From 4d3e04f112b045184be04b1291e5525213705469 Mon Sep 17 00:00:00 2001
From: Fabian Seidl <fabian.b.seidl@stud.h-da.de>
Date: Tue, 10 May 2022 14:35:25 +0000
Subject: [PATCH] Investigate and handle vulnerabilities form scan

See merge request danet/gosdn!307
---
 cli/cmd/changeList.go                        | 6 +++++-
 cli/cmd/deviceList.go                        | 6 +++++-
 cli/cmd/pndList.go                           | 6 +++++-
 cli/cmd/root.go                              | 5 ++++-
 controller/api/device.go                     | 7 ++++++-
 controller/nucleus/principalNetworkDomain.go | 8 +++++---
 controller/nucleus/util/proto/message.go     | 3 ++-
 7 files changed, 32 insertions(+), 9 deletions(-)

diff --git a/cli/cmd/changeList.go b/cli/cmd/changeList.go
index af5224133..eb2c111e3 100644
--- a/cli/cmd/changeList.go
+++ b/cli/cmd/changeList.go
@@ -68,7 +68,11 @@ var changeListCmd = &cobra.Command{
 		}
 
 		spinner.Success()
-		pterm.DefaultTable.WithHasHeader().WithData(data).Render()
+		err = pterm.DefaultTable.WithHasHeader().WithData(data).Render()
+		if err != nil {
+			return err
+		}
+
 		return nil
 	},
 }
diff --git a/cli/cmd/deviceList.go b/cli/cmd/deviceList.go
index c74939942..9fc5247f3 100644
--- a/cli/cmd/deviceList.go
+++ b/cli/cmd/deviceList.go
@@ -60,7 +60,11 @@ var deviceListCmd = &cobra.Command{
 
 		spinner.Success()
 
-		pterm.DefaultTable.WithHasHeader().WithData(data).Render()
+		err = pterm.DefaultTable.WithHasHeader().WithData(data).Render()
+		if err != nil {
+			return err
+		}
+
 		return nil
 	},
 }
diff --git a/cli/cmd/pndList.go b/cli/cmd/pndList.go
index 65006b0c7..b0e46360a 100644
--- a/cli/cmd/pndList.go
+++ b/cli/cmd/pndList.go
@@ -60,7 +60,11 @@ var pndListCmd = &cobra.Command{
 
 		spinner.Success()
 
-		pterm.DefaultTable.WithHasHeader().WithData(data).Render()
+		err = pterm.DefaultTable.WithHasHeader().WithData(data).Render()
+		if err != nil {
+			return err
+		}
+
 		return nil
 	},
 }
diff --git a/cli/cmd/root.go b/cli/cmd/root.go
index bf5c80408..00206c1fa 100644
--- a/cli/cmd/root.go
+++ b/cli/cmd/root.go
@@ -67,7 +67,10 @@ The login command must be called for authorization.
 // Execute adds all child commands to the root command and sets flags appropriately.
 // This is called by main.main(). It only needs to happen once to the rootCmd.
 func Execute() {
-	rootCmd.Execute()
+	err := rootCmd.Execute()
+	if err != nil {
+		log.Error("Could not execute root command: ", err)
+	}
 	//cobra.CheckErr(rootCmd.Execute())
 }
 
diff --git a/controller/api/device.go b/controller/api/device.go
index 9ac80f41b..22f51cf7d 100644
--- a/controller/api/device.go
+++ b/controller/api/device.go
@@ -100,7 +100,12 @@ func GetSbiSchemaTree(ctx context.Context, addr string, pid, sid uuid.UUID) (map
 				break
 			}
 			log.Error(err)
-			sClient.CloseSend()
+
+			closeErr := sClient.CloseSend()
+			if closeErr != nil {
+				return nil, err
+			}
+
 			return map[string]*yang.Entry{}, err
 		}
 		sTreeBytes = append(sTreeBytes, payload.Chunk...)
diff --git a/controller/nucleus/principalNetworkDomain.go b/controller/nucleus/principalNetworkDomain.go
index ad4b601c7..d18795570 100644
--- a/controller/nucleus/principalNetworkDomain.go
+++ b/controller/nucleus/principalNetworkDomain.go
@@ -86,7 +86,11 @@ func NewPND(
 
 	if len(existingSBIs) == 0 {
 		newSBI, _ := NewSBI(spb.Type_TYPE_OPENCONFIG)
-		pnd.sbic.Add(newSBI)
+		err = pnd.sbic.Add(newSBI)
+
+		if err != nil {
+			return nil, err
+		}
 	}
 
 	return pnd, nil
@@ -717,7 +721,6 @@ func saveGenericClientStreamToFile(t GenericGrpcClient, filename string, id uuid
 			if err == io.EOF {
 				break
 			}
-			t.CloseSend()
 			closeErr := t.CloseSend()
 			if closeErr != nil {
 				return uuid.Nil, closeErr
@@ -727,7 +730,6 @@ func saveGenericClientStreamToFile(t GenericGrpcClient, filename string, id uuid
 		}
 		n, err := f.Write(payload.Chunk)
 		if err != nil {
-			t.CloseSend()
 			closeErr := t.CloseSend()
 			if closeErr != nil {
 				return uuid.Nil, closeErr
diff --git a/controller/nucleus/util/proto/message.go b/controller/nucleus/util/proto/message.go
index 066c0434e..cda7787d7 100644
--- a/controller/nucleus/util/proto/message.go
+++ b/controller/nucleus/util/proto/message.go
@@ -3,6 +3,7 @@ package proto
 import (
 	"fmt"
 	"io/ioutil"
+	"path/filepath"
 
 	"google.golang.org/protobuf/proto"
 )
@@ -29,7 +30,7 @@ func Write(message proto.Message, filename string) error {
 // Read reads a binary file (containing a marshaled protocol buffer message)
 // and unmarshals it back into a protocol buffer message
 func Read(filename string, message proto.Message) error {
-	data, err := ioutil.ReadFile(filename)
+	data, err := ioutil.ReadFile(filepath.Clean(filename))
 	if err != nil {
 		return fmt.Errorf("cannot read binary data from file: %w", err)
 	}
-- 
GitLab