fix: create a separate type for flag that has validation (#692)

2024-11-05 11:35:51 +00:00 · 2021-09-02 22:44:20 +10:00 · 2021-09-02 22:44:20 +10:00 · efbefc6930
commit efbefc6930
parent 1978a52ff4
3 changed files with 74 additions and 3 deletions
--- a/cmd/gosec/main.go
+++ b/cmd/gosec/main.go
@ -23,6 +23,8 @@ import (
 	"sort"
 	"strings"

+	"github.com/securego/gosec/v2/cmd/vflag"
+
 	"github.com/securego/gosec/v2"
 	"github.com/securego/gosec/v2/report"
 	"github.com/securego/gosec/v2/rules"
@ -94,14 +96,13 @@ var (
 	flagRulesInclude = flag.String("include", "", "Comma separated list of rules IDs to include. (see rule list)")

 	// rules to explicitly exclude
-	flagRulesExclude = flag.String("exclude", "", "Comma separated list of rules IDs to exclude. (see rule list)")
+	flagRulesExclude = vflag.ValidatedFlag{}

 	// rules to explicitly exclude
 	flagExcludeGenerated = flag.Bool("exclude-generated", false, "Exclude generated files")

 	// log to file or stderr
 	flagLogfile = flag.String("log", "", "Log messages to file rather than stderr")
-
 	// sort the issues by severity
 	flagSortIssues = flag.Bool("sort", true, "Sort issues by severity")

@ -293,6 +294,9 @@ func main() {
 		fmt.Fprintf(os.Stderr, "\nError: failed to exclude the %q directory from scan", ".git")
 	}

+	// set for exclude
+	flag.Var(&flagRulesExclude, "exclude", "Comma separated list of rules IDs to exclude. (see rule list)")
+
 	// Parse command line arguments
 	flag.Parse()

@ -342,7 +346,7 @@ func main() {
 	}

 	// Load enabled rule definitions
-	ruleDefinitions := loadRules(*flagRulesInclude, *flagRulesExclude)
+	ruleDefinitions := loadRules(*flagRulesInclude, flagRulesExclude.String())
 	if len(ruleDefinitions) == 0 {
 		logger.Fatal("No rules are configured")
 	}
--- a/cmd/vflag/flag.go
+++ b/cmd/vflag/flag.go
@ -0,0 +1,25 @@
+package vflag
+
+import (
+	"errors"
+	"strings"
+)
+
+// ValidatedFlag cli string type
+type ValidatedFlag struct {
+	Value string
+}
+
+func (f *ValidatedFlag) String() string {
+	return f.Value
+}
+
+// Set will be called for flag that is of validateFlag type
+func (f *ValidatedFlag) Set(value string) error {
+	if strings.Contains(value, "-") {
+		return errors.New("flag value cannot start with -")
+	}
+
+	f.Value = value
+	return nil
+}
--- a/flag_test.go
+++ b/flag_test.go
@ -0,0 +1,42 @@
+package gosec_test
+
+import (
+	"flag"
+	"os"
+
+	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/gomega"
+	"github.com/securego/gosec/v2/cmd/vflag"
+)
+
+var _ = Describe("Cli", func() {
+	Context("vflag test", func() {
+		It("value must be empty as parameter value contains invalid character", func() {
+			os.Args = []string{"gosec", "-test1=-incorrect"}
+			f := vflag.ValidatedFlag{}
+			flag.Var(&f, "test1", "")
+			flag.CommandLine.Init("test1", flag.ContinueOnError)
+			flag.Parse()
+			Expect(flag.Parsed()).Should(Equal(true))
+			Expect(f.Value).Should(Equal(``))
+		})
+		It("value must be empty as parameter value contains invalid character without equal sign", func() {
+			os.Args = []string{"gosec", "-test2= -incorrect"}
+			f := vflag.ValidatedFlag{}
+			flag.Var(&f, "test2", "")
+			flag.CommandLine.Init("test2", flag.ContinueOnError)
+			flag.Parse()
+			Expect(flag.Parsed()).Should(Equal(true))
+			Expect(f.Value).Should(Equal(``))
+		})
+		It("value must not be empty as parameter value contains valid character", func() {
+			os.Args = []string{"gosec", "-test3=correct"}
+			f := vflag.ValidatedFlag{}
+			flag.Var(&f, "test3", "")
+			flag.CommandLine.Init("test3", flag.ContinueOnError)
+			flag.Parse()
+			Expect(flag.Parsed()).Should(Equal(true))
+			Expect(f.Value).Should(Equal(`correct`))
+		})
+	})
+})