fix: nil pointer deref `sendFalcoEvents` func

teler-sh / teler-waf

teler-waf is a Go HTTP middleware that protects local web services from OWASP Top 10 threats, known vulnerabilities, malicious actors, botnets, unwanted crawlers, and brute force attacks.

Apache License 2.0

354 stars 32 forks source link

IMPORTANT: Please do not create a PR without creating an issue first!

(Any change needs to be discussed before proceeding. Failure to do so may result in the rejection of the pull request).

Summary

The previous code in the sendFalcoEvents() function attempted to defer the closing of the response body w/o checking if the HTTP request had resulted in an error. This could lead to a "nil pointer dereference" error when an error occurred during the request.

This commit fixes the issue by checking if an error occurred and deferring the response body close only if there was no error.

Proposed of changes

This PR fixes/implements the following bugs/features:

Bug 1
Bug 2
Feature 1
Feature 2
Breaking changes

How has this been tested?

Fill the FalcoSidekickURL option field with an unreachable host.

Proof:

Closing issues

Fixes #

Checklist:

[x] My code follows the code style of this project.
[x] My changes successfully ran and pass linters locally (run make lint).
[x] I have written new tests for my changes.
- [x] My changes successfully ran and pass tests locally.
[ ] My change requires a change to the documentation.
- [ ] I have updated the documentation accordingly.

Codecov Report

Attention: 2 lines in your changes are missing coverage. Please review.

Comparison is base (209249e) 75.67% compared to head (ec176de) 76.81%. Report is 3 commits behind head on master.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## master #109 +/- ## ========================================== + Coverage 75.67% 76.81% +1.14% ========================================== Files 6 6 Lines 1106 1113 +7 ========================================== + Hits 837 855 +18 + Misses 217 206 -11 Partials 52 52 ``` | [Files](https://app.codecov.io/gh/kitabisa/teler-waf/pull/109?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=kitabisa) | Coverage Δ | | |---|---|---| | [teler.go](https://app.codecov.io/gh/kitabisa/teler-waf/pull/109?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=kitabisa#diff-dGVsZXIuZ28=) | `80.14% <100.00%> (+3.20%)` | :arrow_up: | | [falcosidekick.go](https://app.codecov.io/gh/kitabisa/teler-waf/pull/109?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=kitabisa#diff-ZmFsY29zaWRla2ljay5nbw==) | `16.36% <0.00%> (-0.31%)` | :arrow_down: |

teler-sh / teler-waf