Fix issues discovered through fuzz testing #2659
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The type checker was panicing when given a reference to an object with
a composite key because internally it infers the key type using
ast.ValueToInterface (which returns map[string]interface{} and not
map[interface{}]interface{}). This change updates the types package to
support map[string]interface{} internally.
Fixing the TypeOf function resolved the panic but it surfaced another
issue in the type checker where errors were returned if objects or
arrays were dereferenced with composite keys--in case of arrays, the
result is undefined but in the case of objects, this is valid.
Fixes open-policy-agent#2648
Signed-off-by: Torin Sandall <torinsandall@gmail.com>
Previously the compiler was not rewriting expr terms in the rule args. In particular, this meant that indirect refs were not being rewritten. This would lead to panics in the safety check which assume that indirect refs have been rewritten (in other words, that reference heads are always variables.) This commit just updates the expr term rewriting to process rule args as it does for the rule head key and value terms. Fixes open-policy-agent#2649 Signed-off-by: Torin Sandall <torinsandall@gmail.com>
tsandall
changed the title
patrick-east
approved these changes
Aug 25, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains a few combined commits that fix panics found through fuzz testing.