html/template: prevent panic when escaping actions involving chain nodes

dspezia · robpike · commit f6853369c315 · 2015-06-01T20:52:04.000Z
The current escape code panics when an action involves chain nodes. Such nodes can be seen in the following situation: {{ . | AAA.B }} - AAA being a registered function The above expression is actually valid, because AAA could return a map containing a B key. The tests in text/template explicitly demonstrate this case. Fix allIdents to cover also chain nodes. While I was investigating this issue, I realized that the tests introduced in similar CL 9621 were incorrect. Parse errors were caught as expected, but for the wrong reason. Fixed them as well. No changes in text/template code itself. Fixes #10801 Change-Id: Ic9fe43b63669298ca52c3f499e2725dd2bb818a8 Reviewed-on: https://go-review.googlesource.com/10340 Reviewed-by: Rob Pike <r@golang.org>
diff --git a/src/html/template/escape.go b/src/html/template/escape.go
@@ -205,13 +205,15 @@ func (e *escaper) escapeAction(c context, n *parse.ActionNode) context {
 }
 
 // allIdents returns the names of the identifiers under the Ident field of the node,
-// which might be a singleton (Identifier) or a slice (Field).
+// which might be a singleton (Identifier) or a slice (Field or Chain).
 func allIdents(node parse.Node) []string {
 	switch node := node.(type) {
 	case *parse.IdentifierNode:
 		return []string{node.Ident}
 	case *parse.FieldNode:
 		return node.Ident
+	case *parse.ChainNode:
+		return node.Field
 	}
 	panic("unidentified node type in allIdents")
 }
diff --git a/src/html/template/escape_test.go b/src/html/template/escape_test.go
@@ -1557,6 +1557,18 @@ func TestEnsurePipelineContains(t *testing.T) {
 			".X | urlquery | html | print 2 | .f 3",
 			[]string{"urlquery", "html"},
 		},
+		{
+			// covering issue 10801
+			"{{.X | js.x }}",
+			".X | js.x | urlquery | html",
+			[]string{"urlquery", "html"},
+		},
+		{
+			// covering issue 10801
+			"{{.X | (print 12 | js).x }}",
+			".X | (print 12 | js).x | urlquery | html",
+			[]string{"urlquery", "html"},
+		},
 	}
 	for i, test := range tests {
 		tmpl := template.Must(template.New("test").Parse(test.input))
diff --git a/src/text/template/parse/parse_test.go b/src/text/template/parse/parse_test.go
@@ -272,8 +272,8 @@ var parseTests = []parseTest{
 	// Wrong pipeline
 	{"wrong pipeline dot", "{{12|.}}", hasError, ""},
 	{"wrong pipeline number", "{{.|12|printf}}", hasError, ""},
-	{"wrong pipeline string", "{{.|print|\"error\"}}", hasError, ""},
-	{"wrong pipeline char", "{{12|print|html|'e'}}", hasError, ""},
+	{"wrong pipeline string", "{{.|printf|\"error\"}}", hasError, ""},
+	{"wrong pipeline char", "{{12|printf|'e'}}", hasError, ""},
 	{"wrong pipeline boolean", "{{.|true}}", hasError, ""},
 	{"wrong pipeline nil", "{{'c'|nil}}", hasError, ""},
 	{"empty pipeline", `{{printf "%d" ( ) }}`, hasError, ""},

Original file line number	Diff line number	Diff line change
`@@ -205,13 +205,15 @@ func (e escaper) escapeAction(c context, n parse.ActionNode) context {`
`205`	`205`	`}`
`206`	`206`
`207`	`207`	`// allIdents returns the names of the identifiers under the Ident field of the node,`
`208`		`-// which might be a singleton (Identifier) or a slice (Field).`
	`208`	`+// which might be a singleton (Identifier) or a slice (Field or Chain).`
`209`	`209`	`func allIdents(node parse.Node) []string {`
`210`	`210`	`switch node := node.(type) {`
`211`	`211`	`case *parse.IdentifierNode:`
`212`	`212`	`return []string{node.Ident}`
`213`	`213`	`case *parse.FieldNode:`
`214`	`214`	`return node.Ident`
	`215`	`+ case *parse.ChainNode:`
	`216`	`+ return node.Field`
`215`	`217`	`}`
`216`	`218`	`panic("unidentified node type in allIdents")`
`217`	`219`	`}`