From a9ea16d27e26821595cd16c21ef0f27ea6f18634 Mon Sep 17 00:00:00 2001
From: Spencer Schrock <sschrock@google.com>
Date: Mon, 11 Jul 2022 21:55:05 +0000
Subject: [PATCH] Add nil check before dereferencing name for image digest

---
 checks/evaluation/pinned_dependencies.go | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/checks/evaluation/pinned_dependencies.go b/checks/evaluation/pinned_dependencies.go
index d3845041a046..d64f05ff6dc9 100644
--- a/checks/evaluation/pinned_dependencies.go
+++ b/checks/evaluation/pinned_dependencies.go
@@ -159,18 +159,20 @@ func updatePinningResults(rr *checker.Dependency,
 }
 
 func generateText(rr *checker.Dependency) string {
-	if rr.Type == checker.DependencyUseTypeGHAction {
+	switch rr.Type {
+	case checker.DependencyUseTypeGHAction:
 		// Check if we are dealing with a GitHub action or a third-party one.
 		gitHubOwned := fileparser.IsGitHubOwnedAction(rr.Location.Snippet)
 		owner := generateOwnerToDisplay(gitHubOwned)
 		return fmt.Sprintf("%s %s not pinned by hash", owner, rr.Type)
-	} else if rr.Type == checker.DependencyUseTypeDockerfileContainerImage {
-		hash, err := crane.Digest(*rr.Name)
-		if err == nil {
+	case checker.DependencyUseTypeDockerfileContainerImage:
+		if rr.Name == nil {
+			break
+		}
+		if hash, err := crane.Digest(*rr.Name); err == nil { // if NO error
 			return fmt.Sprintf("%s not pinned by hash. Fix by updating %[2]s to %[2]s@%s", rr.Type, *rr.Name, hash)
 		}
 	}
-
 	return fmt.Sprintf("%s not pinned by hash", rr.Type)
 }