Skip to content

Fix: Prevent nil pointer dereference when reporting rule evaluation errors#493

Merged
newm4n merged 1 commit intohyperjumptech:masterfrom
rohitss912:master
Jul 18, 2025
Merged

Fix: Prevent nil pointer dereference when reporting rule evaluation errors#493
newm4n merged 1 commit intohyperjumptech:masterfrom
rohitss912:master

Conversation

@rohitss912
Copy link
Contributor

@rohitss912 rohitss912 commented Jul 18, 2025
edited
Loading

Problem

When a rule contains an invalid function/field(s) in its [when] expression, the engine logs the error but then panics with a nil pointer dereference.
This happens because the error reporting (Line 186) :

fmt.Errorf("evaluating expression in rule '%s' the when raised an error. got %v", dataContext.GetRuleEntry().RuleName, err)

tries to access dataContext.GetRuleEntry().RuleName before SetRuleEntry is called in engine.go, resulting in a nil pointer dereference.

How to Reproduce

Use a rule with an invalid function in the [when] clause, for example:

rule BadRule "Rule with invalid function" {
    when
        MyApp.IsProduction == false && MyApp.PlatformType.IsIn("DataCenterEU")
    then
        // some action
}

Here, IsIn is not a valid function for a string in Grule.

Observed Behavior

The AST logger prints the actual error (Line 184):

caller":"ast/RuleEntry.go:184","message":"Error while evaluating rule BadRule, got right hand expression error.  got this node identified as \"MyApp.PlatformType\" call function IsIn is not supported for string"

But instead of returning this error to the caller, the engine panics and returns the below error message which could be misleading to the caller of the rule-engine :

 Got error error while evaluating rule BadRule ! recovered : runtime error: invalid memory address or nil pointer dereference

Solution

Change the error reporting to use the current RuleEntry's e.RuleName directly, rather than accessing it via dataContext.GetRuleEntry(), as the code anyway uses e.RuleName to prepare the AST logger error message.

This ensures error messages are constructed safely, even if the rule's name has not yet been set in the data context.

Code Fix

Before:

return false, fmt.Errorf("evaluating expression in rule '%s' the when raised an error. got %v", dataContext.GetRuleEntry().RuleName, err)

After:

return false, fmt.Errorf("evaluating expression in rule '%s' the when raised an error. got %v", e.RuleName, err)

Impact

Prevents engine panics when evaluating rules with invalid syntax.
Ensures errors are returned to the caller as expected.
No impact on valid rule execution or rule selection logic

@rohitss912
fix(ast): refactor error messages in Evaluate function to use RuleEnt…
4bfa442 
…ry's RuleName directly

because during the first pass,the rule name is not yet set in the dataContext which causes nilPointer exception.
@rohitss912
Copy link
Contributor Author

rohitss912 commented Jul 18, 2025

@newm4n hey could you please take a look at this ☝🏾

newm4n
newm4n approved these changes Jul 18, 2025
View reviewed changes
Copy link
Collaborator

@newm4n newm4n left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is correct, when you know that the rule not exist, there's no reason to get the rule name using the non-existent rule. Thats silly.

@newm4n newm4n merged commit 8b016a0 into hyperjumptech:master Jul 18, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@newm4n newm4n newm4n approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rohitss912 @newm4n