Skip to content

Fix nil pointer panic when moved block has invalid addresses#38235

Open
MunemHashmi wants to merge 2 commits intohashicorp:mainfrom
MunemHashmi:fix/moved-block-nil-pointer-panic-34041
Open

Fix nil pointer panic when moved block has invalid addresses#38235
MunemHashmi wants to merge 2 commits intohashicorp:mainfrom
MunemHashmi:fix/moved-block-nil-pointer-panic-34041

Conversation

@MunemHashmi
Copy link

@MunemHashmi MunemHashmi commented Mar 4, 2026
edited
Loading

When a moved block contains invalid addresses (e.g. quoted strings like "module.foo" or unqualified names like bar), the from and to fields in the parsed MoveEndpoint are nil. Previously, decodeMovedBlock still returned the incomplete Moved struct, which caused a nil pointer dereference downstream when code accessed the From or To fields.

This change makes decodeMovedBlock return nil early when diagnostics contain errors, preventing incomplete Moved structs from being added to the module configuration. A defensive nil check is also added in findMoveStatements for robustness.

Fixes #34041
Fixes #34162

Target Release

1.15.x

Rollback Plan

  • If a change needs to be reverted, we will roll out an update to the code within 7 days.

Changes to Security Controls

No changes to security controls.

CHANGELOG entry

  • This change is user-facing and I added a changelog entry.

@MunemHashmi MunemHashmi requested a review from a team as a code owner March 4, 2026 20:14
@hashicorp-cla-app
Copy link

hashicorp-cla-app bot commented Mar 4, 2026
edited
Loading

CLA assistant check
All committers have signed the CLA.

@hashicorp-cla-app
Copy link

hashicorp-cla-app bot commented Mar 4, 2026

CLA assistant check

Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement

Learn more about why HashiCorp requires a CLA and what the CLA includes

Have you signed the CLA already but the status is still pending? Recheck it.

@MunemHashmi
Fix nil pointer panic when moved block has invalid addresses
9e53d61 
When a moved block contains invalid addresses (e.g. quoted strings or
unqualified names), the parsed MoveEndpoint fields are nil. Previously
decodeMovedBlock returned the incomplete Moved struct, causing a nil
pointer dereference downstream.

Return nil early from decodeMovedBlock when diagnostics contain errors,
preventing incomplete Moved structs from entering the module config.
Add a defensive nil check in findMoveStatements as well.

Fixes hashicorp#34041
Fixes hashicorp#34162
@MunemHashmi MunemHashmi force-pushed the fix/moved-block-nil-pointer-panic-34041 branch from 654fc34 to 9e53d61 Compare March 4, 2026 20:16
@crw
Copy link
Contributor

crw commented Mar 4, 2026

Thanks for this submission! If you sign the Contributor License Agreement, I will raise this at the next triage meeting. Thanks!

crw
crw reviewed Mar 10, 2026
View reviewed changes
internal/refactoring/move_statement.go Outdated
if mc.From == nil || mc.To == nil {
// Invalid addresses should've been caught during original
// configuration decoding, in the configs package.
continue
Copy link
Contributor

@crw crw Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unclear if this is the correct thing to do, versus surface some sort of error. (Relaying a comment from the triage meeting.)

Copy link
Author

@MunemHashmi MunemHashmi Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point — I've removed this guard. The primary fix in decodeMovedBlock returns nil early when diagnostics contain errors, so nil From/To should never reach this code path. I've posted a detailed explanation of the approach on #34041 for discussion.

@crw
Copy link
Contributor

crw commented Mar 10, 2026

Hi @MunemHashmi, the feedback from triage is that it is unclear what should happen when one of these values is nil. Most likely some sort of error needs to be surfaced. Unfortunately this would take some research and investigation that we will not have time to do in the near future. You can leave this PR open or if you would rather leave a comment on the open issue with your proposed solution, so that it can be discussed before implementation (please see our contribution guidelines, https://github.com/hashicorp/terraform/blob/main/.github/CONTRIBUTING.md#proposing-a-change). Thanks!

@MunemHashmi MunemHashmi mentioned this pull request Mar 10, 2026
Open
@MunemHashmi
Remove defensive nil guard in findMoveStatements
1a1cae2 
The primary fix in decodeMovedBlock prevents nil endpoints from
reaching this code path, making the guard unnecessary.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@crw crw crw left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Missing validation for incorrectly quoted moved addresses TERRAFORM CRASH

2 participants

@MunemHashmi @crw