From 5f22ac100c9be0357116742fe3b475823e2fea49 Mon Sep 17 00:00:00 2001
From: Tim Mwangi <tim@traceable.ai>
Date: Thu, 19 Sep 2024 12:02:18 -0700
Subject: [PATCH] nosec on integer overflow

---
 processors/ratelimiter/ratelimiterprocessor.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/processors/ratelimiter/ratelimiterprocessor.go b/processors/ratelimiter/ratelimiterprocessor.go
index 5ddec13..fb83831 100644
--- a/processors/ratelimiter/ratelimiterprocessor.go
+++ b/processors/ratelimiter/ratelimiterprocessor.go
@@ -71,7 +71,9 @@ func (p *rateLimiterProcessor) ConsumeTraces(ctx context.Context, traces ptrace.
 	}
 	ctx, _ = tag.New(ctx,
 		tag.Insert(tagTenantID, tenantId))
-	spanCount := uint32(traces.SpanCount())
+	// G115 (CWE-190): integer overflow conversion int -> uint32 (Confidence: MEDIUM, Severity: HIGH)
+	// This is a false positive we can ignore.
+	spanCount := uint32(traces.SpanCount()) // #nosec G115
 	stats.Record(ctx, rateLimitServiceCallsCount.M(int64(1)))
 	response, err := p.rateLimitServiceClient.ShouldRateLimit(
 		ctx,