2025-04-24 18:22:17 +00:00
4 changed files with 18 additions and 8 deletions
--- a/cmd/config.go
+++ b/cmd/config.go
@ -48,7 +48,8 @@ var configCmd = &cobra.Command{
 		viper.Set("server", cfgserver)
 		viper.Set("password", string(ciphert))
 		viper.Set("port", cfgport)
-		viper.WriteConfig()
+		err = viper.WriteConfig()
+		cobra.CheckErr(err)
 		fmt.Println()
 		fmt.Println("Config file updated!")
 	},
@ -57,9 +58,11 @@ var configCmd = &cobra.Command{
 func init() {
 	initConfig()
 	configCmd.Flags().StringVarP(&cfgserver, "server", "s", "", "server address")
-	configCmd.MarkFlagRequired("server")
+	err := configCmd.MarkFlagRequired("server")
+	cobra.CheckErr(err)
 	configCmd.Flags().IntVarP(&cfgport, "port", "p", 0, "server rcon port")
-	configCmd.MarkFlagRequired("port")
+	err = configCmd.MarkFlagRequired("port")
+	cobra.CheckErr(err)
 	rootCmd.AddCommand(configCmd)
 }

@ -72,7 +75,8 @@ func initConfig() {
 	viper.SetConfigType("yaml")
 	viper.SetConfigName(".mctl")
 	viper.AutomaticEnv()
-	viper.ReadInConfig()
+	err = viper.ReadInConfig()
+	cobra.CheckErr(err)

 	if err := viper.ReadInConfig(); err != nil {
 		//file does not exist, create it
@ -92,6 +96,7 @@ func initConfig() {
 		//write config
 		viper.Set("customcmd", cmdMap)
 		viper.Set("device", string(uu))
-		viper.SafeWriteConfig()
+		err = viper.SafeWriteConfig()
+		cobra.CheckErr(err)
 	}
 }
--- a/cmd/delete.go
+++ b/cmd/delete.go
@ -21,7 +21,8 @@ var deleteCmd = &cobra.Command{
 			cmdMap := viper.Get("customcmd").(map[string]any)
 			delete(cmdMap, args[0])
 			viper.Set("customcmd", cmdMap)
-			viper.WriteConfig()
+			err := viper.WriteConfig()
+			cobra.CheckErr(err)
 		}
 	},
 	PreRunE: func(cmd *cobra.Command, args []string) error {
--- a/cmd/save.go
+++ b/cmd/save.go
@ -36,7 +36,8 @@ var saveCmd = &cobra.Command{
 				}
 				cmdMap[args[0]] = txt
 				viper.Set("customcmd", cmdMap)
-				viper.WriteConfig()
+				err := viper.WriteConfig()
+				cobra.CheckErr(err)
 				fmt.Println("\nSaved!")
 			}
 		}
--- a/cryptography/aes.go
+++ b/cryptography/aes.go
@ -21,7 +21,10 @@ func EncryptPassword(b []byte) ([]byte, error) {
 		return nil, err
 	}

-	ct := aesg.Seal(nil, []byte(nonce), []byte(b), nil)
+	//adding #nosec trigger here since gosec interprets this as a hardcoded nonce value. The nonce is calculated using crypto/rand when the
+	//config command is ran and is pulled from memory when used any times after, for now we must prevent the scan from catching here until gosec
+	//is updated to account for this properly
+	ct := aesg.Seal(nil, []byte(nonce), []byte(b), nil) // #nosec
 	return ct, nil
 }