fix: fixes a possible panic in NewYAMLToJSONDecoder

tigrato · k8s-publishing-bot · commit a3d1fde23c29 · 2025-05-09T18:27:20.000+01:00
This PR fixes a possible panic caused by decoding a JSON document
followed by a YAML document that is shorter than the first json
document.

This can cause a panic because the stream already consumed the JSON
data. When we fallback to YAML reader, the YAML starts with a zero
offset while the stream consumed data is non-zero. This could lead into
consuming negative bytes because `d.yaml.InputOffset() -
d.stream.Consumed()` is negative which will cause a panic.

Signed-off-by: Tiago Silva &lt;tiago.silva@goteleport.com&gt;

Kubernetes-commit: a257be82995ab689659c98dfb6336d63f677641d
diff --git a/pkg/util/yaml/decoder.go b/pkg/util/yaml/decoder.go
@@ -247,10 +247,12 @@ func splitYAMLDocument(data []byte, atEOF bool) (advance int, token []byte, err
 // finding a non-YAML-delimited series of objects), it will not switch to YAML.
 // Once it switches to YAML it will not switch back to JSON.
 type YAMLOrJSONDecoder struct {
-	json   *json.Decoder
-	yaml   *YAMLToJSONDecoder
-	stream *StreamReader
-	count  int // how many objects have been decoded
+	json         *json.Decoder
+	jsonConsumed int64 // of the stream total, how much was JSON?
+	yaml         *YAMLToJSONDecoder
+	yamlConsumed int64 // of the stream total, how much was YAML?
+	stream       *StreamReader
+	count        int // how many objects have been decoded
 }
 
 type JSONSyntaxError struct {
@@ -299,8 +301,10 @@ func (d *YAMLOrJSONDecoder) Decode(into interface{}) error {
 	if d.json != nil {
 		err := d.json.Decode(into)
 		if err == nil {
-			d.stream.Consume(int(d.json.InputOffset()) - d.stream.Consumed())
 			d.count++
+			consumed := d.json.InputOffset() - d.jsonConsumed
+			d.stream.Consume(int(consumed))
+			d.jsonConsumed += consumed
 			return nil
 		}
 		if err == io.EOF { //nolint:errorlint
@@ -334,7 +338,9 @@ func (d *YAMLOrJSONDecoder) Decode(into interface{}) error {
 	if d.yaml != nil {
 		err := d.yaml.Decode(into)
 		if err == nil {
-			d.stream.Consume(d.yaml.InputOffset() - d.stream.Consumed())
+			consumed := int64(d.yaml.InputOffset()) - d.yamlConsumed
+			d.stream.Consume(int(consumed))
+			d.yamlConsumed += consumed
 			d.count++
 			return nil
 		}
@@ -375,6 +381,7 @@ func (d *YAMLOrJSONDecoder) consumeWhitespace() error {
 		if err == io.EOF { //nolint:errorlint
 			break
 		}
+		consumed += sz
 	}
 	return io.EOF
 }
diff --git a/pkg/util/yaml/decoder_test.go b/pkg/util/yaml/decoder_test.go
@@ -343,6 +343,17 @@ func TestYAMLOrJSONDecoder(t *testing.T) {
 			{"foo": "bar"},
 			{"baz": "biz"},
 		}},
+		// First document is JSON, second is YAML but with smaller size.
+		{"{\"foo\": \"bar\"}\n---\na: b", 100, false, false, []generic{
+			{"foo": "bar"},
+			{"a": "b"},
+		}},
+		// First document is JSON, second is YAML,but with smaller size and
+		// trailing whitespace.
+		{"{\"foo\": \"bar\"}    \n---\na: b", 100, false, false, []generic{
+			{"foo": "bar"},
+			{"a": "b"},
+		}},
 		// First document is JSON, second is YAML, longer than the buffer
 		{"{\"foo\": \"bar\"}\n---\n{baz: biz0123456780123456780123456780123456780123456789}", 20, false, false, []generic{
 			{"foo": "bar"},
