internal/report: refactor fix to avoid nil pointer

tatianab · tatianab · commit 0c44de67e81f · 2024-02-08T15:56:13.000Z
Split Fix into FixText (which doesn't require a proxy client) and FixVersions (which does), and only call the FixText portion from applySuggestion in vulnreport. This avoids a possible nil pointer dereference. Change-Id: Ic57cb0738ac64ce892e62c2e16c76efb25c22147 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/562245 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com>
diff --git a/cmd/vulnreport/suggest.go b/cmd/vulnreport/suggest.go
@@ -130,5 +130,5 @@ func suggestions(ctx context.Context, c genai.Client, r *report.Report, max int)
 func applySuggestion(r *report.Report, s *genai.Suggestion) {
 	r.Summary = report.Summary(s.Summary)
 	r.Description = report.Description(s.Description)
-	r.Fix(nil)
+	r.FixText()
 }
diff --git a/internal/report/fix.go b/internal/report/fix.go
@@ -17,12 +17,13 @@ import (
 )
 
 func (r *Report) Fix(pc *proxy.Client) {
-	for _, ref := range r.References {
-		ref.URL = fixURL(ref.URL)
-	}
 	for _, m := range r.Modules {
 		m.FixVersions(pc)
 	}
+	r.FixText()
+}
+
+func (r *Report) FixText() {
 	fixLines := func(sp *string) {
 		*sp = fixLineLength(*sp, maxLineLength)
 	}
@@ -31,6 +32,9 @@ func (r *Report) Fix(pc *proxy.Client) {
 	if r.CVEMetadata != nil {
 		fixLines(&r.CVEMetadata.Description)
 	}
+	for _, ref := range r.References {
+		ref.URL = fixURL(ref.URL)
+	}
 }
 
 // FixVersions replaces each version with its canonical form (if possible),

Original file line number	Diff line number	Diff line change
`@@ -130,5 +130,5 @@ func suggestions(ctx context.Context, c genai.Client, r *report.Report, max int)`
`130`	`130`	`func applySuggestion(r report.Report, s genai.Suggestion) {`
`131`	`131`	`r.Summary = report.Summary(s.Summary)`
`132`	`132`	`r.Description = report.Description(s.Description)`
`133`		`- r.Fix(nil)`
	`133`	`+ r.FixText()`
`134`	`134`	`}`
Original file line number	Diff line number	Diff line change
`@@ -17,12 +17,13 @@ import (`
`17`	`17`	`)`
`18`	`18`
`19`	`19`	`func (r Report) Fix(pc proxy.Client) {`
`20`		`- for _, ref := range r.References {`
`21`		`- ref.URL = fixURL(ref.URL)`
`22`		`- }`
`23`	`20`	`for _, m := range r.Modules {`
`24`	`21`	`m.FixVersions(pc)`
`25`	`22`	`}`
	`23`	`+ r.FixText()`
	`24`	`+}`
	`25`	`+`
	`26`	`+func (r *Report) FixText() {`
`26`	`27`	`fixLines := func(sp *string) {`
`27`	`28`	`sp = fixLineLength(sp, maxLineLength)`
`28`	`29`	`}`
`@@ -31,6 +32,9 @@ func (r Report) Fix(pc proxy.Client) {`
`31`	`32`	`if r.CVEMetadata != nil {`
`32`	`33`	`fixLines(&r.CVEMetadata.Description)`
`33`	`34`	`}`
	`35`	`+ for _, ref := range r.References {`
	`36`	`+ ref.URL = fixURL(ref.URL)`
	`37`	`+ }`
`34`	`38`	`}`
`35`	`39`
`36`	`40`	`// FixVersions replaces each version with its canonical form (if possible),`