Remove FileReport Error field in favor of custom error type (#777)

* Remove FileReport Error field in favor of custom error type

Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>

* Address PR comments

Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>

* Reason is redundant

Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>

* Update pkg/action/scan_error.go

Co-authored-by: Billy Lynch <1844673+wlynch@users.noreply.github.com>
Signed-off-by: Evan Gibler <20933572+egibs@users.noreply.github.com>

---------

Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
Signed-off-by: Evan Gibler <20933572+egibs@users.noreply.github.com>
Co-authored-by: Billy Lynch <1844673+wlynch@users.noreply.github.com>

Author: egibs

pkg/action/diff.go

@@ -96,7 +96,7 @@ func relFileReport(ctx context.Context, c malcontent.Config, fromPath string) (m
 		}
 		if fr, ok := value.(*malcontent.FileReport); ok {
 			isArchive := fr.ArchiveRoot != ""
-			if fr.Skipped != "" || fr.Error != "" {
+			if fr.Skipped != "" {
 				return true
 			}
 			rel, base, err = relPath(fromPath, fr, isArchive)

pkg/action/scan.go

@@ -92,28 +92,24 @@ func scanSinglePath(ctx context.Context, c malcontent.Config, path string, ruleF
 	mrs, err := yrs.Scan(fc)
 	if err != nil {
 		logger.Debug("skipping", slog.Any("error", err))
-		return &malcontent.FileReport{Path: path, Error: fmt.Sprintf("scan: %v", err)}, nil
+		return nil, err
 	}
 
 	fr, err := report.Generate(ctx, path, mrs, c, archiveRoot, logger, fc)
 	if err != nil {
-		return nil, err
-	}
-
-	if fr.Error != "" {
-		return &malcontent.FileReport{Path: path, Error: fmt.Sprintf("generate: %v", fr.Error)}, nil
+		return nil, NewFileReportError(err, path, TypeGenerateError)
 	}
 
 	// Clean up the path if scanning an archive
 	var clean string
 	if isArchive {
 		pathAbs, err := filepath.Abs(path)
 		if err != nil {
-			return nil, err
+			return nil, NewFileReportError(err, path, TypeGenerateError)
 		}
 		archiveRootAbs, err := filepath.Abs(archiveRoot)
 		if err != nil {
-			return nil, err
+			return nil, NewFileReportError(err, path, TypeGenerateError)
 		}
 		fr.ArchiveRoot = archiveRootAbs
 		fr.FullPath = pathAbs
@@ -168,9 +164,6 @@ func exitIfHitOrMiss(frs *sync.Map, scanPath string, errIfHit bool, errIfMiss bo
 			if fr.Skipped != "" {
 				return true
 			}
-			if fr.Error != "" {
-				return true
-			}
 			filesScanned++
 			if len(fr.Behaviors) > 0 && match == nil {
 				match = fr
@@ -446,7 +439,7 @@ func handleSingleFile(ctx context.Context, path string, scanInfo scanPathInfo, c
 	}
 
 	fr, err := processFile(ctx, c, c.RuleFS, path, scanInfo.effectivePath, trimPath, logger)
-	if err != nil && c.Renderer.Name() != interactive {
+	if err != nil && (c.Renderer == nil || c.Renderer.Name() != interactive) {
 		if len(c.TrimPrefixes) > 0 {
 			path = report.TrimPrefixes(path, c.TrimPrefixes)
 		}
@@ -569,26 +562,42 @@ func processArchive(ctx context.Context, c malcontent.Config, rfs []fs.FS, archi
 	return &frs, nil
 }
 
+// handleFileReportError returns the appropriate FileReport and error depending on the type of error.
+func handleFileReportError(err error, path string, logger *clog.Logger) (*malcontent.FileReport, error) {
+	var fileErr *FileReportError
+	if !errors.As(err, &fileErr) {
+		return nil, fmt.Errorf("failed to handle error for path %s: error type not FileReportError: %w", path, err)
+	}
+
+	switch fileErr.Type() {
+	case TypeUnknown:
+		return nil, fmt.Errorf("unknown error occurred while scanning path %s: %w", path, err)
+	case TypeScanError:
+		logger.Errorf("scan path: %v", err)
+		return nil, fmt.Errorf("scan failed for path %s: %w", path, err)
+	case TypeGenerateError:
+		return &malcontent.FileReport{
+			Path:    path,
+			Skipped: errMsgGenerateFailed,
+		}, nil
+	default:
+		return nil, fmt.Errorf("unhandled error type scanning path %s: %w", path, err)
+	}
+}
+
 // processFile scans a single output file, rendering live output if available.
 func processFile(ctx context.Context, c malcontent.Config, ruleFS []fs.FS, path string, scanPath string, archiveRoot string, logger *clog.Logger) (*malcontent.FileReport, error) {
 	logger = logger.With("path", path)
 
 	fr, err := scanSinglePath(ctx, c, path, ruleFS, scanPath, archiveRoot)
-	if err != nil && c.Renderer.Name() != interactive {
-		logger.Errorf("scan path: %v", err)
-		return nil, err
+	if err != nil && (c.Renderer == nil || c.Renderer.Name() != interactive) {
+		return handleFileReportError(err, path, logger)
 	}
 
 	if fr == nil {
-		logger.Debugf("%s returned nil result", path)
 		return nil, nil
 	}
 
-	if fr.Error != "" && c.Renderer.Name() != interactive {
-		logger.Errorf("scan error: %s", fr.Error)
-		return nil, fmt.Errorf("report error: %v", fr.Error)
-	}
-
 	return fr, nil
 }
 

pkg/action/scan_error.go

@@ -0,0 +1,78 @@
+package action
+
+import "fmt"
+
+// Error message constants for NewFileReportError reasons.
+// If the compiled rules are invalid or the scanner malfunctions, yrs.Scan will fail.
+// If mrs is nil or Generate fails, the file report will be nil.
+const (
+	errMsgUnknown        = "unknown error"
+	errMsgScanFailed     = "scan failed"
+	errMsgGenerateFailed = "failed to generate file report"
+)
+
+type ErrorType int
+
+// Error type iotas.
+const (
+	// TypeUnknown will be the default of `0`.
+	TypeUnknown ErrorType = iota
+	// TypeScanError is to be used when compiled rules are invalid or the scan fails otherwise.
+	TypeScanError
+	// TypeGenerateError is to be used when a file's report cannot be created.
+	TypeGenerateError
+)
+
+// FileReportError is a custom error type to hold the error, path, and vanity reason.
+type FileReportError struct {
+	err    error
+	path   string
+	reason ErrorType
+}
+
+// NewFileReportError returns a new FileReportError.
+func NewFileReportError(err error, path string, reason ErrorType) *FileReportError {
+	return &FileReportError{
+		err:    err,
+		path:   path,
+		reason: reason,
+	}
+}
+
+func (e *FileReportError) errMsg() string {
+	switch e.reason {
+	case TypeUnknown:
+		return errMsgUnknown
+	case TypeScanError:
+		return errMsgScanFailed
+	case TypeGenerateError:
+		return errMsgGenerateFailed
+	default:
+		return fmt.Sprintf("unknown error type(%d)", e.reason)
+	}
+}
+
+func (e *FileReportError) Error() string {
+	if e.err == nil {
+		return fmt.Sprintf("%s: %s", e.errMsg(), e.path)
+	}
+	return fmt.Sprintf("%s: %s: %v", errMsgUnknown, e.path, e.err)
+}
+
+func (e *FileReportError) Is(target error) bool {
+	t, ok := target.(*FileReportError)
+	if !ok {
+		return false
+	}
+	return e.path == t.path && e.reason == t.reason
+}
+
+func (e *FileReportError) Path() string { return e.path }
+
+func (e *FileReportError) Type() ErrorType {
+	return e.reason
+}
+
+func (e *FileReportError) Unwrap() error {
+	return e.err
+}

pkg/malcontent/malcontent.go

@@ -79,7 +79,6 @@ type FileReport struct {
 	SHA256 string
 	Size   int64
 	// compiler -> x
-	Error             string            `json:",omitempty" yaml:",omitempty"`
 	Skipped           string            `json:",omitempty" yaml:",omitempty"`
 	Meta              map[string]string `json:",omitempty" yaml:",omitempty"`
 	Syscalls          []string          `json:",omitempty" yaml:",omitempty"`

pkg/render/markdown.go

@@ -154,12 +154,6 @@ func (r Markdown) Full(ctx context.Context, _ *malcontent.Config, rep *malconten
 }
 
 func markdownTable(_ context.Context, fr *malcontent.FileReport, w io.Writer, rc tableConfig) {
-	path := fr.Path
-	if fr.Error != "" {
-		fmt.Printf("⚠️ %s - error: %s\n", path, fr.Error)
-		return
-	}
-
 	if fr.Skipped != "" {
 		return
 	}

pkg/render/tea.go

@@ -363,8 +363,6 @@ func (r *Interactive) File(ctx context.Context, fr *malcontent.FileReport) error
 
 	var content string
 	switch {
-	case fr.Error != "":
-		content = fmt.Sprintf("error scanning %s: %s", fr.Path, fr.Error)
 	case fr.Skipped != "":
 		content = fmt.Sprintf("skipped %s: %s", fr.Path, fr.Skipped)
 	case len(fr.Behaviors) > 0:

pkg/report/report.go

@@ -367,7 +367,7 @@ func TrimPrefixes(path string, prefixes []string) string {
 //nolint:cyclop // ignore complexity of 64
 func Generate(ctx context.Context, path string, mrs *yarax.ScanResults, c malcontent.Config, expath string, _ *clog.Logger, fc []byte) (*malcontent.FileReport, error) {
 	if mrs == nil {
-		return &malcontent.FileReport{Path: path, Error: fmt.Sprintf("yara-x scan results are nil for %s", path)}, nil
+		return nil, fmt.Errorf("scan failed")
 	}
 
 	ignoreTags := c.IgnoreTags