[fix] serial: reject malformed envelope payloads and trailing data on loads (LET-26)#165
Conversation
… loads
serial.loads violated its own "lossless or a clear error" contract in
two ways:
1. Each tag decoder type-asserted the "v" payload and discarded the ok
flag, so a wrong-typed payload became the zero value instead of an
error: loads('{"$t":"tuple","v":123}') returned an empty tuple,
"set"/"mapkv" an empty set/dict, "bytes" empty bytes. (time/bigint
already errored, but reported the coerced "" instead of the real
payload.) Each decoder now checks the assertion and errors with
"invalid <tag> payload".
2. loads decoded only the first JSON value and ignored the rest, so
loads('1 2') returned 1. Reject trailing content with dec.More()
(trailing whitespace still passes).
README "Errors on" list updated to match. Test-first: new sections in
serial_test cover both. Requirement: LET-26.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Up to standards ✅🟢 Issues
|
| Metric | Results |
|---|---|
| Complexity | 6 |
| Duplication | 0 |
🟢 Coverage 100.00% diff coverage · +0.03% coverage variation
Metric Results Coverage variation ✅ +0.03% coverage variation (-1.00%) Diff coverage ✅ 100.00% diff coverage Coverage variation details
Coverable lines Covered lines Coverage Common ancestor commit (433eae0) 7692 7276 94.59% Head commit (ff738c0) 7713 (+21) 7298 (+22) 94.62% (+0.03%) Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch:
<coverage of head commit> - <coverage of common ancestor commit>Diff coverage details
Coverable lines Covered lines Diff coverage Pull request (#165) 28 28 100.00% Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified:
<covered lines added or modified>/<coverable lines added or modified> * 100%
NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #165 +/- ##
==========================================
+ Coverage 93.39% 93.42% +0.03%
==========================================
Files 49 49
Lines 6177 6191 +14
==========================================
+ Hits 5769 5784 +15
+ Misses 260 258 -2
- Partials 148 149 +1 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
1 participant
What
serial.loadsviolated its own "lossless round-trip or a clear error" contract (README) in two ways:Wrong-typed payloads coerced to empty values. Each tag decoder type-asserted the
vpayload and discarded theokflag, so a payload of the wrong shape became the zero value instead of an error:loads('{"$t":"tuple","v":123}')→ empty tupleloads('{"$t":"set","v":123}')→ empty setloads('{"$t":"mapkv","v":123}')→ empty dictloads('{"$t":"bytes","v":123}')→ empty bytes(
time/bigintdid error, but reported the coerced""rather than the real payload.)Trailing data silently dropped.
loadsdecoded only the first JSON value:loads('1 2')→1,loads('{"a":1}{"b":2}')→{"a":1}.Fix
Each decoder checks its type assertion and errors with
invalid <tag> payload;loadsrejects trailing content viadec.More()(trailing whitespace still passes). The README "Errors on" list is updated to match.Test-first
New sections in
serial_test.gocover the malformed-payload rejections and the trailing-data rejection; both fail before the fix.Verification
go test -race -count=2 ./...,go vet,gofmt -lclean, Dockergolang:1.19race run green.Requirement: LET-26