From e122ebabb657021964f2bdd31e683ddfa023fd0c Mon Sep 17 00:00:00 2001
From: Ian Lance Taylor <iant@golang.org>
Date: Tue, 20 Jun 2023 09:38:39 -0700
Subject: [PATCH] encoding/binary: on invalid type return -1 from Size

Size is defined as returning -1 if the type is not fixed-size.
Before this CL cases like Size((*[]int)(nil)) would crash.

Fixes #60892

Change-Id: Iee8e20a0aee24b542b78cb4160c3b2c5a3eb02c2
Reviewed-on: https://go-review.googlesource.com/c/go/+/504575
Auto-Submit: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Robert Griesemer <gri@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Bryan Mills <bcmills@google.com>
---
 src/encoding/binary/binary.go      |  7 +++++--
 src/encoding/binary/binary_test.go | 20 ++++++++++++++++++++
 2 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/src/encoding/binary/binary.go b/src/encoding/binary/binary.go
index 158e3e9d7f..3fb18a7a03 100644
--- a/src/encoding/binary/binary.go
+++ b/src/encoding/binary/binary.go
@@ -479,7 +479,6 @@ func dataSize(v reflect.Value) int {
 		if s := sizeof(v.Type().Elem()); s >= 0 {
 			return s * v.Len()
 		}
-		return -1
 
 	case reflect.Struct:
 		t := v.Type()
@@ -491,8 +490,12 @@ func dataSize(v reflect.Value) int {
 		return size
 
 	default:
-		return sizeof(v.Type())
+		if v.IsValid() {
+			return sizeof(v.Type())
+		}
 	}
+
+	return -1
 }
 
 // sizeof returns the size >= 0 of variables for the given type or -1 if the type is not acceptable.
diff --git a/src/encoding/binary/binary_test.go b/src/encoding/binary/binary_test.go
index 4e1fb59f03..4b22b28843 100644
--- a/src/encoding/binary/binary_test.go
+++ b/src/encoding/binary/binary_test.go
@@ -351,6 +351,26 @@ func TestSizeStructCache(t *testing.T) {
 	}
 }
 
+func TestSizeInvalid(t *testing.T) {
+	testcases := []any{
+		int(0),
+		new(int),
+		(*int)(nil),
+		[1]uint{},
+		new([1]uint),
+		(*[1]uint)(nil),
+		[]int{},
+		[]int(nil),
+		new([]int),
+		(*[]int)(nil),
+	}
+	for _, tc := range testcases {
+		if got := Size(tc); got != -1 {
+			t.Errorf("Size(%T) = %d, want -1", tc, got)
+		}
+	}
+}
+
 // An attempt to read into a struct with an unexported field will
 // panic. This is probably not the best choice, but at this point
 // anything else would be an API change.
-- 
2.48.1