fix: prevent nil pointer dereference in getFuncDoc when parsing depen…

[gatorjuice]

#2042

Fix nil pointer dereference in getFuncDoc function when parsing dependencies

Problem

When parsing dependencies with ParseDependency enabled, swag encounters a segmentation fault due to nil pointer dereferences in the getFuncDoc function. This occurs when the parser encounters AST nodes from standard library types (like atomic.Int32, json.scanner, ecdh.PrivateKey, etc.) that don't have all their fields properly initialized.

Error Stack Trace:

2025/07/17 05:48:56 atomic.Int32 TypeSpecDef is nil
2025/07/17 05:48:56 json.scanner TypeSpecDef is nil
2025/07/17 05:48:56 ecdh.PrivateKey TypeSpecDef is nil
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x912b14]

goroutine 1 [running]:
github.com/swaggo/swag.getFuncDoc({0xa31760?, 0xc000ac7180})
/home/runner/go/pkg/mod/github.com/swaggo/[email protected]/parser.go:1063 +0x114

Root Cause

The getFuncDoc function was accessing AST node fields without proper nil checks:

1. In the *ast.GenDecl case, it accessed astDecl.Specs[0] without checking if astDecl.Specs was empty
2. In the *ast.ValueSpec case, it accessed astDecl.Values[0] without checking if astDecl.Values was empty
3. It accessed value.Obj.Decl without checking if value.Obj or value.Obj.Decl were nil

When parsing dependencies, especially standard library packages, these AST nodes may not have all fields initialized, leading to nil pointer dereferences.

Solution

Added comprehensive nil checks in the getFuncDoc function:

1. Check for empty Specs slice: Added if len(astDecl.Specs) == 0 before accessing astDecl.Specs[0]
2. Check for empty Values slice: Added if len(astDecl.Values) == 0 before accessing astDecl.Values[0]
3. Check for nil object chain: Enhanced the existing nil check to include value.Obj == nil || value.Obj.Decl == nil

Changes Made

• Added 3 strategic nil checks in parser.go at lines 1052, 1062, and 1066
• No breaking changes to the API
• Maintains backward compatibility
• Gracefully handles malformed or incomplete AST nodes

Testing

This fix resolves the segmentation fault when running swag with dependency parsing enabled. The parser now gracefully skips over problematic AST nodes instead of crashing.

Impact

• Fixes: Critical segmentation fault when parsing dependencies
• Improves: Robustness when dealing with incomplete AST nodes from external packages
• Maintains: All existing functionality and performance
• Risk: Very low - only adds defensive programming checks

This is a critical stability fix that allows swag to successfully parse projects with dependencies without crashing.

[gatorjuice]

Just trying to run the install command locally and make sure this works before I take out of draft.

[gatorjuice]

local testing outcomes:

my Makefile

swagger:
	swag init -o ./swagger --parseDependencyLevel=3 --parseInternal

this continues to raise the segmentation problem

my updated Makefile with go.mod using replace github.com/swaggo/swag => github.com/gatorjuice/swag v0.0.0-20250717151401-45a05823e35a

swagger:
	go run -mod=mod github.com/swaggo/swag/cmd/swag init -o ./swagger --parseDependencyLevel=3 --parseInternal

this works now!

I think this is good. But I'm a Go noob so please review and test yourselves. Also my team at work has looked at it.

[sdghchj]

Thanks

[gatorjuice]

Thanks

My pleasure, we enjoy this project very much @sdghchj and look forward to OpenAPI 3.0 support!