fix: Validate sqlc function arguments (#1633)

ryan-berger · web-flow · commit 895f4e15db8b · 2022-05-23T08:08:54.000-07:00
* fix: validate sqlc.* function call arg count

* remove nil/zero length check, skip bad FuncCalls in visitor

* add integration test for zero argument sqlc function call
diff --git a/internal/endtoend/testdata/sqlc_arg_invalid/mysql/query.sql b/internal/endtoend/testdata/sqlc_arg_invalid/mysql/query.sql
@@ -9,6 +9,9 @@ select id, first_name from users where id = sqlc.argh(target_id);
 -- name: TooManyArgs :one
 select id, first_name from users where id = sqlc.arg('foo', 'bar');
 
+-- name: TooFewArgs :one
+select id, first_name from users where id = sqlc.arg();
+
 -- name: InvalidArgFunc :one
 select id, first_name from users where id = sqlc.arg(sqlc.arg(target_id));
 
diff --git a/internal/endtoend/testdata/sqlc_arg_invalid/mysql/stderr.txt b/internal/endtoend/testdata/sqlc_arg_invalid/mysql/stderr.txt
@@ -1,5 +1,6 @@
 # package querytest
 query.sql:7:1: function "sqlc.argh" does not exist
 query.sql:10:45: expected 1 parameter to sqlc.arg; got 2
-query.sql:13:54: Invalid argument to sqlc.arg()
+query.sql:13:45: expected 1 parameter to sqlc.arg; got 0
 query.sql:16:54: Invalid argument to sqlc.arg()
+query.sql:19:54: Invalid argument to sqlc.arg()
diff --git a/internal/endtoend/testdata/sqlc_arg_invalid/postgresql/query.sql b/internal/endtoend/testdata/sqlc_arg_invalid/postgresql/query.sql
@@ -9,6 +9,9 @@ select id, first_name from users where id = sqlc.argh(target_id);
 -- name: TooManyArgs :one
 select id, first_name from users where id = sqlc.arg('foo', 'bar');
 
+-- name: TooFewArgs :one
+select id, first_name from users where id = sqlc.arg();
+
 -- name: InvalidArgFunc :one
 select id, first_name from users where id = sqlc.arg(sqlc.arg(target_id));
 
diff --git a/internal/endtoend/testdata/sqlc_arg_invalid/postgresql/stderr.txt b/internal/endtoend/testdata/sqlc_arg_invalid/postgresql/stderr.txt
@@ -1,5 +1,6 @@
 # package querytest
 query.sql:7:1: function "sqlc.argh" does not exist
 query.sql:10:45: expected 1 parameter to sqlc.arg; got 2
-query.sql:13:54: Invalid argument to sqlc.arg()
+query.sql:13:45: expected 1 parameter to sqlc.arg; got 0
 query.sql:16:54: Invalid argument to sqlc.arg()
+query.sql:19:54: Invalid argument to sqlc.arg()
diff --git a/internal/sql/validate/func_call.go b/internal/sql/validate/func_call.go
@@ -38,10 +38,8 @@ func (v *funcCallVisitor) Visit(node ast.Node) astutils.Visitor {
 			v.err = sqlerr.FunctionNotFound("sqlc." + fn.Name)
 			return nil
 		}
-		if call.Args == nil || len(call.Args.Items) == 0 {
-			return v
-		}
-		if len(call.Args.Items) > 1 {
+
+		if len(call.Args.Items) != 1 {
 			v.err = &sqlerr.Error{
 				Message:  fmt.Sprintf("expected 1 parameter to sqlc.arg; got %d", len(call.Args.Items)),
 				Location: call.Pos(),
diff --git a/internal/sql/validate/param_style.go b/internal/sql/validate/param_style.go
@@ -14,9 +14,14 @@ import (
 func ParamStyle(n ast.Node) error {
 	namedFunc := astutils.Search(n, named.IsParamFunc)
 	for _, f := range namedFunc.Items {
-		fc, ok := f.(*ast.FuncCall)
-		if ok {
-			switch val := fc.Args.Items[0].(type) {
+		if fc, ok := f.(*ast.FuncCall); ok {
+			args := fc.Args.Items
+
+			if len(args) == 0 {
+				continue
+			}
+
+			switch val := args[0].(type) {
 			case *ast.FuncCall:
 				return &sqlerr.Error{
 					Code:     "", // TODO: Pick a new error code
