├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── LICENSE ├── README.md ├── SECURITY.md ├── checkReturnValue.go ├── conditionalPolarities.go ├── logicalOperators.go ├── moreWaysToReturn.go ├── utils.go └── wrapperFunctions.go /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | +++ 2 | version = "1.4" 3 | aliases = ["/version/1/4"] 4 | +++ 5 | 6 | # Contributor Covenant Code of Conduct 7 | 8 | ## Our Pledge 9 | 10 | In the interest of fostering an open and welcoming environment, we as 11 | contributors and maintainers pledge to make participation in our project and 12 | our community a harassment-free experience for everyone, regardless of age, body 13 | size, disability, ethnicity, sex characteristics, gender identity and expression, 14 | level of experience, education, socio-economic status, nationality, personal 15 | appearance, race, religion, or sexual identity and orientation. 16 | 17 | ## Our Standards 18 | 19 | Examples of behavior that contributes to creating a positive environment 20 | include: 21 | 22 | * Using welcoming and inclusive language 23 | * Being respectful of differing viewpoints and experiences 24 | * Gracefully accepting constructive criticism 25 | * Focusing on what is best for the community 26 | * Showing empathy towards other community members 27 | 28 | Examples of unacceptable behavior by participants include: 29 | 30 | * The use of sexualized language or imagery and unwelcome sexual attention or 31 | advances 32 | * Trolling, insulting/derogatory comments, and personal or political attacks 33 | * Public or private harassment 34 | * Publishing others' private information, such as a physical or electronic 35 | address, without explicit permission 36 | * Other conduct which could reasonably be considered inappropriate in a 37 | professional setting 38 | 39 | ## Our Responsibilities 40 | 41 | Project maintainers are responsible for clarifying the standards of acceptable 42 | behavior and are expected to take appropriate and fair corrective action in 43 | response to any instances of unacceptable behavior. 44 | 45 | Project maintainers have the right and responsibility to remove, edit, or 46 | reject comments, commits, code, wiki edits, issues, and other contributions 47 | that are not aligned to this Code of Conduct, or to ban temporarily or 48 | permanently any contributor for other behaviors that they deem inappropriate, 49 | threatening, offensive, or harmful. 50 | 51 | ## Scope 52 | 53 | This Code of Conduct applies within all project spaces, and it also applies when 54 | an individual is representing the project or its community in public spaces. 55 | Examples of representing a project or community include using an official 56 | project e-mail address, posting via an official social media account, or acting 57 | as an appointed representative at an online or offline event. Representation of 58 | a project may be further defined and clarified by project maintainers. 59 | 60 | ## Enforcement 61 | 62 | Instances of abusive, harassing, or otherwise unacceptable behavior may be 63 | reported by contacting the project team at opensource+codeql-ctf-go-return 64 | @github.com. All complaints will be reviewed and investigated and will result 65 | in a response that is deemed necessary and appropriate to the circumstances. The 66 | project team is obligated to maintain confidentiality with regard to the reporter 67 | of an incident. Further details of specific enforcement policies may be posted separately. 68 | 69 | Project maintainers who do not follow or enforce the Code of Conduct in good 70 | faith may face temporary or permanent repercussions as determined by other 71 | members of the project's leadership. 72 | 73 | ## Attribution 74 | 75 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, 76 | available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html 77 | 78 | [homepage]: https://www.contributor-covenant.org 79 | 80 | For answers to common questions about this code of conduct, see 81 | https://www.contributor-covenant.org/faq 82 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | ## Contributing 2 | 3 | [fork]: https://github.com/github/codeql-ctf-go-return/fork 4 | [pr]: https://github.com/github/codeql-ctf-go-return/compare 5 | [code-of-conduct]: CODE_OF_CONDUCT.md 6 | 7 | Hi there! We're thrilled that you'd like to contribute to this project. Your help is essential for keeping it great. 8 | 9 | Contributions to this project are [released](https://help.github.com/articles/github-terms-of-service/#6-contributions-under-repository-license) to the public under the [project's open source license](LICENSE.md). 10 | 11 | Please note that this project is released with a [Contributor Code of Conduct][code-of-conduct]. By participating in this project you agree to abide by its terms. 12 | 13 | Note that this repository contains source material for a programming contest, so we will generally only accept fixes that clarify the contest here, such as fixing typos or improving consistency. 14 | 15 | ## Submitting a pull request 16 | 17 | 0. [Fork][fork] and clone the repository 18 | 0. Make sure your changes compile on your machine: `go build` 19 | 0. Create a new branch: `git checkout -b my-branch-name` 20 | 0. Make your change, add tests, and make sure the tests still pass 21 | 0. Push to your fork and [submit a pull request][pr] 22 | 0. Pat your self on the back and wait for your pull request to be reviewed and merged. 23 | 24 | Here are a few things you can do that will increase the likelihood of your pull request being accepted: 25 | 26 | - Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests. 27 | - Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html). 28 | 29 | ## Resources 30 | 31 | - [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/) 32 | - [Using Pull Requests](https://help.github.com/articles/about-pull-requests/) 33 | - [GitHub Help](https://help.github.com) 34 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Creative Commons Legal Code 2 | 3 | CC0 1.0 Universal 4 | 5 | CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE 6 | LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN 7 | ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS 8 | INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES 9 | REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS 10 | PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM 11 | THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED 12 | HEREUNDER. 13 | 14 | Statement of Purpose 15 | 16 | The laws of most jurisdictions throughout the world automatically confer 17 | exclusive Copyright and Related Rights (defined below) upon the creator 18 | and subsequent owner(s) (each and all, an "owner") of an original work of 19 | authorship and/or a database (each, a "Work"). 20 | 21 | Certain owners wish to permanently relinquish those rights to a Work for 22 | the purpose of contributing to a commons of creative, cultural and 23 | scientific works ("Commons") that the public can reliably and without fear 24 | of later claims of infringement build upon, modify, incorporate in other 25 | works, reuse and redistribute as freely as possible in any form whatsoever 26 | and for any purposes, including without limitation commercial purposes. 27 | These owners may contribute to the Commons to promote the ideal of a free 28 | culture and the further production of creative, cultural and scientific 29 | works, or to gain reputation or greater distribution for their Work in 30 | part through the use and efforts of others. 31 | 32 | For these and/or other purposes and motivations, and without any 33 | expectation of additional consideration or compensation, the person 34 | associating CC0 with a Work (the "Affirmer"), to the extent that he or she 35 | is an owner of Copyright and Related Rights in the Work, voluntarily 36 | elects to apply CC0 to the Work and publicly distribute the Work under its 37 | terms, with knowledge of his or her Copyright and Related Rights in the 38 | Work and the meaning and intended legal effect of CC0 on those rights. 39 | 40 | 1. Copyright and Related Rights. A Work made available under CC0 may be 41 | protected by copyright and related or neighboring rights ("Copyright and 42 | Related Rights"). Copyright and Related Rights include, but are not 43 | limited to, the following: 44 | 45 | i. the right to reproduce, adapt, distribute, perform, display, 46 | communicate, and translate a Work; 47 | ii. moral rights retained by the original author(s) and/or performer(s); 48 | iii. publicity and privacy rights pertaining to a person's image or 49 | likeness depicted in a Work; 50 | iv. rights protecting against unfair competition in regards to a Work, 51 | subject to the limitations in paragraph 4(a), below; 52 | v. rights protecting the extraction, dissemination, use and reuse of data 53 | in a Work; 54 | vi. database rights (such as those arising under Directive 96/9/EC of the 55 | European Parliament and of the Council of 11 March 1996 on the legal 56 | protection of databases, and under any national implementation 57 | thereof, including any amended or successor version of such 58 | directive); and 59 | vii. other similar, equivalent or corresponding rights throughout the 60 | world based on applicable law or treaty, and any national 61 | implementations thereof. 62 | 63 | 2. Waiver. To the greatest extent permitted by, but not in contravention 64 | of, applicable law, Affirmer hereby overtly, fully, permanently, 65 | irrevocably and unconditionally waives, abandons, and surrenders all of 66 | Affirmer's Copyright and Related Rights and associated claims and causes 67 | of action, whether now known or unknown (including existing as well as 68 | future claims and causes of action), in the Work (i) in all territories 69 | worldwide, (ii) for the maximum duration provided by applicable law or 70 | treaty (including future time extensions), (iii) in any current or future 71 | medium and for any number of copies, and (iv) for any purpose whatsoever, 72 | including without limitation commercial, advertising or promotional 73 | purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each 74 | member of the public at large and to the detriment of Affirmer's heirs and 75 | successors, fully intending that such Waiver shall not be subject to 76 | revocation, rescission, cancellation, termination, or any other legal or 77 | equitable action to disrupt the quiet enjoyment of the Work by the public 78 | as contemplated by Affirmer's express Statement of Purpose. 79 | 80 | 3. Public License Fallback. Should any part of the Waiver for any reason 81 | be judged legally invalid or ineffective under applicable law, then the 82 | Waiver shall be preserved to the maximum extent permitted taking into 83 | account Affirmer's express Statement of Purpose. In addition, to the 84 | extent the Waiver is so judged Affirmer hereby grants to each affected 85 | person a royalty-free, non transferable, non sublicensable, non exclusive, 86 | irrevocable and unconditional license to exercise Affirmer's Copyright and 87 | Related Rights in the Work (i) in all territories worldwide, (ii) for the 88 | maximum duration provided by applicable law or treaty (including future 89 | time extensions), (iii) in any current or future medium and for any number 90 | of copies, and (iv) for any purpose whatsoever, including without 91 | limitation commercial, advertising or promotional purposes (the 92 | "License"). The License shall be deemed effective as of the date CC0 was 93 | applied by Affirmer to the Work. Should any part of the License for any 94 | reason be judged legally invalid or ineffective under applicable law, such 95 | partial invalidity or ineffectiveness shall not invalidate the remainder 96 | of the License, and in such case Affirmer hereby affirms that he or she 97 | will not (i) exercise any of his or her remaining Copyright and Related 98 | Rights in the Work or (ii) assert any associated claims and causes of 99 | action with respect to the Work, in either case contrary to Affirmer's 100 | express Statement of Purpose. 101 | 102 | 4. Limitations and Disclaimers. 103 | 104 | a. No trademark or patent rights held by Affirmer are waived, abandoned, 105 | surrendered, licensed or otherwise affected by this document. 106 | b. Affirmer offers the Work as-is and makes no representations or 107 | warranties of any kind concerning the Work, express, implied, 108 | statutory or otherwise, including without limitation warranties of 109 | title, merchantability, fitness for a particular purpose, non 110 | infringement, or the absence of latent or other defects, accuracy, or 111 | the present or absence of errors, whether or not discoverable, all to 112 | the greatest extent permissible under applicable law. 113 | c. Affirmer disclaims responsibility for clearing rights of other persons 114 | that may apply to the Work or any use thereof, including without 115 | limitation any person's Copyright and Related Rights in the Work. 116 | Further, Affirmer disclaims responsibility for obtaining any necessary 117 | consents, permissions or other rights required for any use of the 118 | Work. 119 | d. Affirmer understands and acknowledges that Creative Commons is not a 120 | party to this document and has no duty or obligation with respect to 121 | this CC0 or use of the Work. 122 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # codeql-ctf-go-return 2 | Extension project for the Go and Don't Return CodeQL CTF 3 | 4 | This repository is intended for use by contestants in the March 2021 CodeQL CTF. If you are unfamiliar, first read the [contest documentation](https://securitylab.github.com/ctf/go-and-dont-return). 5 | 6 | This is a set of example programs that exhibit coding mistakes similar to CVE-2020-11012 found in MinIO, but which are in various ways trickier to accurately detect than the original MinIO bug. See the contest documentation linked above for instructions on building a CodeQL database for these examples and identifying bugs in them. 7 | 8 | If you notice any errors or omissions that don't appear related to the intentional bugs that are the target of the contest, see CONTRIBUTING.md for instructions on submitting pull requests. 9 | 10 | These examples are licensed under CC0. See the LICENSE file for full details. 11 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | If you discover a security issue in this repo, please submit it through the [GitHub Security Bug Bounty](https://hackerone.com/github) 2 | 3 | Thanks for helping make GitHub Actions safe for everyone. 4 | -------------------------------------------------------------------------------- /checkReturnValue.go: -------------------------------------------------------------------------------- 1 | package minioExtensions 2 | 3 | import "errors" 4 | 5 | func thenBranchGoodError() error { 6 | 7 | if errorSource() != ErrNone { 8 | // Good: returning an error 9 | return errors.New("failed") 10 | } 11 | doSomething() 12 | return nil 13 | 14 | } 15 | 16 | func thenBranchGoodWithElseError() error { 17 | 18 | if errorSource() != ErrNone { 19 | // Good: an error means we return an error 20 | return errors.New("failed") 21 | } else { 22 | doSomething() 23 | } 24 | doSomething() 25 | return nil 26 | 27 | } 28 | 29 | func thenBranchBadError() error { 30 | 31 | if errorSource() != ErrNone { 32 | // Bad: despite an error, we return nil 33 | return nil 34 | } 35 | doSomething() 36 | return nil 37 | 38 | } 39 | 40 | func thenBranchBadWithElseError() error { 41 | 42 | if errorSource() != ErrNone { 43 | // Bad: despite an error, we return nil 44 | return nil 45 | } else { 46 | doSomething() 47 | } 48 | doSomething() 49 | return nil 50 | 51 | } 52 | 53 | func elseBranchGoodError() error { 54 | 55 | if errorSource() == ErrNone { 56 | doSomething() 57 | } else { 58 | // Good: returning an error 59 | return errors.New("failed") 60 | } 61 | doSomething() 62 | return nil 63 | } 64 | 65 | func elseBranchBadError() error { 66 | 67 | if errorSource() == ErrNone { 68 | doSomething() 69 | } else { 70 | // Bad: despite an error, we return nil 71 | return nil 72 | } 73 | doSomething() 74 | return nil 75 | 76 | } 77 | 78 | func multiReturnBad() (string, error) { 79 | 80 | if errorSource() != ErrNone { 81 | // Bad: despite an error, we return a nil error 82 | return "", nil 83 | } 84 | doSomething() 85 | return "Result", nil 86 | 87 | } 88 | 89 | func getNil() error { 90 | return nil 91 | } 92 | 93 | func getError(s string) error { 94 | return errors.New(s) 95 | } 96 | 97 | func thenBranchGoodInterproceduralError() error { 98 | 99 | if errorSource() != ErrNone { 100 | // Good: returning an error 101 | return getError("failed") 102 | } 103 | doSomething() 104 | return getNil() 105 | 106 | } 107 | 108 | func thenBranchBadInterproceduralError() error { 109 | 110 | if errorSource() != ErrNone { 111 | // Bad: returning nil despite an error 112 | return getNil() 113 | } 114 | doSomething() 115 | return getNil() 116 | 117 | } 118 | 119 | -------------------------------------------------------------------------------- /conditionalPolarities.go: -------------------------------------------------------------------------------- 1 | package minioExtensions 2 | 3 | func thenBranchGood() { 4 | 5 | if errorSource() != ErrNone { 6 | // Good: an error means we return early 7 | return 8 | } 9 | doSomething() 10 | 11 | } 12 | 13 | func thenBranchGoodWithElse() { 14 | 15 | if errorSource() != ErrNone { 16 | // Good: an error means we return early 17 | return 18 | } else { 19 | doSomething() 20 | } 21 | doSomething() 22 | 23 | } 24 | 25 | func thenBranchBad() { 26 | 27 | if errorSource() != ErrNone { 28 | // Bad: despite an error, we carry on to execute doSomething() 29 | insteadOfReturn() 30 | } 31 | doSomething() 32 | 33 | } 34 | 35 | func thenBranchBadWithElse() { 36 | 37 | if errorSource() != ErrNone { 38 | // Bad: despite an error, we carry on to execute doSomething() 39 | insteadOfReturn() 40 | } else { 41 | doSomething() 42 | } 43 | doSomething() 44 | 45 | } 46 | 47 | func elseBranchGood() { 48 | 49 | if errorSource() == ErrNone { 50 | doSomething() 51 | } else { 52 | // Good: an error means we return early 53 | return 54 | } 55 | doSomething() 56 | 57 | } 58 | 59 | func elseBranchBad() { 60 | 61 | if errorSource() == ErrNone { 62 | doSomething() 63 | } else { 64 | // Bad: despite an error, we carry on to execute doSomething() 65 | insteadOfReturn() 66 | } 67 | doSomething() 68 | 69 | } 70 | -------------------------------------------------------------------------------- /logicalOperators.go: -------------------------------------------------------------------------------- 1 | package minioExtensions 2 | 3 | func negatedThenBranchGood() { 4 | 5 | if !(errorSource() == ErrNone) { 6 | // Good: an error means we return early 7 | return 8 | } 9 | doSomething() 10 | 11 | } 12 | 13 | func negatedThenBranchGoodWithElse() { 14 | 15 | if !(errorSource() == ErrNone) { 16 | // Good: an error means we return early 17 | return 18 | } else { 19 | doSomething() 20 | } 21 | doSomething() 22 | 23 | } 24 | 25 | func negatedElseBranchGood() { 26 | 27 | if !(errorSource() != ErrNone) { 28 | doSomething() 29 | } else { 30 | // Good: an error means we return early 31 | return 32 | } 33 | doSomething() 34 | 35 | } 36 | 37 | func negatedElseBranchBad() { 38 | 39 | if !(errorSource() != ErrNone) { 40 | doSomething() 41 | } else { 42 | // Bad: despite an error, we carry on to execute doSomething() 43 | insteadOfReturn() 44 | } 45 | doSomething() 46 | 47 | } 48 | 49 | func someOtherCondition() bool { 50 | return true 51 | } 52 | 53 | func logicalAndThenBranchSometimesBad() { 54 | 55 | if errorSource() != ErrNone && someOtherCondition() { 56 | // Bad: there is a route from a positive error test around the 'return' statement. 57 | return 58 | } 59 | doSomething() 60 | 61 | } 62 | 63 | func logicalAndThenBranchAlwaysBad() { 64 | 65 | if errorSource() != ErrNone && someOtherCondition() { 66 | // Bad: there is no return statement at all. 67 | insteadOfReturn() 68 | } 69 | doSomething() 70 | 71 | } 72 | 73 | func logicalAndElseBranchAlwaysBad2() { 74 | 75 | if errorSource() == ErrNone && someOtherCondition() { 76 | doSomething() 77 | } else { 78 | // Bad: there is no return statement at all. 79 | insteadOfReturn() 80 | } 81 | doSomething() 82 | 83 | } 84 | 85 | func logicalAndThenBranchGood() { 86 | 87 | if someOtherCondition() && errorSource() != ErrNone { 88 | // Good: whenever an error is indicated we return (note errorSource() is not called until someOtherCondition() passes) 89 | return 90 | } 91 | doSomething() 92 | 93 | } 94 | 95 | func logicalAndElseBranchGood() { 96 | 97 | if someOtherCondition() && errorSource() == ErrNone { 98 | // Good: whenever an error is indicated we return (note errorSource() is not called until someOtherCondition() passes) 99 | doSomething() 100 | } else { 101 | return 102 | } 103 | 104 | } 105 | 106 | func logicalAndElseBranchGood2() { 107 | 108 | if errorSource() == ErrNone && someOtherCondition() { 109 | // Good: whenever an error is indicated we return. 110 | doSomething() 111 | } else { 112 | return 113 | } 114 | doSomething() 115 | 116 | } 117 | 118 | func logicalOrElseBranchSometimesBad() { 119 | 120 | if errorSource() == ErrNone || someOtherCondition() { 121 | doSomething() 122 | } else { 123 | // Bad: there is a route from a failing error test that bypasses the return statement. 124 | return 125 | } 126 | doSomething() 127 | 128 | } 129 | 130 | func logicalOrElseBranchAlwaysBad() { 131 | 132 | if errorSource() == ErrNone || someOtherCondition() { 133 | doSomething() 134 | } else { 135 | // Bad: regardless of error status, we do not return. 136 | insteadOfReturn() 137 | } 138 | doSomething() 139 | 140 | } 141 | 142 | func logicalOrThenBranchAlwaysBad() { 143 | 144 | if errorSource() != ErrNone || someOtherCondition() { 145 | // Bad: regardless of error status, we do not return. 146 | insteadOfReturn() 147 | } else { 148 | doSomething() 149 | } 150 | doSomething() 151 | 152 | } 153 | 154 | func logicalOrThenBranchGood() { 155 | 156 | if someOtherCondition() || errorSource() != ErrNone { 157 | // Good: whenever an error is indicated we return. (note errorSource() is not called until someOtherCondition() fails) 158 | return 159 | } 160 | doSomething() 161 | 162 | } 163 | 164 | func logicalOrElseBranchGood() { 165 | 166 | if someOtherCondition() || errorSource() == ErrNone { 167 | // Good: whenever an error is indicated we return. (note errorSource() is not called until someOtherCondition() fails) 168 | doSomething() 169 | } else { 170 | return 171 | } 172 | 173 | } 174 | 175 | func logicalOrThenBranchGood2() { 176 | 177 | if errorSource() != ErrNone || someOtherCondition() { 178 | // Good: whenever an error is indicated we return. 179 | return 180 | } 181 | doSomething() 182 | 183 | } 184 | -------------------------------------------------------------------------------- /moreWaysToReturn.go: -------------------------------------------------------------------------------- 1 | package minioExtensions 2 | 3 | const particularErrOne = 1 4 | const particularErrTwo = 2 5 | 6 | func subBranchGood() int { 7 | 8 | // Good: while the if-block's logic is complex, it always returns. 9 | err := errorSource() 10 | if err != ErrNone { 11 | if err == particularErrOne { 12 | return -1 13 | } else if err == particularErrTwo { 14 | return -2 15 | } else { 16 | return -3 17 | } 18 | } 19 | doSomething() 20 | return 0 21 | 22 | } 23 | 24 | func subBranchBad() int { 25 | 26 | // Bad: one of the if-block's branches falls through to execute `doSomething()`. 27 | err := errorSource() 28 | if err != ErrNone { 29 | if err == particularErrOne { 30 | return -1 31 | } else if err == particularErrTwo { 32 | err = ErrNone 33 | } else { 34 | return -3 35 | } 36 | } 37 | doSomething() 38 | return 0 39 | 40 | } 41 | 42 | func switchGood() int { 43 | 44 | // Good: while the if-block's logic is complex, it always returns. 45 | err := errorSource() 46 | if err != ErrNone { 47 | switch err { 48 | case particularErrOne: 49 | return -1 50 | case particularErrTwo: 51 | return -2 52 | default: 53 | return -3 54 | } 55 | } 56 | doSomething() 57 | return 0 58 | 59 | } 60 | 61 | func switchBad() int { 62 | 63 | // Bad: one of the if-block's branches falls through to execute `doSomething()`. 64 | err := errorSource() 65 | if err != ErrNone { 66 | switch err { 67 | case particularErrOne: 68 | err = ErrNone 69 | case particularErrTwo: 70 | return -2 71 | default: 72 | return -3 73 | } 74 | } 75 | doSomething() 76 | return 0 77 | 78 | } -------------------------------------------------------------------------------- /utils.go: -------------------------------------------------------------------------------- 1 | package minioExtensions 2 | 3 | func errorSource() int { 4 | // The source of error values that must be checked. 5 | // We should treat this the same as `isReqAuthenticated` in the real `minio`. 6 | return 0 7 | } 8 | 9 | // The ErrNone value that errorSource() is compared against. 10 | var ErrNone = 0 11 | 12 | func doSomething() { 13 | // A no-op used as a stand-in for whatever code would normally follow an error check. 14 | } 15 | 16 | // A filler function, used to occupy a then- or else-block that would otherwise be empty, 17 | // where a return would be expected 18 | func insteadOfReturn() { 19 | } 20 | -------------------------------------------------------------------------------- /wrapperFunctions.go: -------------------------------------------------------------------------------- 1 | package minioExtensions 2 | 3 | func success() bool { 4 | return errorSource() == ErrNone 5 | } 6 | 7 | func failure() bool { 8 | return errorSource() != ErrNone 9 | } 10 | 11 | func succeeded(ret int) bool { 12 | return ret == ErrNone 13 | } 14 | 15 | func failed(ret int) bool { 16 | return ret != ErrNone 17 | } 18 | 19 | func thenBranchGoodSourceWrapper() { 20 | 21 | if failure() { 22 | // Good: an error means we return early 23 | return 24 | } 25 | doSomething() 26 | 27 | } 28 | 29 | func thenBranchBadSourceWrapper() { 30 | 31 | if failure() { 32 | // Bad: despite an error, we carry on to execute doSomething() 33 | insteadOfReturn() 34 | } 35 | doSomething() 36 | 37 | } 38 | 39 | func elseBranchGoodSourceWrapper() { 40 | 41 | if success() { 42 | doSomething() 43 | } else { 44 | // Good: an error means we return early 45 | return 46 | } 47 | doSomething() 48 | 49 | } 50 | 51 | func elseBranchBadSourceWrapper() { 52 | 53 | if success() { 54 | doSomething() 55 | } else { 56 | // Bad: despite an error, we carry on to execute doSomething() 57 | insteadOfReturn() 58 | } 59 | doSomething() 60 | 61 | } 62 | 63 | func thenBranchGoodTestWrapper() { 64 | 65 | if failed(errorSource()) { 66 | // Good: an error means we return early 67 | return 68 | } 69 | doSomething() 70 | 71 | } 72 | 73 | func thenBranchBadTestWrapper() { 74 | 75 | if failed(errorSource()) { 76 | // Bad: despite an error, we carry on to execute doSomething() 77 | insteadOfReturn() 78 | } 79 | doSomething() 80 | 81 | } 82 | 83 | func elseBranchGoodTestWrapper() { 84 | 85 | if succeeded(errorSource()) { 86 | doSomething() 87 | } else { 88 | // Good: an error means we return early 89 | return 90 | } 91 | doSomething() 92 | 93 | } 94 | 95 | func elseBranchBadTestWrapper() { 96 | 97 | if succeeded(errorSource()) { 98 | doSomething() 99 | } else { 100 | // Bad: despite an error, we carry on to execute doSomething() 101 | insteadOfReturn() 102 | } 103 | doSomething() 104 | 105 | } 106 | --------------------------------------------------------------------------------