Skip to content

Commit

Permalink
fix CodeQL failure due to incorrect int conversion handling
Browse files Browse the repository at this point in the history
Signed-off-by: Prateek <[email protected]>
  • Loading branch information
Prateeknandle committed Nov 29, 2024
1 parent 4da39ed commit 46ba761
Show file tree
Hide file tree
Showing 5 changed files with 23 additions and 17 deletions.
12 changes: 6 additions & 6 deletions KubeArmor/config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -56,10 +56,10 @@ type KubearmorConfig struct {

StateAgent bool // enable KubeArmor state agent

AlertThrottling bool // Enable/Disable Alert Throttling
MaxAlertPerSec int // Maximum alerts allowed per second
ThrottleSec int // Number of seconds for which subsequent alerts will be dropped
AnnotateResources bool // enable annotations by kubearmor if kubearmor-controller is not present
AlertThrottling bool // Enable/Disable Alert Throttling
MaxAlertPerSec int32 // Maximum alerts allowed per second
ThrottleSec int32 // Number of seconds for which subsequent alerts will be dropped
AnnotateResources bool // enable annotations by kubearmor if kubearmor-controller is not present

ProcFsMount string // path where procfs is hosted
}
Expand Down Expand Up @@ -325,8 +325,8 @@ func LoadConfig() error {
GlobalCfg.StateAgent = viper.GetBool(ConfigStateAgent)

GlobalCfg.AlertThrottling = viper.GetBool(ConfigAlertThrottling)
GlobalCfg.MaxAlertPerSec = viper.GetInt(ConfigMaxAlertPerSec)
GlobalCfg.ThrottleSec = viper.GetInt(ConfigThrottleSec)
GlobalCfg.MaxAlertPerSec = int32(viper.GetInt(ConfigMaxAlertPerSec))
GlobalCfg.ThrottleSec = int32(viper.GetInt(ConfigThrottleSec))
GlobalCfg.AnnotateResources = viper.GetBool(ConfigAnnotateResources)

GlobalCfg.ProcFsMount = viper.GetString(ConfigProcFsMount)
Expand Down
16 changes: 11 additions & 5 deletions KubeArmor/core/kubeUpdate.go
Original file line number Diff line number Diff line change
Expand Up @@ -2740,16 +2740,18 @@ func (dm *KubeArmorDaemon) WatchConfigMap() cache.InformerSynced {
cfg.GlobalCfg.AlertThrottling = (cm.Data[cfg.ConfigAlertThrottling] == "true")
}
if _, ok := cm.Data[cfg.ConfigMaxAlertPerSec]; ok {
cfg.GlobalCfg.MaxAlertPerSec, err = strconv.Atoi(cm.Data[cfg.ConfigMaxAlertPerSec])
maxAlertPerSec, err := strconv.ParseInt(cm.Data[cfg.ConfigMaxAlertPerSec], 10, 32)
if err != nil {
dm.Logger.Warnf("Error: %s", err)
}
cfg.GlobalCfg.MaxAlertPerSec = int32(maxAlertPerSec)
}
if _, ok := cm.Data[cfg.ConfigMaxAlertPerSec]; ok {
cfg.GlobalCfg.ThrottleSec, err = strconv.Atoi(cm.Data[cfg.ConfigThrottleSec])
if _, ok := cm.Data[cfg.ConfigThrottleSec]; ok {
throttleSec, err := strconv.ParseInt(cm.Data[cfg.ConfigThrottleSec], 10, 32)
if err != nil {
dm.Logger.Warnf("Error: %s", err)
}
cfg.GlobalCfg.ThrottleSec = int32(throttleSec)
}
dm.SystemMonitor.UpdateThrottlingConfig()

Expand Down Expand Up @@ -2790,14 +2792,18 @@ func (dm *KubeArmorDaemon) WatchConfigMap() cache.InformerSynced {
if _, ok := cm.Data[cfg.ConfigAlertThrottling]; ok {
cfg.GlobalCfg.AlertThrottling = (cm.Data[cfg.ConfigAlertThrottling] == "true")
}
cfg.GlobalCfg.MaxAlertPerSec, err = strconv.Atoi(cm.Data[cfg.ConfigMaxAlertPerSec])

maxAlertPerSec, err := strconv.ParseInt(cm.Data[cfg.ConfigMaxAlertPerSec], 10, 32)
if err != nil {
dm.Logger.Warnf("Error: %s", err)
}
cfg.GlobalCfg.ThrottleSec, err = strconv.Atoi(cm.Data[cfg.ConfigThrottleSec])
cfg.GlobalCfg.MaxAlertPerSec = int32(maxAlertPerSec)

throttleSec, err := strconv.ParseInt(cm.Data[cfg.ConfigThrottleSec], 10, 32)
if err != nil {
dm.Logger.Warnf("Error: %s", err)
}
cfg.GlobalCfg.ThrottleSec = int32(throttleSec)
dm.SystemMonitor.UpdateThrottlingConfig()
}
},
Expand Down
4 changes: 2 additions & 2 deletions KubeArmor/enforcer/bpflsm/enforcer.go
Original file line number Diff line number Diff line change
Expand Up @@ -375,8 +375,8 @@ func (be *BPFEnforcer) TraceEvents() {
case mon.DropAlert:
log.Operation = "AlertThreshold"
log.Type = "SystemEvent"
log.MaxAlertsPerSec = int32(cfg.GlobalCfg.MaxAlertPerSec)
log.DroppingAlertsInterval = int32(cfg.GlobalCfg.ThrottleSec)
log.MaxAlertsPerSec = cfg.GlobalCfg.MaxAlertPerSec
log.DroppingAlertsInterval = cfg.GlobalCfg.ThrottleSec
}
// fallback logic if we don't receive source from BuildLogBase()
if log.Operation != "Process" && len(log.Source) == 0 {
Expand Down
4 changes: 2 additions & 2 deletions KubeArmor/feeder/feeder.go
Original file line number Diff line number Diff line change
Expand Up @@ -589,8 +589,8 @@ func (fd *Feeder) PushLog(log tp.Log) {
} else if alert && !throttle {
log.Operation = "AlertThreshold"
log.Type = "SystemEvent"
log.MaxAlertsPerSec = int32(cfg.GlobalCfg.MaxAlertPerSec)
log.DroppingAlertsInterval = int32(cfg.GlobalCfg.ThrottleSec)
log.MaxAlertsPerSec = cfg.GlobalCfg.MaxAlertPerSec
log.DroppingAlertsInterval = cfg.GlobalCfg.ThrottleSec
}
}
pbAlert := pb.Alert{}
Expand Down
4 changes: 2 additions & 2 deletions KubeArmor/monitor/logUpdate.go
Original file line number Diff line number Diff line change
Expand Up @@ -517,8 +517,8 @@ func (mon *SystemMonitor) UpdateLogs() {
case DropAlert: // throttling alert
log.Operation = "AlertThreshold"
log.Type = "SystemEvent"
log.MaxAlertsPerSec = int32(cfg.GlobalCfg.MaxAlertPerSec)
log.DroppingAlertsInterval = int32(cfg.GlobalCfg.ThrottleSec)
log.MaxAlertsPerSec = cfg.GlobalCfg.MaxAlertPerSec
log.DroppingAlertsInterval = cfg.GlobalCfg.ThrottleSec

default:
continue
Expand Down

0 comments on commit 46ba761

Please sign in to comment.