From 10815a4ea7ce105b18dd18c054112306de5df32f Mon Sep 17 00:00:00 2001
From: Owen Ou <jingweno@gmail.com>
Date: Fri, 2 Nov 2018 14:50:43 -0700
Subject: [PATCH] Disallow options that read from files

This fixes https://github.com/jingweno/jqplay/issues/78.
---
 jq/jq.go      | 16 +++++++++++++++-
 jq/jq_test.go | 18 ++++++++++++++++++
 2 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/jq/jq.go b/jq/jq.go
index 80f837c0..23ce2c1b 100644
--- a/jq/jq.go
+++ b/jq/jq.go
@@ -21,6 +21,14 @@ func (e *ValidationError) Error() string {
 var (
 	ExecTimeoutError   = errors.New("jq execution was timeout")
 	ExecCancelledError = errors.New("jq execution was cancelled")
+	disallowOpts       = map[string]bool{
+		"f":         true,
+		"from-file": true,
+		"slurpfile": true,
+		"argfile":   true,
+		"L":         true,
+		"run-tests": true,
+	}
 )
 
 type JQ struct {
@@ -83,8 +91,14 @@ func (j *JQ) Validate() error {
 		errMsgs = append(errMsgs, "missing JSON")
 	}
 
+	for _, opt := range j.O {
+		if disallowOpts[opt.Name] {
+			errMsgs = append(errMsgs, fmt.Sprintf("disallow option %q", opt.Name))
+		}
+	}
+
 	if len(errMsgs) > 0 {
-		return &ValidationError{fmt.Sprintf("invalid input: %s", strings.Join(errMsgs, " and "))}
+		return &ValidationError{fmt.Sprintf("invalid input: %s", strings.Join(errMsgs, ", "))}
 	}
 
 	return nil
diff --git a/jq/jq_test.go b/jq/jq_test.go
index 9b6d0269..f4a10697 100644
--- a/jq/jq_test.go
+++ b/jq/jq_test.go
@@ -5,6 +5,7 @@ import (
 	"io/ioutil"
 	"os"
 	"path/filepath"
+	"strings"
 	"sync"
 	"testing"
 	"time"
@@ -29,6 +30,23 @@ func TestJQEvalInvalidInput(t *testing.T) {
 	}
 }
 
+func TestJQValidateDisallowOpts(t *testing.T) {
+	jq := &JQ{
+		J: "{}",
+		Q: ".",
+		O: []JQOpt{
+			{
+				Name: "from-file",
+			},
+		},
+	}
+
+	err := jq.Validate()
+	if err == nil || !strings.Contains(err.Error(), `disallow option "from-file"`) {
+		t.Errorf(`err should include disallow option "from-file"`)
+	}
+}
+
 func TestJQEvalTimeout(t *testing.T) {
 	t.Parallel()