From 6e883b6de2d8f6f0755f0cc6eb0308c29adfc0bc Mon Sep 17 00:00:00 2001
From: wangqing <wangqing@uniontech.com>
Date: Thu, 13 Nov 2025 10:57:11 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=20gosec=20=E9=AB=98?=
 =?UTF-8?q?=E5=8D=B1issue?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: wangqing <wangqing@uniontech.com>
---
 Makefile                          |  8 +++++-
 collector/host_libvirt_backend.go | 40 ++++++++++++++--------------
 collector/types.go                | 44 +++++++++++++++----------------
 3 files changed, 49 insertions(+), 43 deletions(-)

diff --git a/Makefile b/Makefile
index e7481a2..26452e1 100644
--- a/Makefile
+++ b/Makefile
@@ -25,7 +25,7 @@ BIN_DIR        := bin
 
 .PHONY: all build clean test fmt lint vet run help deps dev-setup build-linux build-arm64 \
 		docker-build docker-run docker-clean release-tarball rpm install uninstall \
-		check-version check-env
+		check-version check-env sec
 
 .DEFAULT_GOAL  := help
 
@@ -89,6 +89,8 @@ deps: ## Download dependencies
 dev-setup: ## Setup development environment (install dependencies)
 	@echo "Setting up development environment..."
 	$(GOGET) -u golang.org/x/tools/cmd/goimports
+	$(GOGET) -u github.com/golangci/golangci-lint/cmd/golangci-lint
+	$(GOGET) -u github.com/securego/gosec/cmd/gosec
 	@echo "Development setup complete."
 
 # Run the application
@@ -168,3 +170,7 @@ uninstall: ## Remove the binary from /usr/bin
 	sudo rm -rf /etc/$(BINARY_NAME)
 	sudo rm -f /var/log/$(BINARY_NAME).log
 	@echo "Uninstallation complete."
+
+sec: ## Security audit (requires gosec)
+	@echo "Running security audit..."
+	gosec ./...
\ No newline at end of file
diff --git a/collector/host_libvirt_backend.go b/collector/host_libvirt_backend.go
index 0c04a54..e9a7651 100644
--- a/collector/host_libvirt_backend.go
+++ b/collector/host_libvirt_backend.go
@@ -232,10 +232,10 @@ func (mc *LibvirtMetricsCollector) CollectDiskStats(
 				UUID:       domainUUID,
 				Device:     device,
 				Path:       "/dev/" + device,
-				ReadBytes:  uint64(basicStats.RdBytes),
-				WriteBytes: uint64(basicStats.WrBytes),
-				ReadOps:    uint64(basicStats.RdReq),
-				WriteOps:   uint64(basicStats.WrReq),
+				ReadBytes:  basicStats.RdBytes,
+				WriteBytes: basicStats.WrBytes,
+				ReadOps:    basicStats.RdReq,
+				WriteOps:   basicStats.WrReq,
 			}
 			metrics = append(metrics, m)
 		} else {
@@ -244,12 +244,12 @@ func (mc *LibvirtMetricsCollector) CollectDiskStats(
 				UUID:        domainUUID,
 				Device:      device,
 				Path:        "/dev/" + device,
-				ReadBytes:   uint64(stats.RdBytes),
-				WriteBytes:  uint64(stats.WrBytes),
-				ReadOps:     uint64(stats.RdReq),
-				WriteOps:    uint64(stats.WrReq),
-				ReadTimeNs:  uint64(stats.RdTotalTimes),
-				WriteTimeNs: uint64(stats.WrTotalTimes),
+				ReadBytes:   stats.RdBytes,
+				WriteBytes:  stats.WrBytes,
+				ReadOps:     stats.RdReq,
+				WriteOps:    stats.WrReq,
+				ReadTimeNs:  stats.RdTotalTimes,
+				WriteTimeNs: stats.WrTotalTimes,
 			}
 			metrics = append(metrics, m)
 		}
@@ -299,14 +299,14 @@ func (mc *LibvirtMetricsCollector) CollectNetworkStats(
 			Name:      domainName,
 			UUID:      domainUUID,
 			Interface: ifaceName,
-			RxBytes:   uint64(stats.RxBytes),
-			TxBytes:   uint64(stats.TxBytes),
-			RxPackets: uint64(stats.RxPackets),
-			TxPackets: uint64(stats.TxPackets),
-			RxErrors:  uint64(stats.RxErrs),
-			TxErrors:  uint64(stats.TxErrs),
-			RxDrops:   uint64(stats.RxDrop),
-			TxDrops:   uint64(stats.TxDrop),
+			RxBytes:   stats.RxBytes,
+			TxBytes:   stats.TxBytes,
+			RxPackets: stats.RxPackets,
+			TxPackets: stats.TxPackets,
+			RxErrors:  stats.RxErrs,
+			TxErrors:  stats.TxErrs,
+			RxDrops:   stats.RxDrop,
+			TxDrops:   stats.TxDrop,
 		}
 		metrics = append(metrics, m)
 	}
@@ -899,11 +899,11 @@ func (mc *LibvirtMetricsCollector) calculateTotalMemory(nodeInfo *libvirt.NodeIn
 }
 
 // calculateTotalCPUs returns total CPU count from NodeInfo
-func (mc *LibvirtMetricsCollector) calculateTotalCPUs(nodeInfo *libvirt.NodeInfo) int {
+func (mc *LibvirtMetricsCollector) calculateTotalCPUs(nodeInfo *libvirt.NodeInfo) uint {
 	if nodeInfo == nil {
 		return 0
 	}
-	return int(nodeInfo.Cpus)
+	return nodeInfo.Cpus
 }
 
 // Helper function to convert job type to string
diff --git a/collector/types.go b/collector/types.go
index e513ff3..4e4663b 100644
--- a/collector/types.go
+++ b/collector/types.go
@@ -70,17 +70,17 @@ type DiskMetrics struct {
 	UUID        string           // domain uuid
 	Device      string           // device name (e.g. "vda")
 	Path        string           // device path
-	ReadBytes   uint64           // bytes read
-	WriteBytes  uint64           // bytes written
-	ReadOps     uint64           // read operations
-	WriteOps    uint64           // write operations
-	ReadTimeNs  uint64           // time spent reading in nanoseconds
-	WriteTimeNs uint64           // time spent writing in nanoseconds
-	FlushOps    uint64           // flush operations
-	FlushBytes  uint64           // bytes flushed
-	Capacity    uint64           // total virtual disk size
-	Allocation  uint64           // allocated bytes on host
-	Physical    uint64           // physical bytes consumed on storage
+	ReadBytes   int64            // bytes read
+	WriteBytes  int64            // bytes written
+	ReadOps     int64            // read operations
+	WriteOps    int64            // write operations
+	ReadTimeNs  int64            // time spent reading in nanoseconds
+	WriteTimeNs int64            // time spent writing in nanoseconds
+	FlushOps    int64            // flush operations
+	FlushBytes  int64            // bytes flushed
+	Capacity    int64            // total virtual disk size
+	Allocation  int64            // allocated bytes on host
+	Physical    int64            // physical bytes consumed on storage
 	CacheMode   string           // cache mode (e.g. "none", "writethrough")
 	BlockJob    *BlockJobMetrics // active block job metrics (if any)
 }
@@ -99,16 +99,16 @@ type NetworkMetrics struct {
 	Interface   string // interface name (e.g. "vnet0")
 	MACAddress  string // MAC address
 	Type        string // interface type: bridge, macvtap, vhostuser, etc.
-	RxBytes     uint64 // received bytes
-	TxBytes     uint64 // transmitted bytes
-	RxPackets   uint64 // received packets
-	TxPackets   uint64 // transmitted packets
-	RxErrors    uint64 // receive errors
-	TxErrors    uint64 // transmit errors
-	RxDrops     uint64 // receive drops
-	TxDrops     uint64 // transmit drops
-	BandwidthRx uint64 // receive bandwidth limit in bps
-	BandwidthTx uint64 // transmit bandwidth limit in bps
+	RxBytes     int64  // received bytes
+	TxBytes     int64  // transmitted bytes
+	RxPackets   int64  // received packets
+	TxPackets   int64  // transmitted packets
+	RxErrors    int64  // receive errors
+	TxErrors    int64  // transmit errors
+	RxDrops     int64  // receive drops
+	TxDrops     int64  // transmit drops
+	BandwidthRx int64  // receive bandwidth limit in bps
+	BandwidthTx int64  // transmit bandwidth limit in bps
 	Multiqueue  bool   // whether multiqueue is enabled
 }
 
@@ -183,7 +183,7 @@ type ConnectionMetrics struct {
 	DefinedDomains      int                    // count of defined domains
 	FreeMemoryBytes     uint64                 // free memory in bytes
 	TotalMemoryBytes    uint64                 // total memory in bytes
-	TotalCPUs           int                    // total CPU count
+	TotalCPUs           uint                   // total CPU count
 	HostCPUUsagePercent float64                // host CPU usage percentage
 	StoragePools        []StoragePoolMetrics   // storage pool metrics
 	Networks            []NetworkPoolMetrics   // virtual network metrics
-- 
Gitee