Surfaced during the security + sibling-hunt review of #626.
PR #626 added nil-guards to the ToSwarm/*Mount converters but the symmetric From helpers still dereference their pointer args unconditionally:
| File:Line |
Helper |
Input that panics |
| `core/adapters/docker/service.go:316` |
`convertFromSwarmService(*swarm.Service)` |
`nil` |
| `core/adapters/docker/service.go:362` |
`convertTaskTemplateFromSwarm(...)` |
nil src or dst |
| `core/adapters/docker/service.go:443` |
`convertFromSwarmTask(*swarm.Task)` |
`nil` |
| `core/adapters/docker/event.go:119` |
`convertFromSDKEvent(*events.Message)` |
`nil e` or `nil e.Actor` |
| `core/adapters/docker/container.go:34` |
`Container.Create` derefs `config.HostConfig` / `config.NetworkConfig` |
nil sub-config |
Severity
- `convertFromSwarmTask` / `convertFromSDKEvent` / `Container.Create` HostConfig: regression-risk — reachable through public API paths.
- `convertFromSwarmService` / `convertTaskTemplateFromSwarm`: latent — only test-callable paths today.
Suggested fix
Mirror PR #626's pattern:
- `if x == nil { return zeroValue }` early-return
- Table-driven test in `convert_nil_test.go` (or a new `event_nil_test.go` for the event helper)
- Reuse `failOnPanic` from `testhelpers_test.go`
Acceptance
- All five sites have nil-guards.
- Regression tests panic-free on `nil` input.
- Consider a `go vet -vettool=nilness` pass scoped to the adapter package to mechanically catch the next instance.
Related
- #622 — original nil-deref audit
- #626 — fixed the To* direction
- #623 — adjacent nil-receiver/nil-client guards
Surfaced during the security + sibling-hunt review of #626.
PR #626 added nil-guards to the ToSwarm/*Mount converters but the symmetric From helpers still dereference their pointer args unconditionally:
Severity
Suggested fix
Mirror PR #626's pattern:
Acceptance
Related