Merge pull request #64 from specter25/package-spdxId

Throw error for pkgs / files without SPDX IDs
author: Steve Winslow <steve@swinslow.net> 2021-07-04 10:58:12 -0400
committer: GitHub <noreply@github.com> 2021-07-04 10:58:12 -0400
commit: edbff31685f91a801f64cd23c05b495141b66e60 (patch)
tree: bada1208dfc6effcf56c6d11d4f6a930a1f81603 /tvloader
parent: 68f272030de367e80eab5338ea84aa8e0cd53620 (diff)
parent: b238c888559fcfaba7abc4d73741b633746c10d2 (diff)
download: spdx-tools-edbff31685f91a801f64cd23c05b495141b66e60.tar.gz
20 files changed, 300 insertions, 7 deletions
diff --git a/tvloader/parser2v1/parse_creation_info.go b/tvloader/parser2v1/parse_creation_info.go
index 05130ee..8742bf2 100644
--- a/tvloader/parser2v1/parse_creation_info.go
+++ b/tvloader/parser2v1/parse_creation_info.go
@@ -12,7 +12,7 @@ import (
 func (parser *tvParser2_1) parsePairFromCreationInfo2_1(tag string, value string) error {
 	// fail if not in Creation Info parser state
 	if parser.st != psCreationInfo2_1 {
-		return fmt.Errorf("Got invalid state %v in parsePairFromCreationInfo2_1", parser.st)
+		return fmt.Errorf("got invalid state %v in parsePairFromCreationInfo2_1", parser.st)
 	}
 
 	// create an SPDX Creation Info data struct if we don't have one already
@@ -76,6 +76,13 @@ func (parser *tvParser2_1) parsePairFromCreationInfo2_1(tag string, value string
 
 	// tag for going on to package section
 	case "PackageName":
+		// error if last file does not have an identifier
+		// this may be a null case: can we ever have a "last file" in
+		// the "creation info" state? should go on to "file" state
+		// even when parsing unpackaged files.
+		if parser.file != nil && parser.file.FileSPDXIdentifier == nullSpdxElementId2_1 {
+			return fmt.Errorf("file with FileName %s does not have SPDX identifier", parser.file.FileName)
+		}
 		parser.st = psPackage2_1
 		parser.pkg = &spdx.Package2_1{
 			FilesAnalyzed:             true,
diff --git a/tvloader/parser2v1/parse_file.go b/tvloader/parser2v1/parse_file.go
index efe31d9..7347384 100644
--- a/tvloader/parser2v1/parse_file.go
+++ b/tvloader/parser2v1/parse_file.go
@@ -18,10 +18,18 @@ func (parser *tvParser2_1) parsePairFromFile2_1(tag string, value string) error
 	switch tag {
 	// tag for creating new file section
 	case "FileName":
+		// check if the previous file contained a spdxId or not
+		if parser.file != nil && parser.file.FileSPDXIdentifier == nullSpdxElementId2_1 {
+			return fmt.Errorf("file with FileName %s does not have SPDX identifier", parser.file.FileName)
+		}
 		parser.file = &spdx.File2_1{}
 		parser.file.FileName = value
 	// tag for creating new package section and going back to parsing Package
 	case "PackageName":
+		// check if the previous file contained a spdxId or not
+		if parser.file != nil && parser.file.FileSPDXIdentifier == nullSpdxElementId2_1 {
+			return fmt.Errorf("file with FileName %s does not have SPDX identifier", parser.file.FileName)
+		}
 		parser.st = psPackage2_1
 		parser.file = nil
 		return parser.parsePairFromPackage2_1(tag, value)
diff --git a/tvloader/parser2v1/parse_file_test.go b/tvloader/parser2v1/parse_file_test.go
index 68efe2b..9f42b55 100644
--- a/tvloader/parser2v1/parse_file_test.go
+++ b/tvloader/parser2v1/parse_file_test.go
@@ -885,4 +885,47 @@ func TestParser2_1FailsIfArtifactURIBeforeArtifactName(t *testing.T) {
 	}
 }
 
+func TestParser2_1FilesWithoutSpdxIdThrowError(t *testing.T) {
+	// case 1: The previous file (packaged or unpackaged) does not contain spdxID
+	parser1 := tvParser2_1{
+		doc:  &spdx.Document2_1{Packages: map[spdx.ElementID]*spdx.Package2_1{}},
+		st:   psFile2_1,
+		file: &spdx.File2_1{FileName: "FileName"},
+	}
+
+	err := parser1.parsePair2_1("FileName", "f2")
+	if err == nil {
+		t.Errorf("file without SPDX Identifier getting accepted")
+	}
 
+	// case 2: Invalid file with snippet
+	// Last unpackaged file before a snippet starts
+	sid1 := spdx.ElementID("s1")
+	fileName := "f2.txt"
+	parser2 := tvParser2_1{
+		doc:  &spdx.Document2_1{},
+		st:   psCreationInfo2_1,
+		file: &spdx.File2_1{FileName: fileName},
+	}
+	err = parser2.parsePair2_1("SnippetSPDXID", string(sid1))
+	if err == nil {
+		t.Errorf("file without SPDX Identifier getting accepted")
+	}
+
+	// case 3 : Invalid File without snippets
+	// Last unpackaged file before a package starts
+	// Last file of a package and New package starts
+	parser3 := tvParser2_1{
+		doc: &spdx.Document2_1{},
+		st:  psCreationInfo2_1,
+	}
+	fileName = "f3.txt"
+	err = parser3.parsePair2_1("FileName", fileName)
+	if err != nil {
+		t.Errorf("%s", err)
+	}
+	err = parser3.parsePair2_1("PackageName", "p2")
+	if err == nil {
+		t.Errorf("files withoutSpdx Identifier getting accepted")
+	}
+}
diff --git a/tvloader/parser2v1/parse_package.go b/tvloader/parser2v1/parse_package.go
index b653d9e..a867107 100644
--- a/tvloader/parser2v1/parse_package.go
+++ b/tvloader/parser2v1/parse_package.go
@@ -20,6 +20,10 @@ func (parser *tvParser2_1) parsePairFromPackage2_1(tag string, value string) err
 	case "PackageName":
 		// if package already has a name, create and go on to a new package
 		if parser.pkg == nil || parser.pkg.PackageName != "" {
+			// check if the previous package contained an spdxId or not
+			if parser.pkg != nil && parser.pkg.PackageSPDXIdentifier == nullSpdxElementId2_1 {
+				return fmt.Errorf("package with PackageName %s does not have SPDX identifier", parser.pkg.PackageName)
+			}
 			parser.pkg = &spdx.Package2_1{
 				FilesAnalyzed:             true,
 				IsFilesAnalyzedTagPresent: false,
diff --git a/tvloader/parser2v1/parse_package_test.go b/tvloader/parser2v1/parse_package_test.go
index e6dc5e4..3cda3ce 100644
--- a/tvloader/parser2v1/parse_package_test.go
+++ b/tvloader/parser2v1/parse_package_test.go
@@ -1069,3 +1069,27 @@ func TestFailsPackageExternalRefWithInvalidFormat(t *testing.T) {
 	}
 }
 
+func TestParser2_1PackageWithoutSpdxIdentifierThrowsError(t *testing.T) {
+	// More than one package, the previous package doesn't contain the SPDXID
+	pkgOldName := "p1"
+	parser := tvParser2_1{
+		doc: &spdx.Document2_1{Packages: map[spdx.ElementID]*spdx.Package2_1{}},
+		st:  psPackage2_1,
+		pkg: &spdx.Package2_1{PackageName: pkgOldName},
+	}
+	pkgOld := parser.pkg
+	parser.doc.Packages["p1"] = pkgOld
+	// the Document's Packages should have this one only
+	if parser.doc.Packages["p1"] != pkgOld {
+		t.Errorf("expected package %v, got %v", pkgOld, parser.doc.Packages["p1"])
+	}
+	if len(parser.doc.Packages) != 1 {
+		t.Errorf("expected 1 package, got %d", len(parser.doc.Packages))
+	}
+
+	pkgName := "p2"
+	err := parser.parsePair2_1("PackageName", pkgName)
+	if err == nil {
+		t.Errorf("package without SPDX Identifier getting accepted")
+	}
+}
diff --git a/tvloader/parser2v1/parse_snippet.go b/tvloader/parser2v1/parse_snippet.go
index f7085a7..d590383 100644
--- a/tvloader/parser2v1/parse_snippet.go
+++ b/tvloader/parser2v1/parse_snippet.go
@@ -13,6 +13,10 @@ func (parser *tvParser2_1) parsePairFromSnippet2_1(tag string, value string) err
 	switch tag {
 	// tag for creating new snippet section
 	case "SnippetSPDXID":
+		// check here whether the previous file contained an SPDX ID or not
+		if parser.file != nil && parser.file.FileSPDXIdentifier == nullSpdxElementId2_1 {
+			return fmt.Errorf("file with FileName %s does not have SPDX identifier", parser.file.FileName)
+		}
 		parser.snippet = &spdx.Snippet2_1{}
 		eID, err := extractElementID(value)
 		if err != nil {
diff --git a/tvloader/parser2v1/parse_snippet_test.go b/tvloader/parser2v1/parse_snippet_test.go
index a4412df..603abc5 100644
--- a/tvloader/parser2v1/parse_snippet_test.go
+++ b/tvloader/parser2v1/parse_snippet_test.go
@@ -587,3 +587,20 @@ func TestParser2_1FailsForInvalidSnippetLineValues(t *testing.T) {
 	}
 }
 
+func TestParser2_1FilesWithoutSpdxIdThrowErrorWithSnippets(t *testing.T) {
+	// Invalid file with snippet
+	// Last unpackaged file before the snippet starts
+	// Last file of a package and new snippet starts
+	fileName := "f2.txt"
+	sid1 := spdx.ElementID("s1")
+	parser2 := tvParser2_1{
+		doc:  &spdx.Document2_1{},
+		st:   psCreationInfo2_1,
+		file: &spdx.File2_1{FileName: fileName},
+	}
+	err := parser2.parsePair2_1("SnippetSPDXID", string(sid1))
+	if err == nil {
+		t.Errorf("files without SPDX Identifiers getting accepted")
+	}
+
+}
diff --git a/tvloader/parser2v1/parser.go b/tvloader/parser2v1/parser.go
index 78f4685..f4a5ae1 100644
--- a/tvloader/parser2v1/parser.go
+++ b/tvloader/parser2v1/parser.go
@@ -20,6 +20,12 @@ func ParseTagValues(tvs []reader.TagValuePair) (*spdx.Document2_1, error) {
 			return nil, err
 		}
 	}
+	if parser.file != nil && parser.file.FileSPDXIdentifier == nullSpdxElementId2_1 {
+		return nil, fmt.Errorf("file with FileName %s does not have SPDX identifier", parser.file.FileName)
+	}
+	if parser.pkg != nil && parser.pkg.PackageSPDXIdentifier == nullSpdxElementId2_1 {
+		return nil, fmt.Errorf("package with PackageName %s does not have SPDX identifier", parser.pkg.PackageName)
+	}
 
 	return parser.doc, nil
 }
@@ -41,14 +47,14 @@ func (parser *tvParser2_1) parsePair2_1(tag string, value string) error {
 	case psReview2_1:
 		return parser.parsePairFromReview2_1(tag, value)
 	default:
-		return fmt.Errorf("Parser state %v not recognized when parsing (%s, %s)", parser.st, tag, value)
+		return fmt.Errorf("parser state %v not recognized when parsing (%s, %s)", parser.st, tag, value)
 	}
 }
 
 func (parser *tvParser2_1) parsePairFromStart2_1(tag string, value string) error {
 	// fail if not in Start parser state
 	if parser.st != psStart2_1 {
-		return fmt.Errorf("Got invalid state %v in parsePairFromStart2_1", parser.st)
+		return fmt.Errorf("got invalid state %v in parsePairFromStart2_1", parser.st)
 	}
 
 	// create an SPDX Document data struct if we don't have one already
diff --git a/tvloader/parser2v1/parser_test.go b/tvloader/parser2v1/parser_test.go
index 4a61828..9fe051f 100644
--- a/tvloader/parser2v1/parser_test.go
+++ b/tvloader/parser2v1/parser_test.go
@@ -77,3 +77,33 @@ func TestParser2_1StartFailsToParseIfInInvalidState(t *testing.T) {
 		t.Errorf("expected non-nil error, got nil")
 	}
 }
+
+func TestParser2_1FilesWithoutSpdxIdThrowErrorAtCompleteParse(t *testing.T) {
+	// case: checks the last file
+	// Last unpackaged file no packages in doc
+	// Last file of last package in the doc
+	tvPairs := []reader.TagValuePair{
+		{Tag: "SPDXVersion", Value: "SPDX-2.1"},
+		{Tag: "DataLicense", Value: "CC0-1.0"},
+		{Tag: "SPDXID", Value: "SPDXRef-DOCUMENT"},
+		{Tag: "FileName", Value: "f1"},
+	}
+	_, err := ParseTagValues(tvPairs)
+	if err == nil {
+		t.Errorf("file without SPDX Identifier getting accepted")
+	}
+}
+
+func TestParser2_1PackageWithoutSpdxIdThrowErrorAtCompleteParse(t *testing.T) {
+	// case: Checks the last package
+	tvPairs := []reader.TagValuePair{
+		{Tag: "SPDXVersion", Value: "SPDX-2.1"},
+		{Tag: "DataLicense", Value: "CC0-1.0"},
+		{Tag: "SPDXID", Value: "SPDXRef-DOCUMENT"},
+		{Tag: "PackageName", Value: "p1"},
+	}
+	_, err := ParseTagValues(tvPairs)
+	if err == nil {
+		t.Errorf("package without SPDX Identifier getting accepted")
+	}
+}
diff --git a/tvloader/parser2v1/types.go b/tvloader/parser2v1/types.go
index 5a73864..164f6a8 100644
--- a/tvloader/parser2v1/types.go
+++ b/tvloader/parser2v1/types.go
@@ -52,3 +52,5 @@ const (
 	// in review section
 	psReview2_1
 )
+
+const nullSpdxElementId2_1 = spdx.ElementID("")
diff --git a/tvloader/parser2v2/parse_creation_info.go b/tvloader/parser2v2/parse_creation_info.go
index a3c7fbf..c2bfe40 100644
--- a/tvloader/parser2v2/parse_creation_info.go
+++ b/tvloader/parser2v2/parse_creation_info.go
@@ -12,7 +12,7 @@ import (
 func (parser *tvParser2_2) parsePairFromCreationInfo2_2(tag string, value string) error {
 	// fail if not in Creation Info parser state
 	if parser.st != psCreationInfo2_2 {
-		return fmt.Errorf("Got invalid state %v in parsePairFromCreationInfo2_2", parser.st)
+		return fmt.Errorf("got invalid state %v in parsePairFromCreationInfo2_2", parser.st)
 	}
 
 	// create an SPDX Creation Info data struct if we don't have one already
@@ -76,6 +76,13 @@ func (parser *tvParser2_2) parsePairFromCreationInfo2_2(tag string, value string
 
 	// tag for going on to package section
 	case "PackageName":
+		// error if last file does not have an identifier
+		// this may be a null case: can we ever have a "last file" in
+		// the "creation info" state? should go on to "file" state
+		// even when parsing unpackaged files.
+		if parser.file != nil && parser.file.FileSPDXIdentifier == nullSpdxElementId2_2 {
+			return fmt.Errorf("file with FileName %s does not have SPDX identifier", parser.file.FileName)
+		}
 		parser.st = psPackage2_2
 		parser.pkg = &spdx.Package2_2{
 			FilesAnalyzed:             true,
diff --git a/tvloader/parser2v2/parse_file.go b/tvloader/parser2v2/parse_file.go
index 86886d3..27ec6a4 100644
--- a/tvloader/parser2v2/parse_file.go
+++ b/tvloader/parser2v2/parse_file.go
@@ -18,11 +18,19 @@ func (parser *tvParser2_2) parsePairFromFile2_2(tag string, value string) error
 	switch tag {
 	// tag for creating new file section
 	case "FileName":
+		// check if the previous file contained an spdx Id or not
+		if parser.file != nil && parser.file.FileSPDXIdentifier == nullSpdxElementId2_2 {
+			return fmt.Errorf("file with FileName %s does not have SPDX identifier", parser.file.FileName)
+		}
 		parser.file = &spdx.File2_2{}
 		parser.file.FileName = value
 	// tag for creating new package section and going back to parsing Package
 	case "PackageName":
 		parser.st = psPackage2_2
+		// check if the previous file contained an spdx Id or not
+		if parser.file != nil && parser.file.FileSPDXIdentifier == nullSpdxElementId2_2 {
+			return fmt.Errorf("file with FileName %s does not have SPDX identifier", parser.file.FileName)
+		}
 		parser.file = nil
 		return parser.parsePairFromPackage2_2(tag, value)
 	// tag for going on to snippet section
diff --git a/tvloader/parser2v2/parse_file_test.go b/tvloader/parser2v2/parse_file_test.go
index 411593f..689a2df 100644
--- a/tvloader/parser2v2/parse_file_test.go
+++ b/tvloader/parser2v2/parse_file_test.go
@@ -917,3 +917,48 @@ func TestParser2_2FailsIfArtifactURIBeforeArtifactName(t *testing.T) {
 		t.Errorf("expected non-nil error, got nil")
 	}
 }
+
+func TestParser2_2FilesWithoutSpdxIdThrowError(t *testing.T) {
+	// case 1: The previous file (packaged or unpackaged) does not contain spdx ID
+	parser1 := tvParser2_2{
+		doc:  &spdx.Document2_2{Packages: map[spdx.ElementID]*spdx.Package2_2{}},
+		st:   psFile2_2,
+		file: &spdx.File2_2{FileName: "FileName"},
+	}
+
+	err := parser1.parsePair2_2("FileName", "f2")
+	if err == nil {
+		t.Errorf("file without SPDX Identifier getting accepted")
+	}
+
+	// case 2: Invalid file with snippet
+	// Last unpackaged file before the snippet start
+	fileName := "f2.txt"
+	sid1 := spdx.ElementID("s1")
+	parser2 := tvParser2_2{
+		doc:  &spdx.Document2_2{},
+		st:   psCreationInfo2_2,
+		file: &spdx.File2_2{FileName: fileName},
+	}
+	err = parser2.parsePair2_2("SnippetSPDXID", string(sid1))
+	if err == nil {
+		t.Errorf("file without SPDX Identifier getting accepted")
+	}
+
+	// case 3: Invalid File without snippets
+	// Last unpackaged file before the package starts
+	// Last file of a package and New package starts
+	parser3 := tvParser2_2{
+		doc: &spdx.Document2_2{},
+		st:  psCreationInfo2_2,
+	}
+	fileName = "f3.txt"
+	err = parser3.parsePair2_2("FileName", fileName)
+	if err != nil {
+		t.Errorf("%s", err)
+	}
+	err = parser3.parsePair2_2("PackageName", "p2")
+	if err == nil {
+		t.Errorf("file without SPDX Identifier getting accepted")
+	}
+}
diff --git a/tvloader/parser2v2/parse_package.go b/tvloader/parser2v2/parse_package.go
index 3f5939b..15f7dc6 100644
--- a/tvloader/parser2v2/parse_package.go
+++ b/tvloader/parser2v2/parse_package.go
@@ -20,6 +20,10 @@ func (parser *tvParser2_2) parsePairFromPackage2_2(tag string, value string) err
 	case "PackageName":
 		// if package already has a name, create and go on to a new package
 		if parser.pkg == nil || parser.pkg.PackageName != "" {
+			// check if the previous package contained an spdx Id or not
+			if parser.pkg != nil && parser.pkg.PackageSPDXIdentifier == nullSpdxElementId2_2 {
+				return fmt.Errorf("package with PackageName %s does not have SPDX identifier", parser.pkg.PackageName)
+			}
 			parser.pkg = &spdx.Package2_2{
 				FilesAnalyzed:             true,
 				IsFilesAnalyzedTagPresent: false,
diff --git a/tvloader/parser2v2/parse_package_test.go b/tvloader/parser2v2/parse_package_test.go
index 33b4784..5809931 100644
--- a/tvloader/parser2v2/parse_package_test.go
+++ b/tvloader/parser2v2/parse_package_test.go
@@ -1102,3 +1102,28 @@ func TestFailsPackageExternalRefWithInvalidFormat(t *testing.T) {
 		t.Errorf("expected non-nil error, got nil")
 	}
 }
+
+func TestParser2_2PackageWithoutSpdxIdentifierThrowsError(t *testing.T) {
+	// More than one package, the previous package doesn't contain an SPDX ID
+	pkgOldName := "p1"
+	parser := tvParser2_2{
+		doc: &spdx.Document2_2{Packages: map[spdx.ElementID]*spdx.Package2_2{}},
+		st:  psPackage2_2,
+		pkg: &spdx.Package2_2{PackageName: pkgOldName},
+	}
+	pkgOld := parser.pkg
+	parser.doc.Packages["p1"] = pkgOld
+	// the Document's Packages should have this one only
+	if parser.doc.Packages["p1"] != pkgOld {
+		t.Errorf("expected package %v, got %v", pkgOld, parser.doc.Packages["p1"])
+	}
+	if len(parser.doc.Packages) != 1 {
+		t.Errorf("expected 1 package, got %d", len(parser.doc.Packages))
+	}
+
+	pkgName := "p2"
+	err := parser.parsePair2_2("PackageName", pkgName)
+	if err == nil {
+		t.Errorf("package without SPDX Identifier getting accepted")
+	}
+}
diff --git a/tvloader/parser2v2/parse_snippet.go b/tvloader/parser2v2/parse_snippet.go
index 0d9dc3f..7f58604 100644
--- a/tvloader/parser2v2/parse_snippet.go
+++ b/tvloader/parser2v2/parse_snippet.go
@@ -13,6 +13,10 @@ func (parser *tvParser2_2) parsePairFromSnippet2_2(tag string, value string) err
 	switch tag {
 	// tag for creating new snippet section
 	case "SnippetSPDXID":
+		// check here whether the file contained an SPDX ID or not
+		if parser.file != nil && parser.file.FileSPDXIdentifier == nullSpdxElementId2_2 {
+			return fmt.Errorf("file with FileName %s does not have SPDX identifier", parser.file.FileName)
+		}
 		parser.snippet = &spdx.Snippet2_2{}
 		eID, err := extractElementID(value)
 		if err != nil {
diff --git a/tvloader/parser2v2/parse_snippet_test.go b/tvloader/parser2v2/parse_snippet_test.go
index 987fe2a..d019a0c 100644
--- a/tvloader/parser2v2/parse_snippet_test.go
+++ b/tvloader/parser2v2/parse_snippet_test.go
@@ -614,3 +614,21 @@ func TestParser2_2FailsForInvalidSnippetLineValues(t *testing.T) {
 		t.Errorf("expected non-nil error, got nil")
 	}
 }
+
+func TestParser2_2FilesWithoutSpdxIdThrowErrorWithSnippets(t *testing.T) {
+	// Invalid file with snippet
+	// Last unpackaged file before the snippet starts
+	// Last file of a package and New package starts
+	fileName := "f2.txt"
+	sid1 := spdx.ElementID("s1")
+	parser2 := tvParser2_2{
+		doc:  &spdx.Document2_2{},
+		st:   psCreationInfo2_2,
+		file: &spdx.File2_2{FileName: fileName},
+	}
+	err := parser2.parsePair2_2("SnippetSPDXID", string(sid1))
+	if err == nil {
+		t.Errorf("file without SPDX Identifier getting accepted")
+	}
+
+}
diff --git a/tvloader/parser2v2/parser.go b/tvloader/parser2v2/parser.go
index e89bab1..9886874 100644
--- a/tvloader/parser2v2/parser.go
+++ b/tvloader/parser2v2/parser.go
@@ -20,7 +20,12 @@ func ParseTagValues(tvs []reader.TagValuePair) (*spdx.Document2_2, error) {
 			return nil, err
 		}
 	}
-
+	if parser.file != nil && parser.file.FileSPDXIdentifier == nullSpdxElementId2_2 {
+		return nil, fmt.Errorf("file with FileName %s does not have SPDX identifier", parser.file.FileName)
+	}
+	if parser.pkg != nil && parser.pkg.PackageSPDXIdentifier == nullSpdxElementId2_2 {
+		return nil, fmt.Errorf("package with PackageName %s does not have SPDX identifier", parser.pkg.PackageName)
+	}
 	return parser.doc, nil
 }
 
@@ -41,14 +46,14 @@ func (parser *tvParser2_2) parsePair2_2(tag string, value string) error {
 	case psReview2_2:
 		return parser.parsePairFromReview2_2(tag, value)
 	default:
-		return fmt.Errorf("Parser state %v not recognized when parsing (%s, %s)", parser.st, tag, value)
+		return fmt.Errorf("parser state %v not recognized when parsing (%s, %s)", parser.st, tag, value)
 	}
 }
 
 func (parser *tvParser2_2) parsePairFromStart2_2(tag string, value string) error {
 	// fail if not in Start parser state
 	if parser.st != psStart2_2 {
-		return fmt.Errorf("Got invalid state %v in parsePairFromStart2_2", parser.st)
+		return fmt.Errorf("got invalid state %v in parsePairFromStart2_2", parser.st)
 	}
 
 	// create an SPDX Document data struct if we don't have one already
diff --git a/tvloader/parser2v2/parser_test.go b/tvloader/parser2v2/parser_test.go
index 7eec49c..4cd5228 100644
--- a/tvloader/parser2v2/parser_test.go
+++ b/tvloader/parser2v2/parser_test.go
@@ -77,3 +77,33 @@ func TestParser2_2StartFailsToParseIfInInvalidState(t *testing.T) {
 		t.Errorf("expected non-nil error, got nil")
 	}
 }
+
+func TestParser2_2FilesWithoutSpdxIdThrowErrorAtCompleteParse(t *testing.T) {
+	// case: Checks the last file
+	// Last unpackaged file with no packages in doc
+	// Last file of last package in the doc
+	tvPairs := []reader.TagValuePair{
+		{Tag: "SPDXVersion", Value: "SPDX-2.2"},
+		{Tag: "DataLicense", Value: "CC0-1.0"},
+		{Tag: "SPDXID", Value: "SPDXRef-DOCUMENT"},
+		{Tag: "FileName", Value: "f1"},
+	}
+	_, err := ParseTagValues(tvPairs)
+	if err == nil {
+		t.Errorf("file without SPDX Identifier getting accepted")
+	}
+}
+
+func TestParser2_2PackageWithoutSpdxIdThrowErrorAtCompleteParse(t *testing.T) {
+	// case: Checks the last package
+	tvPairs := []reader.TagValuePair{
+		{Tag: "SPDXVersion", Value: "SPDX-2.2"},
+		{Tag: "DataLicense", Value: "CC0-1.0"},
+		{Tag: "SPDXID", Value: "SPDXRef-DOCUMENT"},
+		{Tag: "PackageName", Value: "p1"},
+	}
+	_, err := ParseTagValues(tvPairs)
+	if err == nil {
+		t.Errorf("package without SPDX Identifier getting accepted")
+	}
+}
diff --git a/tvloader/parser2v2/types.go b/tvloader/parser2v2/types.go
index 6039a1c..1cdbcef 100644
--- a/tvloader/parser2v2/types.go
+++ b/tvloader/parser2v2/types.go
@@ -52,3 +52,5 @@ const (
 	// in review section
 	psReview2_2
 )
+
+const nullSpdxElementId2_2 = spdx.ElementID("")
author	Steve Winslow <steve@swinslow.net>	2021-07-04 10:58:12 -0400
committer	GitHub <noreply@github.com>	2021-07-04 10:58:12 -0400
commit	edbff31685f91a801f64cd23c05b495141b66e60 (patch)
tree	bada1208dfc6effcf56c6d11d4f6a930a1f81603 /tvloader
parent	68f272030de367e80eab5338ea84aa8e0cd53620 (diff)
parent	b238c888559fcfaba7abc4d73741b633746c10d2 (diff)
download	spdx-tools-edbff31685f91a801f64cd23c05b495141b66e60.tar.gz