options: validate filter strings

just on the offchance that someone sticks garbage in the config.

Author: rburchell

cmd/multibuild/options.go

@@ -175,6 +175,84 @@ func validateTemplate(s string) (outputTemplate, error) {
 	return outputTemplate(s), nil
 }
 
+func validateFilterString(s string) ([]filter, error) {
+	isAlphaNum := func(b byte) bool {
+		return (b >= 'a' && b <= 'z') ||
+			(b >= 'A' && b <= 'Z') ||
+			(b >= '0' && b <= '9')
+	}
+
+	var out []filter
+
+	i := 0
+	for i < len(s) {
+		start := i
+
+		// parse GOOS
+		osStart := i
+		if i < len(s) {
+			if s[i] == '*' {
+				i++
+			} else {
+				for i < len(s) && isAlphaNum(s[i]) {
+					i++
+				}
+			}
+		}
+		if osStart == i {
+			return nil, fmt.Errorf("at %d: expected GOOS", i)
+		}
+		if i >= len(s) || s[i] != '/' {
+			if i < len(s) {
+				return nil, fmt.Errorf("at %d: unexpected character: %c", i, s[i])
+			}
+			return nil, fmt.Errorf("at %d: expected '/'", i)
+		}
+		goos := s[osStart:i]
+		i++ // skip '/'
+
+		// parse GOARCH
+		archStart := i
+		if i < len(s) {
+			if s[i] == '*' {
+				i++
+			} else {
+				for i < len(s) && isAlphaNum(s[i]) {
+					i++
+				}
+			}
+		}
+		if archStart == i {
+			return nil, fmt.Errorf("at %d: expected GOARCH", i)
+		}
+		goarch := s[archStart:i]
+
+		out = append(out, filter(fmt.Sprintf("%s/%s", goos, goarch)))
+
+		// end or comma
+		if i == len(s) {
+			break
+		}
+
+		if s[i] != ',' {
+			return nil, fmt.Errorf("at %d: unexpected character: %c", i, s[i])
+		}
+		i++ // skip ','
+
+		if i == len(s) {
+			return nil, fmt.Errorf("at %d: trailing comma", i-1)
+		}
+
+		_ = start
+	}
+
+	if len(out) == 0 {
+		return nil, fmt.Errorf("empty filter list")
+	}
+
+	return out, nil
+}
+
 // Reads from 'io' on behalf of a path, and returns parsed options.
 func scanBuildPath(reader io.Reader, path string) (options, error) {
 	var opts options
@@ -204,18 +282,22 @@ func scanBuildPath(reader io.Reader, path string) (options, error) {
 			if dlog {
 				log.Printf("Found include: %s:%d: %s", path, i, line)
 			}
-			rest := strings.Split(strings.TrimPrefix(line, "//go:multibuild:include="), ",")
-			for _, v := range rest {
-				opts.Include = append(opts.Include, filter(v))
+			rest := strings.TrimPrefix(line, "//go:multibuild:include=")
+			filters, err := validateFilterString(rest)
+			if err != nil {
+				return options{}, fmt.Errorf("%s:%d: go:multibuild:include=%s is invalid: %s", path, i, rest, err)
 			}
+			opts.Include = filters
 		} else if strings.HasPrefix(line, "//go:multibuild:exclude=") {
 			if dlog {
 				log.Printf("Found exclude: %s:%d: %s", path, i, line)
 			}
-			rest := strings.Split(strings.TrimPrefix(line, "//go:multibuild:exclude="), ",")
-			for _, v := range rest {
-				opts.Exclude = append(opts.Exclude, filter(v))
+			rest := strings.TrimPrefix(line, "//go:multibuild:exclude=")
+			filters, err := validateFilterString(rest)
+			if err != nil {
+				return options{}, fmt.Errorf("%s:%d: go:multibuild:exclude=%s is invalid: %s", path, i, rest, err)
 			}
+			opts.Exclude = filters
 		} else {
 			return options{}, fmt.Errorf("%s:%d: bad go:multibuild instruction: %q", path, i, line)
 		}

cmd/multibuild/options_test.go

@@ -175,6 +175,12 @@ func TestScanBuildPath(t *testing.T) {
 			want:      options{},
 			wantError: true,
 		},
+		{
+			name:      "invalid filter",
+			input:     `//go:multibuild:include=linux/amd*`,
+			want:      options{},
+			wantError: true,
+		},
 	}
 
 	equalOptions := func(a, b options) bool {
@@ -423,3 +429,95 @@ func TestValidateTemplate(t *testing.T) {
 		})
 	}
 }
+
+func TestValidateFilters_Valid(t *testing.T) {
+	tests := []struct {
+		name string
+		in   string
+		want []filter
+	}{
+		{
+			name: "single entry",
+			in:   "linux/amd64",
+			want: []filter{filter("linux/amd64")},
+		},
+		{
+			name: "multiple entries",
+			in:   "linux/amd64,darwin/arm64",
+			want: []filter{
+				filter("linux/amd64"),
+				filter("darwin/arm64"),
+			},
+		},
+		{
+			name: "wildcard os",
+			in:   "*/amd64",
+			want: []filter{filter("*/amd64")},
+		},
+		{
+			name: "wildcard arch",
+			in:   "linux/*",
+			want: []filter{filter("linux/*")},
+		},
+		{
+			name: "both wildcards",
+			in:   "*/*",
+			want: []filter{filter("*/*")},
+		},
+		{
+			name: "mixed wildcards",
+			in:   "linux/amd64,*/arm64",
+			want: []filter{
+				filter("linux/amd64"),
+				filter("*/arm64"),
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got, err := validateFilterString(tt.in)
+			if err != nil {
+				t.Fatalf("unexpected error: %v", err)
+			}
+			if len(got) != len(tt.want) {
+				t.Fatalf("len mismatch: got %d want %d", len(got), len(tt.want))
+			}
+			for i := range got {
+				if got[i] != tt.want[i] {
+					t.Fatalf("entry %d: got %+v want %+v", i, got[i], tt.want[i])
+				}
+			}
+		})
+	}
+}
+
+func TestValidateFilters_Invalid(t *testing.T) {
+	tests := []struct {
+		name string
+		in   string
+	}{
+		{"empty", ""},
+		{"missing slash", "linuxamd64"},
+		{"missing os", "/amd64"},
+		{"missing arch", "linux/"},
+		{"double slash", "linux//amd64"},
+		{"leading comma", ",linux/amd64"},
+		{"trailing comma", "linux/amd64,"},
+		{"double comma", "linux/amd64,,darwin/arm64"},
+		{"unexpected char", "linux/amd$64"},
+		{"wildcard partial os", "*nix/amd64"},
+		{"wildcard partial arch", "linux/amd*"},
+		{"wildcard mixed os", "l*/amd64"},
+		{"wildcard mixed arch", "linux/*64"},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			_, err := validateFilterString(tt.in)
+			if err == nil {
+				t.Fatalf("expected error for %q", tt.in)
+			}
+		})
+	}
+}