SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 05:40:11 +01:00
Code Issues Releases Activity Actions

Make json parsing more strict
Some checks are pending
Go / build (push) Waiting to run
Details
Go / run_modver (push) Blocked by required conditions
Details

Browse source
This commit is contained in:
koplas 2025-07-02 17:06:25 +02:00
parent c833c00f84
commit fc3837d655
No known key found for this signature in database
13 changed files with 68 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

5
csaf/advisory.go
View file

@ -14,6 +14,8 @@ import (
"fmt"
"io"
"os"
"github.com/gocsaf/csaf/v3/internal/misc"
)
// Acknowledgement reflects the 'acknowledgement' object in the list of acknowledgements.
@ -383,7 +385,6 @@ type Relationship struct {
FullProductName *FullProductName `json:"full_product_name"` // required
ProductReference *ProductID `json:"product_reference"` // required
RelatesToProductReference *ProductID `json:"relates_to_product_reference"` // required
}
// Relationships is a list of Relationship.
@ -1391,7 +1392,7 @@ func LoadAdvisory(fname string) (*Advisory, error) {
}
defer f.Close()
var advisory Advisory
if err := json.NewDecoder(f).Decode(&advisory); err != nil {
if err := misc.StrictJSONParse(f, &advisory); err != nil {
return nil, err
}
if err := advisory.Validate(); err != nil {