Network fault tolerance #705

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft

foodprocessor wants to merge 170 commits into main from network-fault-tolerance

Draft

Network fault tolerance #705

Remove SyncPending flag from flock, since it's only used in file_cache.

Mend for GitHub.com / Mend Code Security Check succeeded Oct 1, 2025 in 3m 4s

Code Security Report

New findings (4)

The Code Security Check detected a total of 4 new findings.

Severity

Vulnerability Type

CWE

File

Data Flows

Detected

Low

Weak Hash Strength

block_blob.go:1013

1

2025-05-16 10:36pm

Vulnerable Code

cloudfuse/component/azstorage/block_blob.go

Line 1013 in 014da68

log.Warn("BlockBlob::ReadToFile : Failed to get MD5 Sum for blob %s", name)

Secure Code Warrior Training Material

● Training

▪ Secure Code Warrior Weak Hash Strength Training

● Videos

▪ Secure Code Warrior Weak Hash Strength Video

● Further Reading

▪ OWASP Cryptographic Storage Cheat Sheet

▪ OWASP Transport Layer Protection Cheat Sheet

▪ OWASP Password Storage Cheat Sheet

▪ OWASP Using a broken or risky cryptographic algorithm article

Low

Weak Hash Strength

block_blob.go:1002

1

2025-05-16 10:36pm

Vulnerable Code

cloudfuse/component/azstorage/block_blob.go

Line 1002 in 014da68

log.Warn("BlockBlob::ReadToFile : Failed to generate MD5 Sum for %s", name)

Secure Code Warrior Training Material

● Training

▪ Secure Code Warrior Weak Hash Strength Training

● Videos

▪ Secure Code Warrior Weak Hash Strength Video

● Further Reading

▪ OWASP Cryptographic Storage Cheat Sheet

▪ OWASP Transport Layer Protection Cheat Sheet

▪ OWASP Password Storage Cheat Sheet

▪ OWASP Using a broken or risky cryptographic algorithm article

Low

Weak Hash Strength

block_blob.go:1018

1

2025-05-16 10:36pm

Vulnerable Code

cloudfuse/component/azstorage/block_blob.go

Line 1018 in 014da68

return errors.New("md5 sum mismatch on download")

Secure Code Warrior Training Material

● Training

▪ Secure Code Warrior Weak Hash Strength Training

● Videos

▪ Secure Code Warrior Weak Hash Strength Video

● Further Reading

▪ OWASP Cryptographic Storage Cheat Sheet

▪ OWASP Transport Layer Protection Cheat Sheet

▪ OWASP Password Storage Cheat Sheet

▪ OWASP Using a broken or risky cryptographic algorithm article

Low

Weak Hash Strength

block_blob.go:1017

1

2025-05-16 10:36pm

Vulnerable Code

cloudfuse/component/azstorage/block_blob.go

Line 1017 in 014da68

log.Err("BlockBlob::ReadToFile : MD5 Sum mismatch %s", name)

Secure Code Warrior Training Material

● Training

▪ Secure Code Warrior Weak Hash Strength Training

● Videos

▪ Secure Code Warrior Weak Hash Strength Video

● Further Reading

▪ OWASP Cryptographic Storage Cheat Sheet

▪ OWASP Transport Layer Protection Cheat Sheet

▪ OWASP Password Storage Cheat Sheet

▪ OWASP Using a broken or risky cryptographic algorithm article

Resolved findings

No findings were resolved in comparison to the base branch.

Overall findings

The Code Security Check detected a total of 21 findings, 11 of them high severity. More details about the overall state can be found in the Mend Application.

Scan token: b627aff24c894ee7950ab224ac9e5508

View more details on Mend for GitHub.com