Skip to content

Commit

Permalink
fix(misconf): check if property is not nil before conversion (aquasec…
Browse files Browse the repository at this point in the history
…urity#7578)

Signed-off-by: nikpivkin <[email protected]>
  • Loading branch information
nikpivkin authored Oct 17, 2024
1 parent 9da84f5 commit c8c14d3
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 0 deletions.
28 changes: 28 additions & 0 deletions pkg/iac/adapters/cloudformation/aws/ec2/adapt_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -338,6 +338,34 @@ Resources:
},
},
},
{
name: "empty",
source: `---
AWSTemplateFormatVersion: 2010-09-09
Description: Godd example of excessive ports
Resources:
NetworkACL:
Type: AWS::EC2::NetworkAcl
Rule:
Type: AWS::EC2::NetworkAclEntry
Properties:
NetworkAclId:
Ref: NetworkACL`,
expected: ec2.EC2{
NetworkACLs: []ec2.NetworkACL{
{
Rules: []ec2.NetworkACLRule{
{
Action: types.StringTest("allow"),
Type: types.StringTest("ingress"),
FromPort: types.IntTest(-1),
ToPort: types.IntTest(-1),
},
},
},
},
},
},
}

for _, tt := range tests {
Expand Down
7 changes: 7 additions & 0 deletions pkg/iac/scanners/cloudformation/parser/property_conversion.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,10 @@ import (
)

func (p *Property) IsConvertableTo(conversionType cftypes.CfType) bool {
if p.IsNil() {
return false
}

switch conversionType {
case cftypes.Int:
return p.isConvertableToInt()
Expand Down Expand Up @@ -62,6 +66,9 @@ func (p *Property) isConvertableToInt() bool {
}

func (p *Property) ConvertTo(conversionType cftypes.CfType) *Property {
if p.IsNil() {
return nil
}

if p.Type() == conversionType {
return p
Expand Down

0 comments on commit c8c14d3

Please sign in to comment.