo_model.R
return
}
total = int(count)
total = count
}
ctx.Data["Repos"] = repos
ctx.Data["Total"] = total
+6 -6
View File
@@ -222,7 +222,7 @@ func Organization(ctx *context.Context) {
}
ctx.Data["Orgs"] = orgs
pager := context.NewPagination(int(total), opts.PageSize, opts.Page, 5)
pager := context.NewPagination(total, opts.PageSize, opts.Page, 5)
pager.AddParamFromRequest(ctx.Req)
ctx.Data["Page"] = pager
ctx.HTML(http.StatusOK, tplSettingsOrganization)
@@ -244,13 +244,13 @@ func Repos(ctx *context.Context) {
if opts.Page <= 0 {
opts.Page = 1
}
start := (opts.Page - 1) * opts.PageSize
end := start + opts.PageSize
start := int64((opts.Page - 1) * opts.PageSize)
end := start + int64(opts.PageSize)
adoptOrDelete := ctx.IsUserSiteAdmin() || (setting.Repository.AllowAdoptionOfUnadoptedRepositories && setting.Repository.AllowDeleteOfUnadoptedRepositories)
ctxUser := ctx.Doer
count := 0
var count int64
if adoptOrDelete {
repoNames := make([]string, 0, setting.UI.Admin.UserPagingNum)
@@ -310,12 +310,12 @@ func Repos(ctx *context.Context) {
ctx.Data["Dirs"] = repoNames
ctx.Data["ReposMap"] = repos
} else {
repos, count64, err := repo_model.GetUserRepositories(ctx, repo_model.SearchRepoOptions{Actor: ctxUser, Private: true, ListOptions: opts})
repos, reposCount, err := repo_model.GetUserRepositories(ctx, repo_model.SearchRepoOptions{Actor: ctxUser, Private: true, ListOptions: opts})
if err != nil {
ctx.ServerError("GetUserRepositories", err)
return
}
count = int(count64)
count = reposCount
for i := range repos {
if repos[i].IsFork {