From 6c396c118d11b7461ded4a9181f1d58d2d6cd668 Mon Sep 17 00:00:00 2001
From: Chris Capurso <1036769+ccapurso@users.noreply.github.com>
Date: Thu, 24 Mar 2022 16:16:37 -0400
Subject: [PATCH] Add input validation to getRuleInfo to prevent panic (#14501)

* return error from getRuleInfo if rule contains empty slice to prevent panic

* add changelog entry
---
 changelog/14501.txt          | 3 +++
 helper/random/parser.go      | 5 +++++
 helper/random/parser_test.go | 9 +++++++++
 3 files changed, 17 insertions(+)
 create mode 100644 changelog/14501.txt

diff --git a/changelog/14501.txt b/changelog/14501.txt
new file mode 100644
index 0000000000000..5ed687e28ad70
--- /dev/null
+++ b/changelog/14501.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+core: Fix panic caused by parsing policies with empty slice values.
+```
diff --git a/helper/random/parser.go b/helper/random/parser.go
index 572767263e3b0..3184db8aa5c62 100644
--- a/helper/random/parser.go
+++ b/helper/random/parser.go
@@ -126,6 +126,11 @@ func getRuleInfo(rule map[string]interface{}) (data ruleInfo, err error) {
 		if err != nil {
 			return data, fmt.Errorf("unable to get rule data: %w", err)
 		}
+
+		if len(slice) == 0 {
+			return data, fmt.Errorf("rule info cannot be empty")
+		}
+
 		data = ruleInfo{
 			ruleType: key,
 			data:     slice[0],
diff --git a/helper/random/parser_test.go b/helper/random/parser_test.go
index 2ce1fde521e40..59cdb81430438 100644
--- a/helper/random/parser_test.go
+++ b/helper/random/parser_test.go
@@ -297,6 +297,15 @@ func TestParser_ParsePolicy(t *testing.T) {
 			expected:  StringGenerator{},
 			expectErr: true,
 		},
+		"config value with empty slice": {
+			registry: defaultRuleNameMapping,
+			rawConfig: `
+                rule {
+                    n = []
+                }`,
+			expected:  StringGenerator{},
+			expectErr: true,
+		},
 	}
 
 	for name, test := range tests {