From 263ddf8128d7cbfeac0b1f01fc6349dba3840472 Mon Sep 17 00:00:00 2001
From: Markus Unterwaditzer <markus-tarpit+git@unterwaditzer.net>
Date: Sat, 12 Oct 2024 12:59:19 +0200
Subject: [PATCH] apply review feedback

---
 internal/media/ffmpeg.go            | 13 ++-----------
 internal/processing/admin/emoji.go  | 25 ++++++++++++++-----------
 internal/processing/media/create.go |  9 +++++----
 3 files changed, 21 insertions(+), 26 deletions(-)

diff --git a/internal/media/ffmpeg.go b/internal/media/ffmpeg.go
index 6d174bdbc..f1c277934 100644
--- a/internal/media/ffmpeg.go
+++ b/internal/media/ffmpeg.go
@@ -21,7 +21,6 @@
 	"context"
 	"encoding/json"
 	"errors"
-	"math"
 	"os"
 	"path"
 	"strconv"
@@ -557,18 +556,10 @@ func (res *ffprobeResult) Process() (*result, error) {
 				if p := strings.SplitN(str, "/", 2); len(p) == 2 {
 					n, _ := strconv.ParseUint(p[0], 10, 32)
 					d, _ := strconv.ParseUint(p[1], 10, 32)
-
-					if n > math.MaxUint32 || d > math.MaxUint32 {
-						return nil, gtserror.Newf("overflowed numerator or denominator")
-					}
-					num, den = uint32(n), uint32(d) // #nosec G115 -- Just checked.
+					num, den = uint32(n), uint32(d) // #nosec G115 -- ParseUint is configured to check
 				} else {
 					n, _ := strconv.ParseUint(p[0], 10, 32)
-
-					if n > math.MaxUint32 {
-						return nil, gtserror.Newf("overflowed numerator")
-					}
-					num = uint32(n) // #nosec G115 -- Just checked.
+					num = uint32(n) // #nosec G115 -- ParseUint is configured to check
 				}
 
 				// Set final divised framerate.
diff --git a/internal/processing/admin/emoji.go b/internal/processing/admin/emoji.go
index 03e8b486b..5a7da445e 100644
--- a/internal/processing/admin/emoji.go
+++ b/internal/processing/admin/emoji.go
@@ -44,11 +44,12 @@ func (p *Processor) EmojiCreate(
 ) (*apimodel.Emoji, gtserror.WithCode) {
 
 	// Get maximum supported local emoji size.
-	maxsz := int64(config.GetMediaEmojiLocalMaxSize()) // #nosec G115 -- Already validated.
+	maxsz := config.GetMediaEmojiLocalMaxSize()
+	maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 
 	// Ensure media within size bounds.
-	if form.Image.Size > maxsz {
-		text := fmt.Sprintf("emoji exceeds configured max size: %d", maxsz)
+	if form.Image.Size > maxszInt64 {
+		text := fmt.Sprintf("emoji exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
 
@@ -60,7 +61,7 @@ func (p *Processor) EmojiCreate(
 	}
 
 	// Wrap the multipart file reader to ensure is limited to max.
-	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxsz)
+	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxszInt64)
 	data := func(context.Context) (io.ReadCloser, error) {
 		return rc, nil
 	}
@@ -299,11 +300,12 @@ func (p *Processor) emojiUpdateCopy(
 	}
 
 	// Get maximum supported local emoji size.
-	maxsz := int(config.GetMediaEmojiLocalMaxSize()) // #nosec G115 -- Already validated
+	maxsz := config.GetMediaEmojiLocalMaxSize()
+	maxszInt := int(maxsz) // #nosec G115 -- Already validated.
 
 	// Ensure target emoji image within size bounds.
-	if target.ImageFileSize > maxsz {
-		text := fmt.Sprintf("emoji exceeds configured max size: %d", maxsz)
+	if target.ImageFileSize > maxszInt {
+		text := fmt.Sprintf("emoji exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
 
@@ -440,11 +442,12 @@ func (p *Processor) emojiUpdateModify(
 		// We can do both at the same time :)
 
 		// Get maximum supported local emoji size.
-		maxsz := int64(config.GetMediaEmojiLocalMaxSize()) // #nosec G115 -- Already validated.
+		maxsz := config.GetMediaEmojiLocalMaxSize()
+		maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 
 		// Ensure media within size bounds.
-		if image.Size > maxsz {
-			text := fmt.Sprintf("emoji exceeds configured max size: %d", maxsz)
+		if image.Size > maxszInt64 {
+			text := fmt.Sprintf("emoji exceeds configured max size: %s", maxsz)
 			return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 		}
 
@@ -456,7 +459,7 @@ func (p *Processor) emojiUpdateModify(
 		}
 
 		// Wrap the multipart file reader to ensure is limited to max.
-		rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxsz)
+		rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, int64(maxsz)) // #nosec G115 -- Already validated.
 		data := func(context.Context) (io.ReadCloser, error) {
 			return rc, nil
 		}
diff --git a/internal/processing/media/create.go b/internal/processing/media/create.go
index 64e44d999..ca1f1c3c6 100644
--- a/internal/processing/media/create.go
+++ b/internal/processing/media/create.go
@@ -35,11 +35,12 @@
 func (p *Processor) Create(ctx context.Context, account *gtsmodel.Account, form *apimodel.AttachmentRequest) (*apimodel.Attachment, gtserror.WithCode) {
 
 	// Get maximum supported local media size.
-	maxsz := int64(config.GetMediaLocalMaxSize()) // #nosec G115 -- Already validated.
+	maxsz := config.GetMediaLocalMaxSize()
+	maxszInt64 := int64(maxsz) // #nosec G115 -- Already validated.
 
 	// Ensure media within size bounds.
-	if form.File.Size > maxsz {
-		text := fmt.Sprintf("media exceeds configured max size: %d", maxsz)
+	if form.File.Size > maxszInt64 {
+		text := fmt.Sprintf("media exceeds configured max size: %s", maxsz)
 		return nil, gtserror.NewErrorBadRequest(errors.New(text), text)
 	}
 
@@ -58,7 +59,7 @@ func (p *Processor) Create(ctx context.Context, account *gtsmodel.Account, form
 	}
 
 	// Wrap the multipart file reader to ensure is limited to max.
-	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxsz)
+	rc, _, _ := iotools.UpdateReadCloserLimit(mpfile, maxszInt64)
 
 	// Create local media and write to instance storage.
 	attachment, errWithCode := p.c.StoreLocalMedia(ctx,