Refactor golangci-lint configuration and improve error handling
- Updated .golangci.yml to enable default linters and refine suppression rules, enhancing code quality visibility. - Improved error handling in cmd/root.go by explicitly discarding low-value error messages during fatal exits for consistency with errcheck posture. - Added best-effort error handling in various locations across the codebase, ensuring that non-critical errors are logged without affecting overall functionality. - Introduced a new writeMetricsText function to streamline metrics output, improving code clarity and maintainability.
This commit is contained in:
+13
-11
@@ -108,7 +108,8 @@ func New(root string, capacity int64, evict func(vfs.VFS, uint) uint) (*DiskFS,
|
||||
}
|
||||
|
||||
// Create root directory if it doesn't exist. Propagate error (ctor now returns err for hygiene).
|
||||
if err := os.MkdirAll(root, 0755); err != nil {
|
||||
// 0700 (not 0755): cache contents are user data from untrusted CDN responses; least-privilege for LAN appliance.
|
||||
if err := os.MkdirAll(root, 0700); err != nil {
|
||||
return nil, fmt.Errorf("failed to create root directory %s: %w", root, err)
|
||||
}
|
||||
|
||||
@@ -225,7 +226,7 @@ func (d *DiskFS) calculateSizeAndPopulateIndex() {
|
||||
overCapacity := d.size > d.capacity
|
||||
needed := uint(0)
|
||||
if overCapacity {
|
||||
needed = uint(d.size - d.capacity)
|
||||
needed = uint(d.size - d.capacity) // #nosec G115 -- diff guaranteed >0 by overCapacity check; eviction API takes uint (bytes); fits in practice for cache sizes
|
||||
}
|
||||
d.mu.RUnlock()
|
||||
if overCapacity && d.startupEvict != nil {
|
||||
@@ -382,11 +383,12 @@ func (d *DiskFS) Create(key string, size int64) (io.WriteCloser, error) {
|
||||
d.mu.Unlock()
|
||||
|
||||
dir := filepath.Dir(path)
|
||||
if err := os.MkdirAll(dir, 0755); err != nil {
|
||||
// 0700 (not 0755): per-shard cache dirs hold untrusted CDN content; restrict to owner only (G301 addressed).
|
||||
if err := os.MkdirAll(dir, 0700); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
file, err := os.Create(path)
|
||||
file, err := os.Create(path) // #nosec G304 -- path built by pathForKey from sanitized (Clean, no ..) hash-derived key under trusted disk.root; no untrusted file inclusion
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -425,7 +427,7 @@ func (dwc *diskWriteCloser) Close() error {
|
||||
// Get the actual file size
|
||||
stat, err := dwc.file.Stat()
|
||||
if err != nil {
|
||||
dwc.file.Close()
|
||||
_ = dwc.file.Close() // best-effort close on stat error path; primary error is returned
|
||||
return err
|
||||
}
|
||||
|
||||
@@ -482,7 +484,7 @@ func (d *DiskFS) Open(key string) (io.ReadCloser, error) {
|
||||
|
||||
path := d.pathForKey(key)
|
||||
|
||||
file, err := os.Open(path)
|
||||
file, err := os.Open(path) // #nosec G304 -- path built by pathForKey from sanitized (Clean, no ..) hash-derived key under trusted disk.root; no untrusted file inclusion
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -491,7 +493,7 @@ func (d *DiskFS) Open(key string) (io.ReadCloser, error) {
|
||||
const mmapThreshold = 1024 * 1024 // 1MB
|
||||
if fi.Size > mmapThreshold {
|
||||
// Close the regular file handle
|
||||
file.Close()
|
||||
_ = file.Close() // best-effort; mmap path takes over or falls back
|
||||
|
||||
// Try memory mapping
|
||||
mmapFile, err := os.Open(path)
|
||||
@@ -501,8 +503,8 @@ func (d *DiskFS) Open(key string) (io.ReadCloser, error) {
|
||||
|
||||
mapped, err := mmap.Map(mmapFile, mmap.RDONLY, 0)
|
||||
if err != nil {
|
||||
mmapFile.Close()
|
||||
// Fallback to regular file reading
|
||||
_ = mmapFile.Close() // best-effort close before fallback open
|
||||
// Fallback to regular file reading (intentional 3rd open of same path after mmap failure; pre-existing pattern, no leak)
|
||||
return os.Open(path)
|
||||
}
|
||||
|
||||
@@ -534,7 +536,7 @@ func (m *mmapReadCloser) Read(p []byte) (n int, err error) {
|
||||
}
|
||||
|
||||
func (m *mmapReadCloser) Close() error {
|
||||
m.data.Unmap()
|
||||
_ = m.data.Unmap() // best-effort; unmap failure non-fatal for read-only mapping
|
||||
return m.file.Close()
|
||||
}
|
||||
|
||||
@@ -653,7 +655,7 @@ func (d *DiskFS) EvictLRU(bytesNeeded uint) uint {
|
||||
d.LRU.Remove(key)
|
||||
delete(d.info, key)
|
||||
path := d.pathForKey(key)
|
||||
_ = os.Remove(path) // best effort; performed under WLock (reverted from post-unlock) to guarantee on-disk deletion is coordinated with metadata removal. This eliminates resurrection via lazy Stat/Open discovery and prevents late unlinks from deleting content of same-key recreates (critical for in-memory metadata safety model + user's explicit non-race requirement on hot eviction path).
|
||||
_ = os.Remove(path) // #nosec G304 -- path from sanitized key; best-effort eviction delete under lock. Best effort; performed under WLock to guarantee on-disk deletion is coordinated with metadata removal. This eliminates resurrection via lazy Stat/Open discovery and prevents late unlinks from deleting content of same-key recreates (critical for in-memory metadata safety model + user's explicit non-race requirement on hot eviction path).
|
||||
d.size -= fi.Size
|
||||
evicted += uint(fi.Size)
|
||||
shardIndex := locks.GetShardIndex(key)
|
||||
|
||||
Reference in New Issue
Block a user