You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If the bytes in the byte slice passed to msgpack.Unmarshal change after msgpack.Unmarshal returns, any of the unmarshaled strings may change their contents, violating the expectation that Go strings are immutable. This is probably due to the use of unsafe.Pointer in decoder.asString. This is surprising behavior which can really screw things up in Go if the original byte slice was a buffer whose contents are replaced on each message.
The simplest fix I can see is to document this behavior and warn not to reuse the underlying byte array until any strings are expunged. Discontinuing this behavior would likely have a dramatic negative impact on performance. The most complex fix would be to make the behavior of asString configurable, which would let the users decide if they want to sacrifice sanity for efficiency. (And this is an insane behavior -- consider what happens if the resulting string was used as a map key by an unsuspecting user.)
The text was updated successfully, but these errors were encountered:
swdunlop
added a commit
to swdunlop/msgpack
that referenced
this issue
Jul 10, 2021
If the bytes in the byte slice passed to
msgpack.Unmarshalchange aftermsgpack.Unmarshalreturns, any of the unmarshaled strings may change their contents, violating the expectation that Go strings are immutable. This is probably due to the use ofunsafe.Pointerin decoder.asString. This is surprising behavior which can really screw things up in Go if the original byte slice was a buffer whose contents are replaced on each message.See https://play.golang.org/p/YQyb8ie8Qqd for a simple repro of the issue.
The simplest fix I can see is to document this behavior and warn not to reuse the underlying byte array until any strings are expunged. Discontinuing this behavior would likely have a dramatic negative impact on performance. The most complex fix would be to make the behavior of
asStringconfigurable, which would let the users decide if they want to sacrifice sanity for efficiency. (And this is an insane behavior -- consider what happens if the resulting string was used as a map key by an unsuspecting user.)The text was updated successfully, but these errors were encountered: