rodin/review-bot
2
1
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases 6 Wiki Activity

fix(#141): reject non-regular files in validateDocmapPath

Browse Source 
Add IsRegular() check after Lstat so directories, FIFOs, and device nodes
produce a clear error ("docmap must be a regular file") instead of a
confusing downstream parse error.

Test: TestValidateDocmapPath_NonRegularFile

Addresses MINOR finding in review #4175.
This commit is contained in:
Rodin
2026-05-15 08:15:14 -07:00
parent 838a34aa12
commit 7adb296523
2 changed files with 32 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/review-bot/validatedocmap.go
+7
View File
@@ -61,6 +61,13 @@ func validateDocmapPath(localPath, resolvedRoot string) error {
return fmt.Errorf("symlinks are not allowed")
}
// Reject anything that is not a regular file (directories, FIFOs, device
// nodes, etc.) — ParseDocMapConfig expects a plain YAML file and would
// produce a confusing error on non-regular entries.
if !fi.Mode().IsRegular() {
return fmt.Errorf("docmap must be a regular file")
}
// Confine to resolvedRoot: use the fully-resolved path so that a directory
// symlink inside the repo cannot carry the path outside the root.
rel, err := filepath.Rel(resolvedRoot, resolvedPath)
cmd/review-bot/validatedocmap_test.go
+25
View File
@@ -599,3 +599,28 @@ func TestValidateDocmapPath_DirSymlinkBypass(t *testing.T) {
t.Error("expected rejection of dir-symlink bypass, got nil error")
}
}
// TestValidateDocmapPath_NonRegularFile verifies that --docmap pointing at a
// non-regular file (e.g. a directory) is rejected with a clear error before
// ParseDocMapConfig is called.
func TestValidateDocmapPath_NonRegularFile(t *testing.T) {
dir := t.TempDir()
// Use the directory itself as the docmap path — directories pass Lstat but
// are not regular files.
reviewBotDir := filepath.Join(dir, ".review-bot")
if err := os.MkdirAll(reviewBotDir, 0o755); err != nil {
t.Fatalf("MkdirAll: %v", err)
}
code, _, stderr := stdinValidateDocmap(t,
"",
[]string{"--docmap", reviewBotDir, "--repo-root", dir},
)
if code != 2 {
t.Errorf("expected exit 2 for directory docmap, got %d; stderr: %q", code, stderr)
}
if !strings.Contains(stderr, "regular file") && !strings.Contains(stderr, "invalid") {
t.Errorf("expected regular-file rejection in stderr, got %q", stderr)
}
}