johnsonjh / gfcptun Goto Github PK
View Code? Open in Web Editor NEWgfcptun: A fast and low-latency tunnel using GFCP over UDP
License: MIT License
gfcptun: A fast and low-latency tunnel using GFCP over UDP
License: MIT License
Single-statement switch
can be replaced by if-else
. For single statements, if-else
appears to be more readable. Example: go switch x := x.(type) { case int: body() }
should be written as: go if x, ok := x.(int); ok { body() }
There are 2 occurrences of this issue in the repository.
See all occurrences on DeepSource → deepsource.io/gh/johnsonjh/gfcptun/issue/CRT-A0014/occurrences/
Excessive permissions granted to a file/directory. This warning is triggered whenever a permission greater than 0600 is granted. In general, all security rules follow the principle of least privilege, except when the file being created needs to be accessed by anyone other than the user creating it.
There are 3 occurrences of this issue in the repository.
See all occurrences on DeepSource → deepsource.io/gh/johnsonjh/gfcptun/issue/GSC-G302/occurrences/
Library home page: https://proxy.golang.org/golang.org/x/sys/@v/v0.0.0-20220403205710-6acee93ad0eb.zip
Dependency Hierarchy:
Found in HEAD commit: 7954dc36e78dd60323087cd10fee1ff24eec0ceb
Found in base branch: master
An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
Publish Date: 2022-12-08
URL: CVE-2022-41717
Base Score Metrics:
Step up your Open Source Security Game with Mend here
Library home page: https://proxy.golang.org/golang.org/x/sys/@v/v0.0.0-20220403205710-6acee93ad0eb.zip
Dependency Hierarchy:
Found in HEAD commit: 7954dc36e78dd60323087cd10fee1ff24eec0ceb
Found in base branch: master
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
Publish Date: 2022-06-23
URL: CVE-2022-29526
Base Score Metrics:
Type: Upgrade version
Origin: https://security-tracker.debian.org/tracker/CVE-2022-29526
Release Date: 2022-06-23
Fix Resolution: go1.17.10,go1.18.2,go1.19
Step up your Open Source Security Game with Mend here
Select statements with a single case can be replaced with a simple send or receive. If you intend to handle the case when there is no value received from channel, add a default
case to make the select
statement non-blocking. Bad pattern: ```go select { case x := <-ch: fmt.Println(x) …
There is 1 occurrence of this issue in the repository.
See all occurrences on DeepSource → deepsource.io/gh/johnsonjh/gfcptun/issue/SCC-S1000/occurrences/
Select statements with a single case can be replaced with a simple send or receive. If you intend to handle the case when there is no value received from channel, add a default
case to make the select
statement non-blocking. Bad pattern: ```go select { case x := <-ch: fmt.Println(x) …
There is 1 occurrence of this issue in the repository.
See all occurrences on DeepSource → deepsource.io/gh/johnsonjh/gfcptun/issue/SCC-S1000/occurrences/
Library home page: https://proxy.golang.org/golang.org/x/net/@v/v0.0.0-20220403103023-749bd193bc2b.zip
Dependency Hierarchy:
Found in HEAD commit: 7954dc36e78dd60323087cd10fee1ff24eec0ceb
Found in base branch: master
In Decoder.Skip in encoding/xml in Go before 1.17.12 and 1.18.x before 1.18.4, stack exhaustion and a panic can occur via a deeply nested XML document.
Publish Date: 2022-08-10
URL: CVE-2022-28131
Base Score Metrics:
Type: Upgrade version
Origin: https://security-tracker.debian.org/tracker/CVE-2022-28131
Release Date: 2022-03-29
Fix Resolution: go1.17.12,go1.18.4
Step up your Open Source Security Game with Mend here
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
This repository currently has no open or pending branches.
.github/workflows/codeql.yml
actions/checkout v4
github/codeql-action v3
github/codeql-action v3
github/codeql-action v3
go.mod
go 1.19
github.com/golang/snappy v0.0.4
github.com/johnsonjh/gfcp v0.0.0-20240419121919-a79bfa58fa2d@a79bfa58fa2d
github.com/johnsonjh/gfsmux v0.0.0-20240425202302-5a8b407e1dc1@5a8b407e1dc1
github.com/pkg/errors v0.9.2-0.20201214064552-5dd12d0cfe7f@5dd12d0cfe7f
github.com/urfave/cli/v2 v2.27.2
github.com/urfave/cli/v2 v2.27.2
github.com/xtaci/tcpraw v1.2.25
Single-statement switch
can be replaced by if-else
. For single statements, if-else
appears to be more readable. Example: go switch x := x.(type) { case int: body() }
should be written as: go if x, ok := x.(int); ok { body() }
There are 2 occurrences of this issue in the repository.
See all occurrences on DeepSource → deepsource.io/gh/johnsonjh/gfcptun/issue/CRT-A0014/occurrences/
Library home page: https://proxy.golang.org/golang.org/x/net/@v/v0.0.0-20220403103023-749bd193bc2b.zip
Dependency Hierarchy:
Found in HEAD commit: 7954dc36e78dd60323087cd10fee1ff24eec0ceb
Found in base branch: master
Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag.
Publish Date: 2022-08-10
URL: CVE-2022-30633
Base Score Metrics:
Type: Upgrade version
Origin: https://security-tracker.debian.org/tracker/CVE-2022-30633
Release Date: 2022-05-13
Fix Resolution: go1.17.12,go1.18.4
Step up your Open Source Security Game with Mend here
Library home page: https://proxy.golang.org/golang.org/x/net/@v/v0.0.0-20220403103023-749bd193bc2b.zip
Dependency Hierarchy:
Found in HEAD commit: 92499f5b3359bc1077fbfdd891f56772a910efce
Found in base branch: master
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
Publish Date: 2022-09-06
URL: CVE-2022-27664
Base Score Metrics:
Step up your Open Source Security Game with Mend here
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.