Skip to content

Fix nil-pointer panic on expression ending in an open parenthesis#159

Open
SAY-5 wants to merge 1 commit into
github:mainfrom
SAY-5:fix-dangling-paren-panic
Open

Fix nil-pointer panic on expression ending in an open parenthesis#159
SAY-5 wants to merge 1 commit into
github:mainfrom
SAY-5:fix-dangling-paren-panic

Conversation

@SAY-5

@SAY-5 SAY-5 commented Jul 10, 2026

Copy link
Copy Markdown

Description

Fixes #158. The expression parser panics with a nil-pointer dereference when the input ends with an unclosed open parenthesis ("(", "((", "MIT OR (", "( "), rather than reporting the string as invalid.

After the leading ( is consumed, the inner expression is parsed against an exhausted token stream. parseOperator, parseLicenseRef, and parseLicense all dereference the result of peek(), which returns nil at end of stream. parseWith already guards this with if token == nil, so this brings the other three in line with that pattern: a nil peek means the token is simply not present, which lets the existing "open parenthesis does not have a matching close parenthesis" / "expected node" paths handle the malformed input.

With the fix, ValidateAndNormalizeLicensesWithOptions([]string{"("}, ...) returns the input as invalid instead of panicking. Added a TestParse case for the dangling open parenthesis.

go test ./... and golangci-lint run pass.

Signed-off-by: Sai Asish Y <say.apm35@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

panic: nil-pointer dereference when parsing a dangling open parenthesis

1 participant