Merge pull request #25436 from smarterclayton/defend_proto

Add a defensive sanity check to protobuf marshal
2025-09-15 22:20:51 +00:00 · 2016-05-13 10:45:58 -07:00
parent 7bf10eb502 eea748b14f
commit 1616239b4a
1 changed files with 9 additions and 0 deletions
--- a/pkg/runtime/types_proto.go
+++ b/pkg/runtime/types_proto.go
@@ -16,6 +16,10 @@ limitations under the License.

 package runtime

+import (
+	"fmt"
+)
+
 type ProtobufMarshaller interface {
 	MarshalTo(data []byte) (int, error)
 }
@@ -44,6 +48,11 @@ func (m *Unknown) NestedMarshalTo(data []byte, b ProtobufMarshaller, size uint64
 		if err != nil {
 			return 0, err
 		}
+		if uint64(n2) != size {
+			// programmer error: the Size() method for protobuf does not match the results of MarshalTo, which means the proto
+			// struct returned would be wrong.
+			return 0, fmt.Errorf("the Size() value of %T was %d, but NestedMarshalTo wrote %d bytes to data", b, size, n2)
+		}
 		i += n2
 	}