Error on conversion to unstructured for invalid json.Marshalers.

If a type's implementation of json.Marshaler returns bytes representing a valid JSON object or array
followed by anything other than trailing whitespace, return an error rather than ignoring the
trailing data. The documentation for the Marshaler interface indicates that implementations
shouldn't do this, but it is safer to check (as json.Marshal does) than to rely on it.

Author: benluddy

Diff for: value/reflectcache.go

@@ -19,7 +19,9 @@ package value
 import (
 	"bytes"
 	"encoding/json"
+	"errors"
 	"fmt"
+	"io"
 	"reflect"
 	"sort"
 	"sync"
@@ -389,6 +391,9 @@ func unmarshal(data []byte, v interface{}) error {
 		if err := decoder.Decode(v); err != nil {
 			return err
 		}
+		if _, err := decoder.Token(); !errors.Is(err, io.EOF) {
+			return errors.New("unexpected trailing data after object end")
+		}
 		// If the decode succeeds, post-process the map to convert json.Number objects to int64 or float64
 		return convertMapNumbers(*v, 0)
 
@@ -401,6 +406,9 @@ func unmarshal(data []byte, v interface{}) error {
 		if err := decoder.Decode(v); err != nil {
 			return err
 		}
+		if _, err := decoder.Token(); !errors.Is(err, io.EOF) {
+			return errors.New("unexpected trailing data after array end")
+		}
 		// If the decode succeeds, post-process the map to convert json.Number objects to int64 or float64
 		return convertSliceNumbers(*v, 0)
 

Diff for: value/reflectcache_test.go

@@ -57,8 +57,9 @@ func (t Time) ToUnstructured() interface{} {
 
 func TestToUnstructured(t *testing.T) {
 	testcases := []struct {
-		Data     string
-		Expected interface{}
+		Data                 string
+		Expected             interface{}
+		ExpectedErrorMessage string
 	}{
 		{Data: `null`, Expected: nil},
 		{Data: `true`, Expected: true},
@@ -69,6 +70,8 @@ func TestToUnstructured(t *testing.T) {
 		{Data: `{"a":1}`, Expected: map[string]interface{}{"a": int64(1)}},
 		{Data: `0`, Expected: int64(0)},
 		{Data: `0.0`, Expected: float64(0)},
+		{Data: `{}}`, ExpectedErrorMessage: "error decoding object from json: unexpected trailing data after object end"},
+		{Data: `[]]`, ExpectedErrorMessage: "error decoding array from json: unexpected trailing data after array end"},
 	}
 
 	for _, tc := range testcases {
@@ -84,7 +87,13 @@ func TestToUnstructured(t *testing.T) {
 				rv := reflect.ValueOf(custom)
 				result, err := TypeReflectEntryOf(rv.Type()).ToUnstructured(rv)
 				if err != nil {
-					t.Fatal(err)
+					if tc.ExpectedErrorMessage == "" {
+						t.Fatal(err)
+					} else if got := err.Error(); got != tc.ExpectedErrorMessage {
+						t.Fatalf("expected error message %q but got %q", tc.ExpectedErrorMessage, got)
+					}
+				} else if tc.ExpectedErrorMessage != "" {
+					t.Fatalf("expected error message %q but got nil error", tc.ExpectedErrorMessage)
 				}
 				if !reflect.DeepEqual(result, tc.Expected) {
 					t.Errorf("expected %#v but got %#v", tc.Expected, result)