fix: resolve G115 integer overflow and exhaustive warnings (#365)

Author: alovak

field/bitmap.go

@@ -10,7 +10,8 @@ import (
 
 var _ Field = (*Bitmap)(nil)
 
-// Bitmap is a 1-indexed big endian bitmap field.
+// Bitmap represents an ISO 8583–style bitmap.
+// Bits are 1-indexed from left to right (ISO bit 1 → MSB of byte 0, ISO bit 8 → LSB of byte 0, and so on).
 type Bitmap struct {
 	spec         *Spec
 	data         []byte
@@ -19,7 +20,8 @@ type Bitmap struct {
 
 const defaultBitmapLength = 8
 
-const firstBitOn = 0b10000000 // big endian
+// first bit of the bitmap
+const firstBitOn = 0b10000000
 
 func NewBitmap(spec *Spec) *Bitmap {
 	length := spec.Length
@@ -195,16 +197,26 @@ func (f *Bitmap) Set(n int) {
 		}
 	}
 
+	bitIndex := n - 1 // convert to 0-indexed
+	byteIndex := bitIndex / 8
+	bitInByte := bitIndex % 8
+	offset := 7 - bitInByte // reverse order for MSB=bit 1 convention (0..7)
+
 	// set bit
-	f.data[(n-1)/8] |= 1 << (uint(7-(n-1)) % 8)
+	f.data[byteIndex] |= (1 << offset)
 }
 
 func (f *Bitmap) IsSet(n int) bool {
 	if n <= 0 || n > len(f.data)*8 {
 		return false
 	}
 
-	return f.data[(n-1)/8]&(1<<(uint(7-(n-1))%8)) != 0
+	bitIndex := n - 1
+	byteIndex := bitIndex / 8
+	bitInByte := bitIndex % 8
+	offset := 7 - bitInByte // reverse order for MSB=bit 1 convention (0..7)
+
+	return f.data[byteIndex]&(1<<offset) != 0
 }
 
 func (f *Bitmap) Len() int {

field/string.go

@@ -192,6 +192,7 @@ func (f *String) Marshal(v interface{}) error {
 			kind = rv.Kind()
 		}
 
+		//nolint:exhaustive
 		switch kind {
 		case reflect.String:
 			f.value = rv.String()

network/binary_2bytes.go

@@ -20,6 +20,7 @@ func (h *Binary2Bytes) SetLength(length int) error {
 		return fmt.Errorf("length %d exceeds max length for 2 bytes header %d", length, math.MaxUint16)
 	}
 
+	// #nosec G115 -- length is validated to be within uint16 range above
 	h.Len = uint16(length)
 
 	return nil

network/vml_header.go

@@ -33,6 +33,7 @@ func (h *VMLH) SetLength(length int) error {
 		return fmt.Errorf("length %d exceeds max length for 2 bytes header %d", length, math.MaxUint16)
 	}
 
+	// #nosec G115 -- length is validated to be within uint16 range above
 	h.Len = uint16(length)
 
 	return nil

prefix/bertlv.go

@@ -43,6 +43,13 @@ func (p *berTLVPrefixer) EncodeLength(maxLen, dataLen int) ([]byte, error) {
 	if dataLen <= 127 {
 		return buf, nil
 	}
+
+	if len(buf) > 127 { // the maximum length of the long form
+		return nil, fmt.Errorf("data length %d exceeds maximum length of 127 bytes to store it", dataLen)
+	}
+
+	// set the most significant bit to indicate that this is a long form
+	// #nosec G115 -- length of `buf` is validated above
 	return append([]byte{setMSB(uint8(len(buf)))}, buf...), nil
 }
 

prefix/binary.go

@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"encoding/binary"
 	"fmt"
+	"math"
 	"strings"
 )
 
@@ -45,6 +46,12 @@ func intToBytes(n int) ([]byte, error) {
 		return nil, fmt.Errorf("negative number: %d", n)
 	}
 	buf := new(bytes.Buffer)
+
+	if n > math.MaxUint32 {
+		return nil, fmt.Errorf("number %d exceeds maximum uint32 value", n)
+	}
+
+	// #nosec G115 -- length is validated above
 	err := binary.Write(buf, binary.BigEndian, uint32(n))
 	if err != nil {
 		return nil, fmt.Errorf("int to bytes: %w", err)

prefix/hex.go

@@ -3,6 +3,7 @@ package prefix
 import (
 	"encoding/hex"
 	"fmt"
+	"math"
 	"strconv"
 	"strings"
 )
@@ -68,10 +69,16 @@ func (p *hexVarPrefixer) DecodeLength(maxLen int, data []byte) (int, int, error)
 		return 0, 0, err
 	}
 
+	if dataLen > math.MaxInt {
+		return 0, 0, fmt.Errorf("data length %d exceeds maximum int value", dataLen)
+	}
+
+	// #nosec G115 -- dataLen is validated to be within MaxInt range above
 	if int(dataLen) > maxLen {
 		return 0, 0, fmt.Errorf(dataLengthIsLargerThanMax, dataLen, maxLen)
 	}
 
+	// #nosec G115 -- dataLen is validated to be within MaxInt range above
 	return int(dataLen), length, nil
 }