Fix CodeQL code scanning alerts (#36858)
Fixes 10 CodeQL code scanning alerts: - Change `NewPagination`/`SetLinkHeader` to accept `int64` for total count, clamping internally to fix incorrect-integer-conversion alerts ([#110](https://github.com/go-gitea/gitea/security/code-scanning/110), [#114](https://github.com/go-gitea/gitea/security/code-scanning/114), [#115](https://github.com/go-gitea/gitea/security/code-scanning/115), [#116](https://github.com/go-gitea/gitea/security/code-scanning/116)) - Use `strconv.Atoi()` in `htmlrenderer.go` to avoid int64 intermediate ([#105](https://github.com/go-gitea/gitea/security/code-scanning/105), [#106](https://github.com/go-gitea/gitea/security/code-scanning/106)) - Clamp regex match indices in `escape_stream.go` to fix allocation-size-overflow ([#161](https://github.com/go-gitea/gitea/security/code-scanning/161), [#162](https://github.com/go-gitea/gitea/security/code-scanning/162), [#163](https://github.com/go-gitea/gitea/security/code-scanning/163)) - Cap slice pre-allocation in `GetIssueDependencies` ([#181](https://github.com/go-gitea/gitea/security/code-scanning/181)) --------- Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This commit is contained in:
@@ -163,7 +163,7 @@ func GetAPIContext(req *http.Request) *APIContext {
|
||||
return req.Context().Value(apiContextKey).(*APIContext)
|
||||
}
|
||||
|
||||
func genAPILinks(curURL *url.URL, total, pageSize, curPage int) []string {
|
||||
func genAPILinks(curURL *url.URL, total int64, pageSize, curPage int) []string {
|
||||
page := NewPagination(total, pageSize, curPage, 0)
|
||||
paginater := page.Paginater
|
||||
links := make([]string, 0, 4)
|
||||
@@ -204,7 +204,8 @@ func genAPILinks(curURL *url.URL, total, pageSize, curPage int) []string {
|
||||
}
|
||||
|
||||
// SetLinkHeader sets pagination link header by given total number and page size.
|
||||
func (ctx *APIContext) SetLinkHeader(total, pageSize int) {
|
||||
// "count" is usually from database result "count int64", so it also uses int64,
|
||||
func (ctx *APIContext) SetLinkHeader(total int64, pageSize int) {
|
||||
links := genAPILinks(ctx.Req.URL, total, pageSize, ctx.FormInt("page"))
|
||||
|
||||
if len(links) > 0 {
|
||||
|
||||
Reference in New Issue
Block a user