pattern(go): ellipsis does not match cases with one-or-more case clauses

Question

pattern(go): ellipsis does not match cases with one-or-more case clauses

craigfe opened this issue 2 months ago · comments

Describe the bug

The ellipsis operator cannot be used to match sequences of case clauses in a Go switch statement. For example, I'd expect the following:

switch $_ {
  case 0, ...:
    ...
}

To match the following examples:

func main() {
    // ruleid: ellipsis-in-case
    switch n {
        case 0: return
    }

    // ruleid: ellipsis-in-case
    switch n {
        case 0, 1: return
    }

    // ruleid: ellipsis-in-case
    switch n {
        case 0, 1, 2: return
    }
}

To Reproduce
https://semgrep.dev/playground/s/BY0ob

What is the priority of the bug to you?

P0: blocking your adoption of Semgrep or workflow
P1: important to fix or quite annoying
P2: regular bug that should get fixed

Use case
This would allow us to strengthen our Semgrep rules that attempt to catch branching on certain constants (using either switch or if). Our existing workaround is to use pattern-either to enumerate patterns for a fixed number of case clauses (e.g. 0-8).