From 96c8108f32e1f0cb594097a52ab87437fbca39cf Mon Sep 17 00:00:00 2001 From: Aayush Kumar Date: Fri, 20 Dec 2024 20:01:40 +0530 Subject: [PATCH 1/2] Added a validation check to raise an error if a directory is passed to the --from-json option Signed-off-by: Aayush Kumar --- src/scancode/cli.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/scancode/cli.py b/src/scancode/cli.py index add654f2ec..bbaf076799 100644 --- a/src/scancode/cli.py +++ b/src/scancode/cli.py @@ -185,6 +185,9 @@ def validate_input_path(ctx, param, value): for inp in value: if not (is_file(location=inp, follow_symlinks=True) or is_dir(location=inp, follow_symlinks=True)): raise click.BadParameter(f"input: {inp!r} is not a regular file or a directory") + + if is_dir(location=inp, follow_symlinks=True): + raise click.BadParameter(f"input: {inp!r} is a directory, expected a file") if not is_readable(location=inp): raise click.BadParameter(f"input: {inp!r} is not readable") From 55705a6af890d78a7777160b32679f11216c5475 Mon Sep 17 00:00:00 2001 From: Aayush Kumar Date: Sun, 22 Dec 2024 17:07:19 +0530 Subject: [PATCH 2/2] Fix input validation for directories and handle unreachable functions in JSON checks Signed-off-by: Aayush Kumar --- src/scancode/cli.py | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/scancode/cli.py b/src/scancode/cli.py index bbaf076799..fec952c907 100644 --- a/src/scancode/cli.py +++ b/src/scancode/cli.py @@ -181,26 +181,26 @@ def validate_input_path(ctx, param, value): Validate a ``value`` list of inputs path strings """ options = ctx.params - from_json = options.get("--from-json", False) + from_json = options.get("from_json", False) for inp in value: if not (is_file(location=inp, follow_symlinks=True) or is_dir(location=inp, follow_symlinks=True)): raise click.BadParameter(f"input: {inp!r} is not a regular file or a directory") - - if is_dir(location=inp, follow_symlinks=True): - raise click.BadParameter(f"input: {inp!r} is a directory, expected a file") if not is_readable(location=inp): raise click.BadParameter(f"input: {inp!r} is not readable") - if from_json and not is_file(location=inp, follow_symlinks=True): - # extra JSON validation - raise click.BadParameter(f"JSON input: {inp!r} is not a file") + if from_json: + if is_dir(location=inp, follow_symlinks=True): + raise click.BadParameter("Error: Invalid value: Input JSON scan file(s) is not valid JSON") + if not inp.lower().endswith(".json"): - raise click.BadParameter(f"JSON input: {inp!r} is not a JSON file with a .json extension") - with open(inp) as js: - start = js.read(100).strip() - if not start.startswith("{"): - raise click.BadParameter(f"JSON input: {inp!r} is not a well formed JSON file") + raise click.BadParameter("Error: Invalid value: Input JSON scan file(s) is not valid JSON") + + try: + with open(inp, 'r', encoding='utf-8') as f: + json.load(f) # Try to parse the file as JSON + except (json.JSONDecodeError, UnicodeDecodeError): + raise click.BadParameter("Error: Invalid value: Input JSON scan file(s) is not valid JSON") return value