Ajustes sugeridos pelo linter #1

cmd/relatorio.go

@@ -18,6 +18,12 @@ import (
 	"github.com/dude333/rapinav2/pkg/progress"
 )
 
+const (
+	_customerNumFmt  = `_(* #,##0_);[RED]_(* (#,##0);_(* "-"_);_(@_)`
+	_customerPercFmt = `0.0%;[RED]0.0%;_(* "-"_);_(@_)`
+	_customerFracFmt = `_(0.00_);[RED]_((0.00);_(* "-"_);_(@_)`
+)
+
 type flagsRelatorio struct {
 	outputDir string
 	crescente bool
@@ -145,9 +151,8 @@ func excelReport(x *excel.Excel, itr []rapina.InformeTrimestral, decrescente boo
 
 	normalFont, _ := x.SetFont(10.0, false, false)
 	titleFont, _ := x.SetFont(10.0, true, false)
-	customerNumFmt := `_(* #,##0_);[RED]_(* (#,##0);_(* "-"_);_(@_)`
-	numberNormal, _ := x.SetNumber(10.0, false, customerNumFmt)
-	numberBold, _ := x.SetNumber(10.0, true, customerNumFmt)
+	numberNormal, _ := x.SetNumber(10.0, false, _customerNumFmt)
+	numberBold, _ := x.SetNumber(10.0, true, _customerNumFmt)
 
 	// ===== Relatório - início =====
 
@@ -403,12 +408,9 @@ func excelSummaryReport(x *excel.Excel, itr []rapina.InformeTrimestral, decresce
 		progress.Fatal(err)
 	}
 
-	customerNumFmt := `_(* #,##0_);[RED]_(* (#,##0);_(* "-"_);_(@_)`
-	number, _ := x.SetNumber(10.0, false, customerNumFmt)
-	customerPercFmt := `0.0%;[RED]0.0%;_(* "-"_);_(@_)`
-	percent, _ := x.SetNumber(10.0, false, customerPercFmt)
-	customerFracFmt := `_(0.00_);[RED]_((0.00);_(* "-"_);_(@_)`
-	frac, _ := x.SetNumber(10.0, false, customerFracFmt)
+	number, _ := x.SetNumber(10.0, false, _customerNumFmt)
+	percent, _ := x.SetNumber(10.0, false, _customerPercFmt)
+	frac, _ := x.SetNumber(10.0, false, _customerFracFmt)
 	titleFont, _ := x.SetFont(10.0, true, false)
 
 	seq := []int{0, 1, 2, 3}
@@ -533,12 +535,9 @@ func excelSummaryReportVertical(x *excel.Excel, itr []rapina.InformeTrimestral,
 		progress.Fatal(err)
 	}
 
-	customerNumFmt := `_(* #,##0_);[RED]_(* (#,##0);_(* "-"_);_(@_)`
-	number, _ := x.SetNumber(10.0, false, customerNumFmt)
-	customerPercFmt := `0.0%;[RED]0.0%;_(* "-"_);_(@_)`
-	percent, _ := x.SetNumber(10.0, false, customerPercFmt)
-	customerFracFmt := `_(0.00_);[RED]_((0.00);_(* "-"_);_(@_)`
-	frac, _ := x.SetNumber(10.0, false, customerFracFmt)
+	number, _ := x.SetNumber(10.0, false, _customerNumFmt)
+	percent, _ := x.SetNumber(10.0, false, _customerPercFmt)
+	frac, _ := x.SetNumber(10.0, false, _customerFracFmt)
 	titleFont, _ := x.SetFont(10.0, true, true)
 
 	seq := []int{0, 1, 2, 3}
@@ -642,17 +641,10 @@ func excelSummaryReportVertical(x *excel.Excel, itr []rapina.InformeTrimestral,
 	// Freeze panes
 	_ = x.FreezePane("B2")
 
-	// Trim empty columns
+	// Delete empty columns
 	for i := len(sumRows) - 1; i >= 0; i-- {
-		if sumRows[i] != 0.0 {
-			break
-		}
-		_ = x.RemoveRow(row2 + i)
-	}
-	for i := 0; i < len(sumRows); i++ {
-		if sumRows[i] != 0.0 {
-			break
+		if sumRows[i] == 0.0 {
+			_ = x.RemoveRow(row2 + i)
 		}
-		_ = x.RemoveRow(row2)
 	}
 }

pkg/excel/excel.go

@@ -69,7 +69,7 @@ func (x *Excel) FreezePane(cell string) error {
 	})
 }
 
-func (x *Excel) SetFont(size float64, bold bool, wrap bool) (int, error) {
+func (x *Excel) SetFont(size float64, bold, wrap bool) (int, error) {
 	return x.file.NewStyle(&excelize.Style{
 		Font: &excelize.Font{
 			Size: size,
@@ -91,7 +91,7 @@ func (x *Excel) SetNumber(size float64, bold bool, format string) (int, error) {
 	})
 }
 
-func (x *Excel) PrintCell(row, col int, style int, value interface{}) {
+func (x *Excel) PrintCell(row, col, style int, value interface{}) {
 	_ = x.file.SetCellValue(x.sheetName, cell(row, col), value)
 	_ = x.file.SetCellStyle(x.sheetName, cell(row, col), cell(row, col), style)
 }
@@ -124,7 +124,7 @@ func (x *Excel) Close() error {
 }
 
 func StringWidth(str string) float64 {
-	var width float64 = 0.0
+	var width = 0.0
 	for _, ch := range str {
 		width += charWidth(ch)
 	}

pkg/infra/infra_unzip.go

@@ -18,7 +18,7 @@ import (
 // within the zip file (parameter 1) to an output directory (parameter 2).
 // Source: https://golangcode.com/unzip-files-in-go/
 //
-func Unzip(src string, dest string, filters []string, verbose bool) ([]string, error) {
+func Unzip(src, dest string, filters []string, verbose bool) ([]string, error) {
 
 	var filenames []string
 
@@ -30,64 +30,76 @@ func Unzip(src string, dest string, filters []string, verbose bool) ([]string, e
 
 	for _, f := range r.File {
 
-		if !matchFilter(f.Name, filters) {
-			continue
-		}
-
-		rc, err := f.Open()
-		if err != nil {
-			return filenames, err
-		}
-		defer rc.Close()
-
-		// Store filename/path for returning and using later on
-		fpath := filepath.Join(dest, f.Name)
-
-		// Check for ZipSlip. More Info: http://bit.ly/2MsjAWE
-		if !strings.HasPrefix(fpath, filepath.Clean(dest)+string(os.PathSeparator)) {
-			return filenames, fmt.Errorf("%s: illegal file path", fpath)
-		}
-
-		filenames = append(filenames, fpath)
-
-		if f.FileInfo().IsDir() {
-
-			// Make Folder
-			if err = os.MkdirAll(fpath, os.ModePerm); err != nil {
-				return nil, err
+		// https://stackoverflow.com/a/45617791/276311
+		ff, err := func() ([]string, error) {
+			if !matchFilter(f.Name, filters) {
+				return filenames, nil // continue
 			}
 
-		} else {
-
-			// Make File
-			if err = os.MkdirAll(filepath.Dir(fpath), os.ModePerm); err != nil {
+			rc, err := f.Open()
+			if err != nil {
 				return filenames, err
 			}
+			defer rc.Close()
 
-			outFile, err := os.OpenFile(fpath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, f.Mode())
+			// Store filename/path for returning and using later on
+			fpath, err := sanitizeArchivePath(dest, f.Name)
 			if err != nil {
 				return filenames, err
 			}
 
-			counter := io.Discard
-			if verbose {
-				fmt.Printf("[          ] Unziping %s", fpath)
-				counter = &WriteCounter{}
-			}
-			_, err = io.Copy(outFile, io.TeeReader(rc, counter))
-			if verbose {
-				fmt.Println()
+			// Check for ZipSlip. More Info: http://bit.ly/2MsjAWE
+			if !strings.HasPrefix(fpath, filepath.Clean(dest)+string(os.PathSeparator)) {
+				return filenames, fmt.Errorf("%s: illegal file path", fpath)
 			}
 
-			// Close the file without defer to close before next iteration of loop
-			outFile.Close()
+			filenames = append(filenames, fpath)
+
+			if f.FileInfo().IsDir() {
+
+				// Make Folder
+				if err := os.MkdirAll(fpath, os.ModePerm); err != nil {
+					return nil, err
+				}
+
+			} else {
+
+				// Make File
+				if err := os.MkdirAll(filepath.Dir(fpath), os.ModePerm); err != nil {
+					return filenames, err
+				}
+
+				outFile, err := os.OpenFile(fpath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, f.Mode())
+				if err != nil {
+					return filenames, err
+				}
+
+				counter := io.Discard
+				if verbose {
+					fmt.Printf("[          ] Unziping %s", fpath)
+					counter = &WriteCounter{}
+				}
+				_, err = io.Copy(outFile, io.TeeReader(rc, counter))
+				if verbose {
+					fmt.Println()
+				}
+
+				// Close the file without defer to close before next iteration of loop
+				outFile.Close()
+
+				if err != nil {
+					return filenames, err
+				}
 
-			if err != nil {
-				return filenames, err
 			}
+			return filenames, err
+		}()
 
+		if err != nil {
+			return ff, err
 		}
 	}
+
 	return filenames, nil
 }
 
@@ -102,3 +114,13 @@ func matchFilter(s string, f []string) bool {
 	}
 	return false
 }
+
+// Sanitize archive file pathing from "G305: Zip Slip vulnerability"
+func sanitizeArchivePath(d, t string) (v string, err error) {
+	v = filepath.Join(d, t)
+	if strings.HasPrefix(v, filepath.Clean(d)) {
+		return v, nil
+	}
+
+	return "", fmt.Errorf("%s: %s", "content filepath is tainted", t)
+}