From a8c995f77ce41914c2fdee3f1710f5476f136c3a Mon Sep 17 00:00:00 2001
From: Simon Pasquier <spasquie@redhat.com>
Date: Tue, 10 Apr 2018 10:11:40 +0200
Subject: [PATCH 1/2] nflog: fix potential panic in decodeState()

Signed-off-by: Simon Pasquier <spasquie@redhat.com>
---
 nflog/nflog.go      |  6 ++++++
 nflog/nflog_test.go | 11 +++++++++++
 2 files changed, 17 insertions(+)

diff --git a/nflog/nflog.go b/nflog/nflog.go
index ca2924c8..5ae46517 100644
--- a/nflog/nflog.go
+++ b/nflog/nflog.go
@@ -37,6 +37,9 @@ import (
 // ErrNotFound is returned for empty query results.
 var ErrNotFound = errors.New("not found")
 
+// ErrInvalidState is returned if the state isn't valid.
+var ErrInvalidState = fmt.Errorf("invalid state")
+
 // query currently allows filtering by and/or receiver group key.
 // It is configured via QueryParameter functions.
 //
@@ -239,6 +242,9 @@ func decodeState(r io.Reader) (state, error) {
 		var e pb.MeshEntry
 		_, err := pbutil.ReadDelimited(r, &e)
 		if err == nil {
+			if e.Entry == nil || e.Entry.Receiver == nil {
+				return nil, ErrInvalidState
+			}
 			st[stateKey(string(e.Entry.GroupKey), e.Entry.Receiver)] = &e
 			continue
 		}
diff --git a/nflog/nflog_test.go b/nflog/nflog_test.go
index b43b8c72..417af1a8 100644
--- a/nflog/nflog_test.go
+++ b/nflog/nflog_test.go
@@ -296,3 +296,14 @@ func TestQuery(t *testing.T) {
 	require.EqualValues(t, firingAlerts, entry.FiringAlerts)
 	require.EqualValues(t, resolvedAlerts, entry.ResolvedAlerts)
 }
+
+func TestStateDecodingError(t *testing.T) {
+	// Check whether decoding copes with erroneous data.
+	s := state{"": &pb.MeshEntry{}}
+
+	msg, err := s.MarshalBinary()
+	require.NoError(t, err)
+
+	_, err = decodeState(bytes.NewReader(msg))
+	require.Equal(t, ErrInvalidState, err)
+}

From 2d68b4d318292bad93809c60ad06e8594e5af3a4 Mon Sep 17 00:00:00 2001
From: Simon Pasquier <spasquie@redhat.com>
Date: Tue, 10 Apr 2018 10:12:05 +0200
Subject: [PATCH 2/2] silence: fix potential panic in decodeState()

Signed-off-by: Simon Pasquier <spasquie@redhat.com>
---
 silence/silence.go      |  6 ++++++
 silence/silence_test.go | 11 +++++++++++
 2 files changed, 17 insertions(+)

diff --git a/silence/silence.go b/silence/silence.go
index 45268be6..26e3d344 100644
--- a/silence/silence.go
+++ b/silence/silence.go
@@ -40,6 +40,9 @@ import (
 // ErrNotFound is returned if a silence was not found.
 var ErrNotFound = fmt.Errorf("not found")
 
+// ErrInvalidState is returned if the state isn't valid.
+var ErrInvalidState = fmt.Errorf("invalid state")
+
 func utcNow() time.Time {
 	return time.Now().UTC()
 }
@@ -758,6 +761,9 @@ func decodeState(r io.Reader) (state, error) {
 		var s pb.MeshSilence
 		_, err := pbutil.ReadDelimited(r, &s)
 		if err == nil {
+			if s.Silence == nil {
+				return nil, ErrInvalidState
+			}
 			st[s.Silence.Id] = &s
 			continue
 		}
diff --git a/silence/silence_test.go b/silence/silence_test.go
index bde9afbe..febdaf0c 100644
--- a/silence/silence_test.go
+++ b/silence/silence_test.go
@@ -1080,3 +1080,14 @@ func TestStateCoding(t *testing.T) {
 		require.Equal(t, in, out, "decoded data doesn't match encoded data")
 	}
 }
+
+func TestStateDecodingError(t *testing.T) {
+	// Check whether decoding copes with erroneous data.
+	s := state{"": &pb.MeshSilence{}}
+
+	msg, err := s.MarshalBinary()
+	require.NoError(t, err)
+
+	_, err = decodeState(bytes.NewReader(msg))
+	require.Equal(t, ErrInvalidState, err)
+}