html/template: nil pointer dereference

Question

html/template: nil pointer dereference

dvyukov opened this issue 9 years ago · comments

The following program crashes with panic:

package main

import (
    "html/template"
    "io/ioutil"
)

func main() {
    t, err := template.New("foo").Parse(string(data))
    if err != nil {
        return
    }
    t.Execute(ioutil.Discard, nil)
}

var data = "{{\"\"|print \"\"|.f \"\"}}"

panic: runtime error: invalid memory address or nil pointer dereference

goroutine 1 [running]:
html/template.ensurePipelineContains(0x2083920a0, 0x20833eae0, 0x1, 0x3)
    src/html/template/escape.go:265 +0x1674
html/template.(*escaper).commit(0x208367d20)
    src/html/template/escape.go:749 +0x36c
html/template.escapeTemplate(0x20833e660, 0x22084e13d0, 0x20833e750, 0x1be2c0, 0x3, 0x0, 0x0)
    src/html/template/escape.go:39 +0x46c
html/template.(*Template).escape(0x20833e660, 0x0, 0x0)
    src/html/template/template.go:85 +0x389
html/template.(*Template).Execute(0x20833e660, 0x22084e1288, 0x2083363c0, 0x0, 0x0, 0x0, 0x0)
    src/html/template/template.go:101 +0x37
main.main()
    test.go:13 +0x25a

go version devel +fbb4c74 Sat May 2 02:48:32 2015 +0000 darwin/amd64

Didier Spezia · Answer 1 · Thu May 07 2015 06:29:09 GMT+0800 (China Standard Time)

The syntax of the template is correct, since .f can be a method. This issue can be caught at execution time. Mailing a CL.

GopherBot · Answer 2 · Thu May 07 2015 07:00:20 GMT+0800 (China Standard Time)

CL https://golang.org/cl/9801 mentions this issue.