Prevent Usage of Stdlib File/Dir Writing With Static Analysis (#7685)

* write file and mkdirall analyzers * include analyzer in build bazel * comments to the single entrypoint and fix validator references * enforce 600 for files, 700 for dirs * pass validator tests * add to nogo * remove references * beaconfuzz * docker img * fix up kv issue * mkdir if not exists * radek comments * final comments * Try to fix file problem Co-authored-by: Ivan Martinez <ivanthegreatdev@gmail.com>
2026-01-08 21:08:10 -05:00 · 2020-11-09 14:27:03 -06:00
parent 15706a36cb
commit d4c954648c
47 changed files with 432 additions and 68 deletions
--- a/tools/benchmark-files-gen/BUILD.bazel
+++ b/tools/benchmark-files-gen/BUILD.bazel
@@ -13,6 +13,7 @@ go_library(
        "//beacon-chain/state:go_default_library",
        "//proto/beacon/p2p/v1:go_default_library",
        "//shared/benchutil:go_default_library",
+        "//shared/fileutil:go_default_library",
        "//shared/interop:go_default_library",
        "//shared/params:go_default_library",
        "//shared/testutil:go_default_library",
--- a/tools/benchmark-files-gen/main.go
+++ b/tools/benchmark-files-gen/main.go
@@ -9,6 +9,7 @@ import (
 	"path"

 	stateTrie "github.com/prysmaticlabs/prysm/beacon-chain/state"
+	"github.com/prysmaticlabs/prysm/shared/fileutil"

 	"github.com/pkg/errors"
 	ethpb "github.com/prysmaticlabs/ethereumapis/eth/v1alpha1"
@@ -44,7 +45,7 @@ func main() {
 		}
 	}

-	if err := os.MkdirAll(*outputDir, os.ModePerm); err != nil {
+	if err := fileutil.MkdirAll(*outputDir); err != nil {
 		log.Fatal(err)
 	}

@@ -77,7 +78,7 @@ func generateGenesisBeaconState() error {
 	if err != nil {
 		return err
 	}
-	return ioutil.WriteFile(path.Join(*outputDir, benchutil.GenesisFileName), beaconBytes, 0644)
+	return fileutil.WriteFile(path.Join(*outputDir, benchutil.GenesisFileName), beaconBytes)
 }

 func generateMarshalledFullStateAndBlock() error {
@@ -150,7 +151,7 @@ func generateMarshalledFullStateAndBlock() error {
 	if err != nil {
 		return err
 	}
-	if err := ioutil.WriteFile(path.Join(*outputDir, benchutil.BState1EpochFileName), beaconBytes, 0644); err != nil {
+	if err := fileutil.WriteFile(path.Join(*outputDir, benchutil.BState1EpochFileName), beaconBytes); err != nil {
 		return err
 	}

@@ -165,7 +166,7 @@ func generateMarshalledFullStateAndBlock() error {
 		return err
 	}

-	return ioutil.WriteFile(path.Join(*outputDir, benchutil.FullBlockFileName), blockBytes, 0644)
+	return fileutil.WriteFile(path.Join(*outputDir, benchutil.FullBlockFileName), blockBytes)
 }

 func generate2FullEpochState() error {
@@ -200,7 +201,7 @@ func generate2FullEpochState() error {
 		return err
 	}

-	return ioutil.WriteFile(path.Join(*outputDir, benchutil.BState2EpochFileName), beaconBytes, 0644)
+	return fileutil.WriteFile(path.Join(*outputDir, benchutil.BState2EpochFileName), beaconBytes)
 }

 func genesisBeaconState() (*stateTrie.BeaconState, error) {