From f21906a9b031d78295a5f72394b352fa2c491bca Mon Sep 17 00:00:00 2001
From: Tevic <tevic.tt@gmail.com>
Date: Tue, 31 Aug 2021 21:05:04 +0800
Subject: [PATCH 1/2] fix: check obj type in protobufBinding

---
 binding/protobuf.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/binding/protobuf.go b/binding/protobuf.go
index ca02897a9f..a4e471535c 100644
--- a/binding/protobuf.go
+++ b/binding/protobuf.go
@@ -5,6 +5,7 @@
 package binding
 
 import (
+	"errors"
 	"io/ioutil"
 	"net/http"
 
@@ -26,7 +27,11 @@ func (b protobufBinding) Bind(req *http.Request, obj interface{}) error {
 }
 
 func (protobufBinding) BindBody(body []byte, obj interface{}) error {
-	if err := proto.Unmarshal(body, obj.(proto.Message)); err != nil {
+	msg, ok := obj.(proto.Message)
+	if !ok {
+		return errors.New("obj is not ProtoMessage")
+	}
+	if err := proto.Unmarshal(body, msg); err != nil {
 		return err
 	}
 	// Here it's same to return validate(obj), but util now we can't add

From 479ec1aad0bc763721d902c46c37f567a9c4e1c7 Mon Sep 17 00:00:00 2001
From: Tevic <tevic.tt@gmail.com>
Date: Wed, 1 Sep 2021 12:48:43 +0800
Subject: [PATCH 2/2] fix: UnitTest for invalid proto obj

---
 binding/binding_test.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/binding/binding_test.go b/binding/binding_test.go
index 17df7dc59d..5b0ce39d3e 100644
--- a/binding/binding_test.go
+++ b/binding/binding_test.go
@@ -1339,6 +1339,13 @@ func testProtoBodyBindingFail(t *testing.T, b Binding, name, path, badPath, body
 	err := b.Bind(req, &obj)
 	assert.Error(t, err)
 
+	invalid_obj := FooStruct{}
+	req.Body = ioutil.NopCloser(strings.NewReader(`{"msg":"hello"}`))
+	req.Header.Add("Content-Type", MIMEPROTOBUF)
+	err = b.Bind(req, &invalid_obj)
+	assert.Error(t, err)
+	assert.Equal(t, err.Error(), "obj is not ProtoMessage")
+
 	obj = protoexample.Test{}
 	req = requestWithBody("POST", badPath, badBody)
 	req.Header.Add("Content-Type", MIMEPROTOBUF)