Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segmentation fault on 'from_xml' with invalid input #1888

Closed
afarah1 opened this issue Dec 1, 2023 · 2 comments
Closed

Segmentation fault on 'from_xml' with invalid input #1888

afarah1 opened this issue Dec 1, 2023 · 2 comments
Labels
bug v4

Comments

@afarah1
Copy link

afarah1 commented Dec 1, 2023

Describe the bug

yq yields SIGSEGV in a reproducible way for the input below.

Version of yq: 4.40.3
Operating system: macOS Sonoma 14.1
Installed via: homebrew

Input XML

<?xml version="1.0" encoding="UTF-8"?></Child></Root>

Command

yq -v 'from_xml' </tmp/empty.xml

Actual behavior

11:35:37 maybeFile [DEBU] checking 'from_xml' is a file
11:35:37 maybeFile [DEBU] error: stat from_xml: no such file or directory
11:35:37 maybeFile [DEBU] result: false
11:35:37 processStdInArgs [DEBU] missing '-', adding it to the end
11:35:37 processArgs [DEBU] processed args: [from_xml -]
11:35:37 maybeFile [DEBU] checking 'from_xml' is a file
11:35:37 maybeFile [DEBU] error: stat from_xml: no such file or directory
11:35:37 maybeFile [DEBU] result: false
11:35:37 processArgs [DEBU] assuming expression is 'from_xml'
11:35:37 FormatFromFilename [DEBU] checking file extension '-' for auto format detection
11:35:37 FormatFromFilename [DEBU] using default inputFormat 'yaml'
11:35:37 initCommand [DEBU] Using input format yaml
11:35:37 initCommand [DEBU] Using output format yaml
11:35:37 ParseExpression [DEBU] Parsing expression: [from_xml]
11:35:37 handleToken [DEBU] processing DECODE (50)
11:35:37 handleToken [DEBU]   adding token to the fixed list
11:35:37 ConvertToPostfix [DEBU] postfix processing currentToken DECODE (50)
11:35:37 ConvertToPostfix [DEBU] put DECODE (50) onto the opstack
11:35:37 ConvertToPostfix [DEBU] postfix processing currentToken )
11:35:37 popOpToResult [DEBU] popped DECODE (50) from opstack to results
11:35:37 ConvertToPostfix [DEBU] opstackLen: 0
11:35:37 ConvertToPostfix [DEBU] PostFix Result:
11:35:37 ConvertToPostfix [DEBU] > DECODE
11:35:37 createExpressionTree [DEBU] pathTree DECODE 
11:35:37 UnmarshalYAML [DEBU] UnmarshalYAML !!str
11:35:37 UnmarshalYAML [DEBU] UnmarshalYAML -  a scalar
11:35:37 GetMatchingNodes [DEBU] Processing Op: DECODE
11:35:37 GetMatchingNodes [DEBU] D0, P, ScalarNode (!!str)::<?xml version="1.0" encoding="UTF-8"?></Child></Root>
11:35:37 decodeOperator [DEBU] got: [<?xml version="1.0" encoding="UTF-8"?></Child></Root>]
11:35:37 AddChild [DEBU] looking for +p_xml
11:35:37 AddChild [DEBU] not there, making a new one +p_xml
11:35:37 decodeXML [DEBU] end element 
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x2 addr=0x10 pc=0x104c7a390]

goroutine 1 [running]:
github.com/mikefarah/yq/v4/pkg/yqlib.(*xmlDecoder).decodeXML(0x1400029c4d0, 0x14000082660)
	github.com/mikefarah/yq/v4/pkg/yqlib/decoder_xml.go:302 +0x1b0
github.com/mikefarah/yq/v4/pkg/yqlib.(*xmlDecoder).Decode(0x1400029c4d0)
	github.com/mikefarah/yq/v4/pkg/yqlib/decoder_xml.go:173 +0x40
github.com/mikefarah/yq/v4/pkg/yqlib.decodeOperator(0x14000021680?, {0x140002a0060, 0x140002a01b0, 0x0, {0x0, 0x0}}, 0x0?)
	github.com/mikefarah/yq/v4/pkg/yqlib/operator_encoder_decoder.go:147 +0x2f4
github.com/mikefarah/yq/v4/pkg/yqlib.(*dataTreeNavigator).GetMatchingNodes(0x0?, {0x140002a0060, 0x0, 0x0, {0x0, 0x0}}, 0x1400000e5a0)
	github.com/mikefarah/yq/v4/pkg/yqlib/data_tree_navigator.go:54 +0x1b8
github.com/mikefarah/yq/v4/pkg/yqlib.(*streamEvaluator).Evaluate(0x140000efbb0, {0x104de9850, 0x1}, {0x104ea54d8?, 0x140000825a0?}, 0x104e894e0?, {0x104ea8388, 0x1400027bea0}, {0x104ea63d8, 0x1400027bf10})
	github.com/mikefarah/yq/v4/pkg/yqlib/stream_evaluator.go:101 +0x27c
github.com/mikefarah/yq/v4/pkg/yqlib.(*streamEvaluator).EvaluateFiles(0x104d1cc4b?, {0x16b4d3856, 0x8}, {0x140000748b0, 0x1, 0x0?}, {0x104ea8388, 0x1400027bea0}, {0x104ea63d8, 0x1400027bf10})
	github.com/mikefarah/yq/v4/pkg/yqlib/stream_evaluator.go:58 +0x108
github.com/mikefarah/yq/v4/cmd.evaluateSequence(0x14000200300?, {0x140000748a0, 0x1, 0x2})
	github.com/mikefarah/yq/v4/cmd/evaluate_sequence_command.go:138 +0x6d4
github.com/spf13/cobra.(*Command).execute(0x14000200300, {0x14000074880, 0x2, 0x2})
	github.com/spf13/cobra@v1.8.0/command.go:983 +0x82c
github.com/spf13/cobra.(*Command).ExecuteC(0x14000200000)
	github.com/spf13/cobra@v1.8.0/command.go:1115 +0x344
github.com/spf13/cobra.(*Command).Execute(0x140000304b0?)
	github.com/spf13/cobra@v1.8.0/command.go:1039 +0x1c
main.main()
	github.com/mikefarah/yq/v4/yq.go:22 +0x1a0

Expected behavior

Not segfault.
mikefarah added a commit that referenced this issue Dec 5, 2023
@mikefarah
Fixing sef fault on bad XML #1888
d474bb8
@mikefarah
Copy link
Owner

Thanks for raising, will fix in next release. Oddly the underlying XML parser does not raise an error itself which is why yq got in a bad state.

@mikefarah
Copy link
Owner

Fixed in 4.40.5

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug v4
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mikefarah @afarah1