LGTM alerts audit (cosmos#7440)

* LGTM alerts audit * Update x/simulation/mock_tendermint.go Co-authored-by: Alessio Treglia <[email protected]> * Update x/staking/keeper/delegation.go Co-authored-by: Alessio Treglia <[email protected]> * comment false positive Co-authored-by: Alessio Treglia <[email protected]>
hdac-hmh · Oct 2, 2020 · 82c9ae3 · 82c9ae3
1 parent 2c93ec7
commit 82c9ae3
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 19 deletions.
diff --git a/client/debug/main.go b/client/debug/main.go
@@ -174,15 +174,15 @@ Example:
 $ %s debug raw-bytes [72 101 108 108 111 44 32 112 108 97 121 103 114 111 117 110 100]
 			`, version.AppName),
 		Args: cobra.ExactArgs(1),
-		RunE: func(cmd *cobra.Command, args []string) error {
+		RunE: func(_ *cobra.Command, args []string) error {
 			stringBytes := args[0]
 			stringBytes = strings.Trim(stringBytes, "[")
 			stringBytes = strings.Trim(stringBytes, "]")
 			spl := strings.Split(stringBytes, " ")
 
 			byteArray := []byte{}
 			for _, s := range spl {
-				b, err := strconv.Atoi(s)
+				b, err := strconv.ParseInt(s, 10, 8)
 				if err != nil {
 					return err
 				}

diff --git a/crypto/hd/hdpath.go b/crypto/hd/hdpath.go
@@ -4,7 +4,6 @@ import (
 	"crypto/hmac"
 	"crypto/sha512"
 	"encoding/binary"
-	"errors"
 	"fmt"
 	"math/big"
 	"strconv"
@@ -100,16 +99,12 @@ func NewParamsFromPath(path string) (*BIP44Params, error) {
 
 func hardenedInt(field string) (uint32, error) {
 	field = strings.TrimSuffix(field, "'")
-	i, err := strconv.Atoi(field)
 
+	i, err := strconv.ParseUint(field, 10, 32)
 	if err != nil {
 		return 0, err
 	}
 
-	if i < 0 {
-		return 0, fmt.Errorf("fields must not be negative. got %d", i)
-	}
-
 	return uint32(i), nil
 }
 
@@ -178,16 +173,11 @@ func DerivePrivateKeyForPath(privKeyBytes, chainCode [32]byte, path string) ([]b
 			part = part[:len(part)-1]
 		}
 
-		idx, err := strconv.Atoi(part)
-
+		idx, err := strconv.ParseUint(part, 10, 32)
 		if err != nil {
 			return []byte{}, fmt.Errorf("invalid BIP 32 path: %s", err)
 		}
 
-		if idx < 0 {
-			return []byte{}, errors.New("invalid BIP 32 path: index negative ot too large")
-		}
-
 		data, chainCode = derivePrivateKey(data, chainCode, uint32(idx), harden)
 	}
 

diff --git a/crypto/keyring/keyring.go b/crypto/keyring/keyring.go
@@ -643,6 +643,10 @@ func newRealPrompt(dir string, buf io.Reader) func(string) (string, error) {
 			buf := bufio.NewReader(buf)
 			pass, err := input.GetPassword("Enter keyring passphrase:", buf)
 			if err != nil {
+				// NOTE: LGTM.io reports a false positive alert that states we are printing the password,
+				// but we only log the error.
+				//
+				// lgtm [go/clear-text-logging]
 				fmt.Fprintln(os.Stderr, err)
 				continue
 			}
@@ -658,6 +662,10 @@ func newRealPrompt(dir string, buf io.Reader) func(string) (string, error) {
 
 			reEnteredPass, err := input.GetPassword("Re-enter keyring passphrase:", buf)
 			if err != nil {
+				// NOTE: LGTM.io reports a false positive alert that states we are printing the password,
+				// but we only log the error.
+				//
+				// lgtm [go/clear-text-logging]
 				fmt.Fprintln(os.Stderr, err)
 				continue
 			}

diff --git a/x/simulation/mock_tendermint.go b/x/simulation/mock_tendermint.go
@@ -99,9 +99,8 @@ func updateValidators(
 
 			event("end_block", "validator_updates", "kicked")
 			delete(current, str)
-		} else if mVal, ok := current[str]; ok {
+		} else if _, ok := current[str]; ok {
 			// validator already exists
-			mVal.val = update
 			event("end_block", "validator_updates", "updated")
 
 		} else {

diff --git a/x/staking/keeper/delegation.go b/x/staking/keeper/delegation.go
@@ -542,7 +542,7 @@ func (k Keeper) DequeueAllMatureRedelegationQueue(ctx sdk.Context, currTime time
 	return matureRedelegations
 }
 
-// Perform a delegation, set/update everything necessary within the store.
+// Delegate performs a delegation, set/update everything necessary within the store.
 // tokenSrc indicates the bond status of the incoming funds.
 func (k Keeper) Delegate(
 	ctx sdk.Context, delAddr sdk.AccAddress, bondAmt sdk.Int, tokenSrc sdk.BondStatus,
@@ -614,7 +614,7 @@ func (k Keeper) Delegate(
 		}
 	}
 
-	validator, newShares = k.AddValidatorTokensAndShares(ctx, validator, bondAmt)
+	_, newShares = k.AddValidatorTokensAndShares(ctx, validator, bondAmt)
 
 	// Update delegation
 	delegation.Shares = delegation.Shares.Add(newShares)
@@ -626,7 +626,7 @@ func (k Keeper) Delegate(
 	return newShares, nil
 }
 
-// unbond a particular delegation and perform associated store operations
+// Unbond a particular delegation and perform associated store operations.
 func (k Keeper) Unbond(
 	ctx sdk.Context, delAddr sdk.AccAddress, valAddr sdk.ValAddress, shares sdk.Dec,
 ) (amount sdk.Int, err error) {