fix(UnixSecondSerializer.Value): Avoid panic when handling unsigned integer values (#7608)

dushaoshuai · david_du · propel-code-bot[bot] · web-flow · commit d9372f551000 · 2025-10-26T20:29:44.000+08:00
* fix reflection panic

* testing

* fix: do not pass a nil Context

* //nolint: gosec

* reduce cyclomatic complexity

* add a type assertion safety check for time.Time

Co-authored-by: propel-code-bot[bot] &lt;203372662+propel-code-bot[bot]@users.noreply.github.com&gt;

* test coverage for integer overflow edge case

---------

Co-authored-by: david_du &lt;david.du@yuansuan.com&gt;
Co-authored-by: propel-code-bot[bot] &lt;203372662+propel-code-bot[bot]@users.noreply.github.com&gt;
diff --git a/schema/serializer.go b/schema/serializer.go
@@ -8,6 +8,7 @@ import (
 	"encoding/gob"
 	"encoding/json"
 	"fmt"
+	"math"
 	"reflect"
 	"strings"
 	"sync"
@@ -127,16 +128,31 @@ func (UnixSecondSerializer) Scan(ctx context.Context, field *Field, dst reflect.
 // Value implements serializer interface
 func (UnixSecondSerializer) Value(ctx context.Context, field *Field, dst reflect.Value, fieldValue interface{}) (result interface{}, err error) {
 	rv := reflect.ValueOf(fieldValue)
-	switch v := fieldValue.(type) {
-	case int64, int, uint, uint64, int32, uint32, int16, uint16:
-		result = time.Unix(reflect.Indirect(rv).Int(), 0).UTC()
-	case *int64, *int, *uint, *uint64, *int32, *uint32, *int16, *uint16:
+	switch fieldValue.(type) {
+	case int, int8, int16, int32, int64:
+		result = time.Unix(rv.Int(), 0).UTC()
+	case uint, uint8, uint16, uint32, uint64:
+		if uv := rv.Uint(); uv > math.MaxInt64 {
+			err = fmt.Errorf("integer overflow conversion uint64(%d) -> int64", uv)
+		} else {
+			result = time.Unix(int64(uv), 0).UTC() //nolint:gosec
+		}
+	case *int, *int8, *int16, *int32, *int64:
 		if rv.IsZero() {
 			return nil, nil
 		}
-		result = time.Unix(reflect.Indirect(rv).Int(), 0).UTC()
+		result = time.Unix(rv.Elem().Int(), 0).UTC()
+	case *uint, *uint8, *uint16, *uint32, *uint64:
+		if rv.IsZero() {
+			return nil, nil
+		}
+		if uv := rv.Elem().Uint(); uv > math.MaxInt64 {
+			err = fmt.Errorf("integer overflow conversion uint64(%d) -> int64", uv)
+		} else {
+			result = time.Unix(int64(uv), 0).UTC() //nolint:gosec
+		}
 	default:
-		err = fmt.Errorf("invalid field type %#v for UnixSecondSerializer, only int, uint supported", v)
+		err = fmt.Errorf("invalid field type %#v for UnixSecondSerializer, only int, uint supported", fieldValue)
 	}
 	return
 }
diff --git a/schema/serializer_test.go b/schema/serializer_test.go
@@ -0,0 +1,213 @@
+package schema
+
+import (
+	"context"
+	"math"
+	"reflect"
+	"testing"
+	"time"
+)
+
+func TestUnixSecondSerializer_Value(t *testing.T) {
+	var (
+		intValue      = math.MaxInt64
+		int8Value     = int8(math.MaxInt8)
+		int16Value    = int16(math.MaxInt16)
+		int32Value    = int32(math.MaxInt32)
+		int64Value    = int64(math.MaxInt64)
+		uintValue     = uint(math.MaxInt64)
+		uint8Value    = uint8(math.MaxUint8)
+		uint16Value   = uint16(math.MaxUint16)
+		uint32Value   = uint32(math.MaxUint32)
+		uint64Value   = uint64(math.MaxInt64)
+		maxInt64Plus1 = uint64(math.MaxInt64 + 1)
+
+		intPtrValue      = &intValue
+		int8PtrValue     = &int8Value
+		int16PtrValue    = &int16Value
+		int32PtrValue    = &int32Value
+		int64PtrValue    = &int64Value
+		uintPtrValue     = &uintValue
+		uint8PtrValue    = &uint8Value
+		uint16PtrValue   = &uint16Value
+		uint32PtrValue   = &uint32Value
+		uint64PtrValue   = &uint64Value
+		maxInt64Plus1Ptr = &maxInt64Plus1
+	)
+	tests := []struct {
+		name    string
+		value   interface{}
+		want    interface{}
+		wantErr bool
+	}{
+		{
+			name:    "int",
+			value:   intValue,
+			want:    time.Unix(int64(intValue), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "int8",
+			value:   int8Value,
+			want:    time.Unix(int64(int8Value), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "int16",
+			value:   int16Value,
+			want:    time.Unix(int64(int16Value), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "int32",
+			value:   int32Value,
+			want:    time.Unix(int64(int32Value), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "int64",
+			value:   int64Value,
+			want:    time.Unix(int64Value, 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "uint",
+			value:   uintValue,
+			want:    time.Unix(int64(uintValue), 0).UTC(), //nolint:gosec
+			wantErr: false,
+		},
+		{
+			name:    "uint8",
+			value:   uint8Value,
+			want:    time.Unix(int64(uint8Value), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "uint16",
+			value:   uint16Value,
+			want:    time.Unix(int64(uint16Value), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "uint32",
+			value:   uint32Value,
+			want:    time.Unix(int64(uint32Value), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "uint64",
+			value:   uint64Value,
+			want:    time.Unix(int64(uint64Value), 0).UTC(), //nolint:gosec
+			wantErr: false,
+		},
+		{
+			name:    "maxInt64+1",
+			value:   maxInt64Plus1,
+			want:    nil,
+			wantErr: true,
+		},
+		{
+			name:    "*int",
+			value:   intPtrValue,
+			want:    time.Unix(int64(*intPtrValue), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "*int8",
+			value:   int8PtrValue,
+			want:    time.Unix(int64(*int8PtrValue), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "*int16",
+			value:   int16PtrValue,
+			want:    time.Unix(int64(*int16PtrValue), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "*int32",
+			value:   int32PtrValue,
+			want:    time.Unix(int64(*int32PtrValue), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "*int64",
+			value:   int64PtrValue,
+			want:    time.Unix(*int64PtrValue, 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "*uint",
+			value:   uintPtrValue,
+			want:    time.Unix(int64(*uintPtrValue), 0).UTC(), //nolint:gosec
+			wantErr: false,
+		},
+		{
+			name:    "*uint8",
+			value:   uint8PtrValue,
+			want:    time.Unix(int64(*uint8PtrValue), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "*uint16",
+			value:   uint16PtrValue,
+			want:    time.Unix(int64(*uint16PtrValue), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "*uint32",
+			value:   uint32PtrValue,
+			want:    time.Unix(int64(*uint32PtrValue), 0).UTC(),
+			wantErr: false,
+		},
+		{
+			name:    "*uint64",
+			value:   uint64PtrValue,
+			want:    time.Unix(int64(*uint64PtrValue), 0).UTC(), //nolint:gosec
+			wantErr: false,
+		},
+		{
+			name:    "pointer to maxInt64+1",
+			value:   maxInt64Plus1Ptr,
+			want:    nil,
+			wantErr: true,
+		},
+		{
+			name:    "nil pointer",
+			value:   (*int)(nil),
+			want:    nil,
+			wantErr: false,
+		},
+		{
+			name:    "invalid type",
+			value:   "invalid",
+			want:    nil,
+			wantErr: true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got, err := UnixSecondSerializer{}.Value(context.Background(), nil, reflect.Value{}, tt.value)
+			if (err != nil) != tt.wantErr {
+				t.Fatalf("UnixSecondSerializer.Value() error = %v, wantErr %v", err, tt.wantErr)
+			}
+			if err != nil {
+				return
+			}
+			if tt.want == nil && got == nil {
+				return
+			}
+			if tt.want == nil {
+				t.Fatalf("UnixSecondSerializer.Value() = %v, want nil", got)
+			}
+			if got == nil {
+				t.Fatalf("UnixSecondSerializer.Value() = nil, want %v", tt.want)
+			}
+			if gotTime, ok := got.(time.Time); !ok {
+				t.Errorf("UnixSecondSerializer.Value() returned %T, expected time.Time", got)
+			} else if !tt.want.(time.Time).Equal(gotTime) {
+				t.Errorf("UnixSecondSerializer.Value() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
