Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

json.NewDecoder.Decode(buf) seg faults #40751

Closed
archit-p opened this issue Aug 13, 2020 · 7 comments
Closed

json.NewDecoder.Decode(buf) seg faults #40751

archit-p opened this issue Aug 13, 2020 · 7 comments

Comments

@archit-p
Copy link

@archit-p archit-p commented Aug 13, 2020

What version of Go are you using (go version)?

$ go version
go version go1.14.4 linux/amd64

Does this issue reproduce with the latest release?

Yes.

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE="auto"
GOARCH="amd64"
GOBIN="/home/archit-p/go/bin"
GOCACHE="/home/archit-p/.cache/go-build"
GOENV="/home/archit-p/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/home/archit-p/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/archit-p/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/home/archit-p/pkg/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/home/archit-p/pkg/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/home/archit-p/sources/go-rest-crud-api/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build127476697=/tmp/go-build -gno-record-gcc-switches"

What did you do?

d := json.NewDecoder(r)
err := d.Decode(s)
if err != nil {
	return err
}

Update: https://play.golang.org/p/QwbR7J99nZs

What did you expect to see?

err == InvalidUnmarshalError

What did you see instead?

Segmentation fault inside Decode

@mvdan
Copy link
Member

@mvdan mvdan commented Aug 13, 2020

Please provide a full program to reproduce this.

Also, try building your program with -race. Most memory corruption issues with Go are because the program is racy or uses unsafe in an incorrect way.

@archit-p
Copy link
Author

@archit-p archit-p commented Aug 13, 2020

Hi @mvdan thanks for the quick response!

I've created a short program to illustrate the issue: https://play.golang.org/p/QwbR7J99nZs

@mvdan
Copy link
Member

@mvdan mvdan commented Aug 13, 2020

nil pointer dereference

You're trying to read from a nil reader. This is very much expected. Wrap your code with a nil check.

The Go project doesn't use the issue tracker for questions. See https://golang.org/wiki/Questions.

@mvdan mvdan closed this Aug 13, 2020
@archit-p
Copy link
Author

@archit-p archit-p commented Aug 13, 2020

Thanks for pointing that out @mvdan . Although this wasn't intended to be a question. I'm already using a nil check in my code, but felt this behavior could be included in the go standard library.

@mvdan
Copy link
Member

@mvdan mvdan commented Aug 13, 2020

Unless the docs explicitly say that they handle a nil interface value, you can't assume it will work. Passing nil to Decode makes little sense in any case, and isn't documented to work, so a panic seems fine to me. Adding extra code to specifically handle this case and return it as an error seems to have no benefit in my eyes.

@archit-p
Copy link
Author

@archit-p archit-p commented Aug 13, 2020

One case where this would be helpful: validating JSON data sent to REST APIs. Supposing the handler received an empty request body, and passes it into Decode. Currently, the handler needs to perform error check twice, like so:

func createSample(w http.ResponseWriter, r *http.Request) {
	if r.Body == nil {
                // error handling
        }
        var s Sample
	res, err := json.NewDecoder.Decode(&s)
	if err != nil {
		// error handling
	}
}
@mvdan
Copy link
Member

@mvdan mvdan commented Aug 13, 2020

Yes, and that seems fine to me. Because "no input was provided" is an entirely different error than "there was a problem decoding the JSON".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
You can’t perform that action at this time.