Avoid iterating on nil key.

Fixes #1351 Signed-off-by: James Maidment james@maidment.org Signed-off-by: Miquel Sabaté Solà <msabate@suse.com>
SUSE · Oct 18, 2017 · f19094b · f19094b
1 parent 714fd68
commit f19094b
Show file tree

Hide file tree

Showing 3 changed files with 223 additions and 1 deletion.
diff --git a/lib/portus/security_backends/clair.rb b/lib/portus/security_backends/clair.rb
@@ -40,7 +40,7 @@ def layer_vulnerabilities(digest)
 
         res = []
         known = []
-        layer["Features"].each do |f|
+        Array(layer["Features"]).each do |f|
           vulns = f["Vulnerabilities"]
           next if vulns.nil?
 

diff --git a/spec/lib/portus/security/clair_spec.rb b/spec/lib/portus/security/clair_spec.rb
@@ -81,6 +81,18 @@ def expect_cve_match(cves, given, expected)
     expect_cve_match(["CVE-2016-6301", "CVE-2016-8859"], res[:clair], proper[:clair])
   end
 
+  it "returns no CVEs if 'Features' is nil" do
+    VCR.turn_on!
+    res = {}
+
+    VCR.use_cassette("security/clair_features_nil", record: :none) do
+      clair = ::Portus::Security.new("coreos/dex", "unrelated")
+      res = clair.vulnerabilities
+    end
+
+    expect(res[:clair]).to be_empty
+  end
+
   it "logs the proper debug message when posting is unsuccessful" do
     VCR.turn_on!
     res = {}

diff --git a/spec/vcr_cassettes/security/clair_features_nil.yml b/spec/vcr_cassettes/security/clair_features_nil.yml