protoparse: panic in (*basicCompositeNode).start

[johanbrandhorst]

Hi!

I tried fuzzing 1.7.0 with the help of @bradleyjkemp's excellent fuzzing method from #271 and ran into a pretty interesting panic. It is reproduced by using a file with a single 0. This reproduces the panic:

package main

import (
	"fmt"
	"io"
	"io/ioutil"
	"strings"

	"github.com/jhump/protoreflect/desc/protoparse"
)

func main() {
	parser := &protoparse.Parser{
		Accessor: func(_ string) (closer io.ReadCloser, e error) {
			return ioutil.NopCloser(strings.NewReader("0")), nil
		},
	}

	_, err := parser.ParseFiles("foo")
	if err != nil {
		fmt.Println("Error!", err)
	}
	fmt.Println("Success!")
}

I'd like to take this moment to re-state the case for continuous fuzzing of protoparse. It's a prime example of a library that will benefit from it, since it fundamentally works on arbitrary user-supplied bytes. As already mentioned by Bradley, there are platforms that provide free fuzzing for open source projects, and it'd be great to integrate it with protoreflect.

[bufdev]

bufbuild/buf#107