Fix bugs found during code audit

- PingCheck: parse output regardless of exit code, fix false negatives on partial packet loss
- Worker pool: add panic recovery so a check panic returns failed result instead of deadlocking
- E2E checks: use select with context for port acquisition to prevent deadlock on timeout
- E2E checks: cap startup wait at timeout/3 (max 2s) to respect timeout budget
- DoH e2e: add missing port release sleep after process cleanup
- root.go: fix latent slice mutation in append(passed, failed...)
- scan.go: guard against negative strings.Repeat with max(0, ...)

Author: SamNet-dev

cmd/root.go

@@ -73,7 +73,9 @@ func writeReport(mode string, results []scanner.Result, elapsed time.Duration, s
 	if sortBy != "" {
 		scanner.SortByMetric(passed, sortBy)
 	}
-	sorted := append(passed, failed...)
+	sorted := make([]scanner.Result, 0, len(results))
+	sorted = append(sorted, passed...)
+	sorted = append(sorted, failed...)
 
 	if err := scanner.WriteReport(sorted, outputFile); err != nil {
 		return err

cmd/scan.go

@@ -276,7 +276,7 @@ func printSummary(report scanner.ChainReport, topN int, totalTime time.Duration)
 	fmt.Fprintf(w, "\n  %s\u250c%s\u2510%s\n", colorDim, strings.Repeat("\u2500", 60), colorReset)
 	fmt.Fprintf(w, "  %s\u2502%s %sTop %d Resolvers%s%s%s\u2502%s\n",
 		colorDim, colorReset, colorBold, limit, colorReset,
-		strings.Repeat(" ", 60-17-digitCount(limit)), colorDim, colorReset)
+		strings.Repeat(" ", max(0, 60-17-digitCount(limit))), colorDim, colorReset)
 	fmt.Fprintf(w, "  %s\u251c%s\u2524%s\n", colorDim, strings.Repeat("\u2500", 60), colorReset)
 
 	for i := 0; i < limit; i++ {

internal/scanner/check.go

@@ -65,11 +65,11 @@ func PingCheck(count int) CheckFunc {
 
 		args := buildPingArgs(count, secs, deadline, ip)
 		cmd := exec.CommandContext(ctx, "ping", args...)
-		out, err := cmd.CombinedOutput()
-		if err != nil {
+		out, _ := cmd.CombinedOutput()
+		avg := parsePingAvg(string(out))
+		if avg <= 0 {
 			return false, nil
 		}
-		avg := parsePingAvg(string(out))
 		return true, Metrics{"ping_ms": avg}
 	}
 }

internal/scanner/doh.go

@@ -177,14 +177,19 @@ func DoHTunnelCheck(domain string, count int) CheckFunc {
 // DoHDnsttCheck runs an e2e test using dnstt-client in DoH mode.
 func DoHDnsttCheck(domain, pubkey, testURL string, ports chan int) CheckFunc {
 	return func(url string, timeout time.Duration) (bool, Metrics) {
-		port := <-ports
+		ctx, cancel := context.WithTimeout(context.Background(), timeout)
+		defer cancel()
+
+		var port int
+		select {
+		case port = <-ports:
+		case <-ctx.Done():
+			return false, nil
+		}
 		defer func() { ports <- port }()
 
 		start := time.Now()
 
-		ctx, cancel := context.WithTimeout(context.Background(), timeout)
-		defer cancel()
-
 		cmd := execCommandContext(ctx, "dnstt-client",
 			"-doh", url,
 			"-pubkey", pubkey,
@@ -198,10 +203,16 @@ func DoHDnsttCheck(domain, pubkey, testURL string, ports chan int) CheckFunc {
 		defer func() {
 			cmd.Process.Kill()
 			cmd.Wait()
+			time.Sleep(100 * time.Millisecond)
 		}()
 
+		// Wait for subprocess to start, but cap at 1/3 of timeout
+		startupWait := timeout / 3
+		if startupWait > 2*time.Second {
+			startupWait = 2 * time.Second
+		}
 		select {
-		case <-time.After(2 * time.Second):
+		case <-time.After(startupWait):
 		case <-ctx.Done():
 			return false, nil
 		}

internal/scanner/e2e.go

@@ -24,14 +24,19 @@ func execCommandContext(ctx context.Context, name string, args ...string) *exec.
 
 func DnsttCheck(domain, pubkey, testURL string, ports chan int) CheckFunc {
 	return func(ip string, timeout time.Duration) (bool, Metrics) {
-		port := <-ports
+		ctx, cancel := context.WithTimeout(context.Background(), timeout)
+		defer cancel()
+
+		var port int
+		select {
+		case port = <-ports:
+		case <-ctx.Done():
+			return false, nil
+		}
 		defer func() { ports <- port }()
 
 		start := time.Now()
 
-		ctx, cancel := context.WithTimeout(context.Background(), timeout)
-		defer cancel()
-
 		cmd := execCommandContext(ctx, "dnstt-client",
 			"-udp", ip+":53",
 			"-pubkey", pubkey,
@@ -49,8 +54,13 @@ func DnsttCheck(domain, pubkey, testURL string, ports chan int) CheckFunc {
 			time.Sleep(100 * time.Millisecond)
 		}()
 
+		// Wait for subprocess to start, but cap at 1/3 of timeout
+		startupWait := timeout / 3
+		if startupWait > 2*time.Second {
+			startupWait = 2 * time.Second
+		}
 		select {
-		case <-time.After(2 * time.Second):
+		case <-time.After(startupWait):
 		case <-ctx.Done():
 			return false, nil
 		}
@@ -65,14 +75,19 @@ func DnsttCheck(domain, pubkey, testURL string, ports chan int) CheckFunc {
 
 func SlipstreamCheck(domain, certPath, testURL string, ports chan int) CheckFunc {
 	return func(ip string, timeout time.Duration) (bool, Metrics) {
-		port := <-ports
+		ctx, cancel := context.WithTimeout(context.Background(), timeout)
+		defer cancel()
+
+		var port int
+		select {
+		case port = <-ports:
+		case <-ctx.Done():
+			return false, nil
+		}
 		defer func() { ports <- port }()
 
 		start := time.Now()
 
-		ctx, cancel := context.WithTimeout(context.Background(), timeout)
-		defer cancel()
-
 		args := []string{
 			"-d", domain,
 			"-r", ip + ":53",
@@ -93,8 +108,13 @@ func SlipstreamCheck(domain, certPath, testURL string, ports chan int) CheckFunc
 			time.Sleep(100 * time.Millisecond)
 		}()
 
+		// Wait for subprocess to start, but cap at 1/3 of timeout
+		startupWait := timeout / 3
+		if startupWait > 2*time.Second {
+			startupWait = 2 * time.Second
+		}
 		select {
-		case <-time.After(2 * time.Second):
+		case <-time.After(startupWait):
 		case <-ctx.Done():
 			return false, nil
 		}

internal/scanner/worker.go

@@ -25,8 +25,15 @@ func RunPool(ips []string, workers int, timeout time.Duration, check CheckFunc,
 	for i := 0; i < workers; i++ {
 		go func() {
 			for ip := range jobs {
-				ok, m := check(ip, timeout)
-				results <- Result{IP: ip, OK: ok, Metrics: m}
+				func() {
+					defer func() {
+						if r := recover(); r != nil {
+							results <- Result{IP: ip, OK: false}
+						}
+					}()
+					ok, m := check(ip, timeout)
+					results <- Result{IP: ip, OK: ok, Metrics: m}
+				}()
 			}
 		}()
 	}