Go

Go

Made by DeepSource

gin.LoadHTMLGlob with ill-formed pattern would panic GO-E1000

Bug risk
Critical

gin.LoadHTMLGlob loads HTML files identified by glob pattern and associates the result with HTML renderer, but if the pattern passed is ill-formed, it would result in panic. Hence, one should check pattern before using it as an argument to LoadHTMLGlob.

To check if a pattern is ill-formed, you could pass it as an argument, e.g., filepath.Match(pattern, "") and check the error value returned from the function.

Example:

bad := "[]a]"       // bad pattern
_, err := filepath.Match(bad, "")
if err != nil {
    fmt.Fprintln(os.Stderr, err)    // prints "syntax error in pattern"
}

good := "good/*"    // good pattern
_, err = filepath.Match(good, "")
if err != nil {
    fmt.Fprintln(os.Stderr, err)
}

Bad practice

router := gin.Default()
router.LoadHTMLGlob("[]a]")         // panics as "[]a]" is ill-formed pattern
router.LoadHTMLGlob("[-]")          // panics as "[-]" is ill-formed pattern
router.LoadHTMLGlob("[x-]")         // panics as "[x-]" is ill-formed pattern

Recommended

router := gin.Default()
router.LoadHTMLGlob("templates/*")  // doesn't panic as pattern is good