Fix panic on empty sbom (#917)

* Implement fmt.Stringer with format.ID

Signed-off-by: Dan Luhring <dan+github@luhrings.com>

* Add failing test for formats processing empty SBOMs

Signed-off-by: Dan Luhring <dan+github@luhrings.com>

* Account for nil SPDX document during Syft model conversion

Signed-off-by: Dan Luhring <dan+github@luhrings.com>
This commit is contained in:
Dan Luhring 2022-03-24 10:11:51 -04:00 committed by GitHub
parent cc2c0e57a0
commit a7db43f5ec
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 36 additions and 0 deletions

View file

@ -1,6 +1,7 @@
package spdxhelpers
import (
"errors"
"strconv"
"strings"
@ -17,6 +18,10 @@ import (
)
func ToSyftModel(doc *spdx.Document2_2) (*sbom.SBOM, error) {
if doc == nil {
return nil, errors.New("cannot convert SPDX document to Syft model because document is nil")
}
spdxIDMap := make(map[string]interface{})
s := &sbom.SBOM{

View file

@ -1,6 +1,7 @@
package syft
import (
"bytes"
"io"
"os"
"testing"
@ -41,6 +42,31 @@ func TestIdentify(t *testing.T) {
}
}
func TestFormats_EmptyInput(t *testing.T) {
for _, format := range formats {
t.Run(format.ID().String(), func(t *testing.T) {
t.Run("format.Decode", func(t *testing.T) {
input := bytes.NewReader(nil)
assert.NotPanics(t, func() {
decodedSBOM, err := format.Decode(input)
assert.Error(t, err)
assert.Nil(t, decodedSBOM)
})
})
t.Run("format.Validate", func(t *testing.T) {
input := bytes.NewReader(nil)
assert.NotPanics(t, func() {
err := format.Validate(input)
assert.Error(t, err)
})
})
})
}
}
func TestFormatByName(t *testing.T) {
tests := []struct {

View file

@ -13,6 +13,11 @@ var (
type FormatID string
// String returns a string representation of the FormatID.
func (f FormatID) String() string {
return string(f)
}
type Format interface {
ID() FormatID
Encode(io.Writer, SBOM) error