`Unmarshal` will `panic` on malformed octets
infosecual opened this issue · comments
Describe the bug
Unmarshal will panic on malformed octets.
To Reproduce
I made a test function in a fork of this project that will reliably trigger the panic here.
The offending test case is simple:
%YAML 1.2
---
a: 1
b: 0_
Expected behavior
A clear error returned from Unmarshal that gracefully handles the malformed token (no panic) .
Version Variables
- go version: go1.22
- go-yaml's Version: 1.11.3
Additional context
Here is the panic output:
Running tool: /usr/local/go/bin/go test -timeout 30s -run ^TestUnmarshalOctet$ github.com/goccy/go-yaml
--- FAIL: TestUnmarshalOctet (0.00s)
panic: runtime error: index out of range [1] with length 1 [recovered]
panic: runtime error: index out of range [1] with length 1
goroutine 6 [running]:
testing.tRunner.func1.2({0x742ce0, 0xc0003182e8})
/usr/local/go/src/testing/testing.go:1631 +0x24a
testing.tRunner.func1()
/usr/local/go/src/testing/testing.go:1634 +0x377
panic({0x742ce0?, 0xc0003182e8?})
/usr/local/go/src/runtime/panic.go:770 +0x132
github.com/goccy/go-yaml/ast.Integer(0xc000017130)
/home/user/repos/infosecual-go-yaml/ast/ast.go:336 +0x9d2
github.com/goccy/go-yaml/parser.(*parser).parseScalarValue(0x7fd1d9453bf8?, 0xc000017130)
/home/user/repos/infosecual-go-yaml/parser/parser.go:470 +0x48e
github.com/goccy/go-yaml/parser.(*parser).parseScalarValueWithComment(0xc0000edcb8, 0xc000328500, 0x0?)
/home/user/repos/infosecual-go-yaml/parser/parser.go:443 +0x25
github.com/goccy/go-yaml/parser.(*parser).createNodeFromToken(0xc0000edcb8, 0xc000328500, 0xc000017130)
/home/user/repos/infosecual-go-yaml/parser/parser.go:650 +0x4a
github.com/goccy/go-yaml/parser.(*parser).parseToken(0xa43f20?, 0xc000328500, 0x0?)
/home/user/repos/infosecual-go-yaml/parser/parser.go:632 +0x1c
github.com/goccy/go-yaml/parser.(*parser).parse(0xc0000edcb8, {0xc000074230?, 0x1?, 0x0?}, 0x0?)
/home/user/repos/infosecual-go-yaml/parser/parser.go:688 +0x14d
github.com/goccy/go-yaml/parser.Parse({0xc000074230?, 0xc0002fb600?, 0x2?}, 0x7fd1d94790e8?)
/home/user/repos/infosecual-go-yaml/parser/parser.go:724 +0x29
github.com/goccy/go-yaml/parser.ParseBytes({0xc0002fb600?, 0xc0002e4690?, 0x7e2d60?}, 0x0)
/home/user/repos/infosecual-go-yaml/parser/parser.go:714 +0x3d
github.com/goccy/go-yaml.(*Decoder).parse(0xc000000180, {0xc0002fb600?, 0x7e2d40?, 0xc0002e4690?})
/home/user/repos/infosecual-go-yaml/decode.go:1642 +0x3e
github.com/goccy/go-yaml.(*Decoder).decodeInit(0xc000000180)
/home/user/repos/infosecual-go-yaml/decode.go:1670 +0xb1
github.com/goccy/go-yaml.(*Decoder).DecodeContext(0xc000000180, {0x7e4e10, 0xa43f20}, {0x6ee4a0?, 0xc000012228?})
/home/user/repos/infosecual-go-yaml/decode.go:1718 +0x19a
github.com/goccy/go-yaml.UnmarshalContext({0x7e4e10, 0xa43f20}, {0xc00030fc58, 0x2, 0x8}, {0x6ee4a0, 0xc000012228}, {0x0, 0x0, 0x0})
/home/user/repos/infosecual-go-yaml/yaml.go:191 +0x225
github.com/goccy/go-yaml.UnmarshalWithOptions(...)
/home/user/repos/infosecual-go-yaml/yaml.go:185
github.com/goccy/go-yaml.Unmarshal(...)
/home/user/repos/infosecual-go-yaml/yaml.go:179
github.com/goccy/go-yaml_test.TestUnmarshalOctet(0xc0000d0d00)
/home/user/repos/infosecual-go-yaml/yaml_test.go:53 +0x7c
testing.tRunner(0xc0000d0d00, 0x77b7c0)
/usr/local/go/src/testing/testing.go:1689 +0xfb
created by testing.(*T).Run in goroutine 1
/usr/local/go/src/testing/testing.go:1742 +0x390
FAIL github.com/goccy/go-yaml 0.005s
FAIL