fix: do not panic when given empty string arg (#2064)

Signed-off-by: Lucas Rodriguez <lucas.rodriguez9616@gmail.com>
2024-11-10 06:34:13 +00:00 · 2024-08-19 11:58:39 -05:00 · 2024-08-19 11:58:39 -05:00 · e7a3c011bc
commit e7a3c011bc
parent c1b9498671
3 changed files with 27 additions and 6 deletions
--- a/cmd/grype/cli/commands/root.go
+++ b/cmd/grype/cli/commands/root.go
@ -347,6 +347,14 @@ func validateRootArgs(cmd *cobra.Command, args []string) error {
 		return fmt.Errorf("an image/directory argument is required")
 	}

+	// in the case that a single empty string argument ("") is given and there is no piped input we want to show the help text and return with a non-0 return code.
+	if len(args) != 0 && args[0] == "" && !isStdinPipeOrRedirect {
+		if err := cmd.Help(); err != nil {
+			return fmt.Errorf("unable to display help: %w", err)
+		}
+		return fmt.Errorf("an image/directory argument is required")
+	}
+
 	return cobra.MaximumNArgs(1)(cmd, args)
 }

--- a/grype/pkg/syft_sbom_provider.go
+++ b/grype/pkg/syft_sbom_provider.go
@ -2,6 +2,7 @@ package pkg

 import (
 	"bytes"
+	"errors"
 	"fmt"
 	"io"
 	"os"
@ -83,7 +84,11 @@ func extractReaderAndInfo(userInput string) (io.ReadSeeker, *inputInfo, error) {
 	case userInput == "":
 		// we only want to attempt reading in from stdin if the user has not specified other
 		// options from the CLI, otherwise we should not assume there is any valid input from stdin.
-		return decodeStdin(stdinReader())
+		r, err := stdinReader()
+		if err != nil {
+			return nil, nil, err
+		}
+		return decodeStdin(r)

 	case explicitlySpecifyingSBOM(userInput):
 		filepath := strings.TrimPrefix(userInput, "sbom:")
@ -140,18 +145,17 @@ func fileHasContent(f *os.File) bool {
 	return false
 }

-func stdinReader() io.Reader {
+func stdinReader() (io.Reader, error) {
 	isStdinPipeOrRedirect, err := internal.IsStdinPipeOrRedirect()
 	if err != nil {
-		log.Warnf("unable to determine if there is piped input: %+v", err)
-		return nil
+		return nil, fmt.Errorf("unable to determine if there is piped input: %w", err)
 	}

 	if !isStdinPipeOrRedirect {
-		return nil
+		return nil, errors.New("no input was provided via stdin")
 	}

-	return os.Stdin
+	return os.Stdin, nil
 }

 func closeFile(f *os.File) {
--- a/test/cli/cmd_test.go
+++ b/test/cli/cmd_test.go
@ -25,6 +25,15 @@ func TestCmd(t *testing.T) {
 				assertFailingReturnCode,
 			},
 		},
+		{
+			name: "empty-string-arg-shows-help",
+			args: []string{""},
+			assertions: []traitAssertion{
+				assertInOutput("an image/directory argument is required"),                              // specific error that should be shown
+				assertInOutput("A vulnerability scanner for container images, filesystems, and SBOMs"), // excerpt from help description
+				assertFailingReturnCode,
+			},
+		},
 		{
 			name: "ensure valid descriptor",
 			args: []string{getFixtureImage(t, "image-bare"), "-o", "json"},