You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
System.ArgumentException: String cannot be of zero length.
Parameter name: oldValue
at System.String.Replace(String oldValue, String newValue)
at Fluid.Filters.StringFilters.Remove(FluidValue input, FilterArguments arguments, TemplateContext context)
at Fluid.FilterCollection.<>c__DisplayClass1_0.<AddFilter>b__0(FluidValue input, FilterArguments arguments, TemplateContext context)
at Fluid.Ast.FilterExpression.EvaluateAsync(TemplateContext context)
at Fluid.Ast.OutputStatement.WriteToAsync(TextWriter writer, TextEncoder encoder, TemplateContext context)
at Fluid.BaseFluidTemplate`1.RenderAsync(TextWriter writer, TextEncoder encoder, TemplateContext context)
at Fluid.FluidTemplateExtensions.RenderAsync(IFluidTemplate template, TemplateContext context, TextEncoder encoder)
at Fluid.FluidTemplateExtensions.Render(IFluidTemplate template, TemplateContext context)
at Fluid.Fuzz.Program.Run(User model, String template) in /Users/Metalnem/Projects/sharpfuzz-samples/Fluid/Fluid.Fuzz/Program.cs:line 46
System.DivideByZeroException: Attempted to divide by zero.
at Fluid.Filters.NumberFilters.Modulo(FluidValue input, FilterArguments arguments, TemplateContext context)
at Fluid.FilterCollection.<>c__DisplayClass1_0.<AddFilter>b__0(FluidValue input, FilterArguments arguments, TemplateContext context)
at Fluid.Ast.FilterExpression.EvaluateAsync(TemplateContext context)
at Fluid.Ast.OutputStatement.WriteToAsync(TextWriter writer, TextEncoder encoder, TemplateContext context)
at Fluid.BaseFluidTemplate`1.RenderAsync(TextWriter writer, TextEncoder encoder, TemplateContext context)
at Fluid.FluidTemplateExtensions.RenderAsync(IFluidTemplate template, TemplateContext context, TextEncoder encoder)
at Fluid.FluidTemplateExtensions.Render(IFluidTemplate template, TemplateContext context)
at Fluid.Fuzz.Program.Run(User model, String template) in /Users/Metalnem/Projects/sharpfuzz-samples/Fluid/Fluid.Fuzz/Program.cs:line 46
System.NullReferenceException: Object reference not set to an instance of an object.
at Fluid.DefaultFluidParser.BuildForStatement(BlockContext context)
at Fluid.DefaultFluidParser.BuildTagStatement(ParseTreeNode node)
at Fluid.DefaultFluidParser.TryParse(String template, Boolean stripEmptyLines, List`1& result, IEnumerable`1& errors)
at Fluid.BaseFluidTemplate`1.TryParse(String template, Boolean stripEmptyLines, T& result, IEnumerable`1& errors)
at Fluid.BaseFluidTemplate`1.TryParse(String template, T& result)
at Fluid.Fuzz.Program.Run(User model, String template) in /Users/Metalnem/Projects/sharpfuzz-samples/Fluid/Fluid.Fuzz/Program.cs:line 43
System.ArgumentOutOfRangeException: Specified argument was out of the range of valid values.
Parameter name: offset
at Microsoft.Extensions.Primitives.ThrowHelper.ThrowArgumentOutOfRangeException(ExceptionArgument argument)
at Microsoft.Extensions.Primitives.StringSegment.Subsegment(Int32 offset, Int32 length)
at Fluid.DefaultFluidParser.ConsumeTag(StringSegment segment, Int32 start, String endTag, Int32& end)
at Fluid.DefaultFluidParser.TryParse(String template, Boolean stripEmptyLines, List`1& result, IEnumerable`1& errors)
at Fluid.BaseFluidTemplate`1.TryParse(String template, Boolean stripEmptyLines, T& result, IEnumerable`1& errors)
at Fluid.BaseFluidTemplate`1.TryParse(String template, T& result)
at Fluid.Fuzz.Program.Run(User model, String template) in /Users/Metalnem/Projects/sharpfuzz-samples/Fluid/Fluid.Fuzz/Program.cs:line 43
System.OverflowException: Value was either too large or too small for an Int32.
at System.Convert.ToInt32(Double value)
at Fluid.Filters.NumberFilters.Modulo(FluidValue input, FilterArguments arguments, TemplateContext context)
at Fluid.FilterCollection.<>c__DisplayClass1_0.<AddFilter>b__0(FluidValue input, FilterArguments arguments, TemplateContext context)
at Fluid.Ast.FilterExpression.EvaluateAsync(TemplateContext context)
at Fluid.Ast.FilterExpression.EvaluateAsync(TemplateContext context)
at Fluid.Ast.OutputStatement.WriteToAsync(TextWriter writer, TextEncoder encoder, TemplateContext context)
at Fluid.BaseFluidTemplate`1.RenderAsync(TextWriter writer, TextEncoder encoder, TemplateContext context)
at Fluid.FluidTemplateExtensions.RenderAsync(IFluidTemplate template, TemplateContext context, TextEncoder encoder)
at Fluid.FluidTemplateExtensions.Render(IFluidTemplate template, TemplateContext context)
at Fluid.Fuzz.Program.Run(User model, String template) in /Users/Metalnem/Projects/sharpfuzz-samples/Fluid/Fluid.Fuzz/Program.cs:line 46
You can find the fuzzing project I'm using here, and some basic Liquid dictionary file here.
The fuzzing project and the dictionary can be greatly improved (for example, by using more Fluid functions, making a more complicated model, or introducing more data types), but I'm leaving that to you if you are interested :)
The text was updated successfully, but these errors were encountered:
@Metalnem was having a crack at trying to fix these, I've wrapped your scenario in a test case, I've solved 2/5 but the filter parameter errors are being thrown at RenderAsync time, not in the Build phase, which is not ideal. If anyone has guidance on how to get possibly the BuildFilterExpression to guard against mandatory filter params is appreciated and I can try to get a full PR through. (https://github.com/jafin/fluid/tree/fix/Issue148_Tests)
EDIT: I have a branch up that can cover the 5 examples above, and return ParserErrors before hitting RenderAsync. NOTE: I have not investigated further any additional failures your fuzz tests produce, limiting scope only to the above.
jafin
added a commit
to jafin/fluid
that referenced
this issue
Sep 8, 2019
FluidTemplate.TryParse and FluidTemplateExtensions.Render can throw bunch of unexpected exceptions. The ones I've found so far are:
To reproduce all of them, run the following program on .NET Core 2.2 with the latest Fluid beta (Fluid.Core 1.0.0-beta-9588):
It should produce output similar to this:
You can find the fuzzing project I'm using here, and some basic Liquid dictionary file here.
The fuzzing project and the dictionary can be greatly improved (for example, by using more Fluid functions, making a more complicated model, or introducing more data types), but I'm leaving that to you if you are interested :)
The text was updated successfully, but these errors were encountered: