Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
GitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
encoding/gob: panic on random input #9649
100% reproducible panic inside the gob decoder. Version is the binary package from golang.org. Panic on user data seems like the wrong thing to do, even if it could possibly be because Decode was called after Decode returned error (I don't know that this is always the case).
I encountered this on a real but corrupt gob file, but it seems that just generating 10MB of garbage does it too.
Taking a closer look at this. The issue seems to be that the error examined at https://github.com/golang/go/blob/master/src/encoding/gob/decode.go#L1111 is never non-nil; the error return from compileDec is not used as far as I can see - all errors are sent via the error_ panic function and caught by catchError at https://github.com/golang/go/blob/master/src/encoding/gob/decode.go#L1145 missing this check.
This means that the decoderMap entry is never deleted and so the decoder then sees the nil value.