Skip to content

Commit a53f460

Browse files
iotkuiotku
committed
chore: add nosec for GetEmbdedImage
1 parent 8ac6464 commit a53f460

File tree

1 file changed

+14
-10
lines changed

1 file changed

+14
-10
lines changed

messages/messages.go

Lines changed: 14 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -235,26 +235,26 @@ func GenerateCoverArtImg(image image.Image, maxBytes int) string {
235235
return best
236236
}
237237

238-
func DecodeImage(path string) (image.Image, error) {
239-
if path == "" {
238+
func DecodeImage(filePath string) (image.Image, error) {
239+
if filePath == "" {
240240
return nil, errors.New("No path specified.")
241241
}
242242

243243
// File path is currently controlled by song database which is considered a trusted source of information
244244
// This /should/ not change, but extra contingencies may be necessary if we start getting images from external sources
245245
// which could potentially have troublesome arbitrary filenames
246246
//#nosec G304
247-
f, err := os.Open(path)
247+
file, err := os.Open(filePath)
248248
if err != nil {
249249
return nil, err
250250
}
251251

252-
img, _, err := image.Decode(f)
252+
img, _, err := image.Decode(file)
253253
if err != nil {
254254
return nil, err
255255
}
256256

257-
if err := f.Close(); err != nil {
257+
if err := file.Close(); err != nil {
258258
log.Fatal(err)
259259
}
260260

@@ -306,13 +306,17 @@ func NowPlaying(path, human string, isRadioMode bool, count int) string {
306306
return header + artImg + b.String()
307307
}
308308

309-
func GetEmbdedImage(path string) (image.Image, error) {
310-
f, err := os.Open(path)
309+
// GetEmbdedImage decodes an embeded image from a media file as an image.Image
310+
func GetEmbdedImage(filePath string) (image.Image, error) {
311+
//#nosec G304 - We trust that the mediadb is a secure source of file paths
312+
// However, if we were to get filePath from a user controlled
313+
// source this expectation may not hold.
314+
file, err := os.Open(filePath)
311315
if err != nil {
312-
return nil, errors.New("GetEmbdedImage: could not open path " + path)
316+
return nil, errors.New("GetEmbdedImage: could not open path " + filePath)
313317
}
314-
defer f.Close()
315-
metadata, err := tag.ReadFrom(f)
318+
defer file.Close()
319+
metadata, err := tag.ReadFrom(file)
316320
if err != nil {
317321
return nil, errors.New("GetEmbdedImage: could not read metadata")
318322
}

0 commit comments

Comments
 (0)