Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

nil pointer panic when Unmarshal with a empty file #508

Closed
hanxiatu-fc opened this issue Nov 3, 2020 · 0 comments · Fixed by #512
Closed

nil pointer panic when Unmarshal with a empty file #508

hanxiatu-fc opened this issue Nov 3, 2020 · 0 comments · Fixed by #512

Comments

@hanxiatu-fc
Copy link

hanxiatu-fc commented Nov 3, 2020

panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x40 pc=0x595a84]

goroutine 1 [running]:
github.com/json-iterator/go.(*Iterator).ReadVal(0xc00016c000, 0x0, 0x0)
	C:/Users/f00515581/go/pkg/mod/github.com/json-iterator/go@v1.1.10/reflect.go:68 +0x2d4
github.com/json-iterator/go.(*frozenConfig).Unmarshal(0xc000058140, 0x2c270000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
	C:/Users/f00515581/go/pkg/mod/github.com/json-iterator/go@v1.1.10/config.go:348 +0xd6
github.com/json-iterator/go.Unmarshal(...)
	C:/Users/f00515581/go/pkg/mod/github.com/json-iterator/go@v1.1.10/adapter.go:16
jsoniter.Fuzz(0x2c270000, 0x0, 0x0, 0x6b0)
	D:/workspace/go/fuzz_test/jsoniter/fuzz.go:19 +0x18b
go-fuzz-dep.Main(0xc000119f70, 0x1, 0x1)
	go-fuzz-dep/main.go:36 +0x1b4
main.main()
	jsoniter/go.fuzz.main/main.go:15 +0x59
exit status 2

We can reproduce the problem just by call json.Unmarshal(data, nil)

in github.com/json-iterator/go@v1.1.10/reflect.go

67		typ := reflect2.TypeOf(obj)    // when we call json.Unmarshal(anydata, nil), obj is nil, so typ is nil
68		if typ.Kind() != reflect.Ptr { // nil pointer dereference on typ

How did I find the problem?

I refer to the test cases and test corpus for std json in the go-fuzz project to test json-iterator.

see : https://github.com/dvyukov/go-fuzz-corpus/tree/master/json

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant