I had protobuf.net deserialize invalid (random) bytes into a KeyValuePair (i.e. not nullable). Instead of (as expected) an exception being thrown, an empty struct was returned.
Since this default struct could be valid data, I don't see a way to tell if the source data are actually valid. Is this a bug, or is there a way I'm missing?
(protobuf-net 2.0.0.480, 2011.12.11)
Update:
There were scenarios in v2 where it wouldn't spot this, but would instead terminate as though it had reached the end of the stream - in particular if the "field number", after applying shifts, was non-positive. However, this is not valid in a protobuf stream, and this will be fixed next build.
That depends on quite how random it was ;p Actually, getting that to do anything without throwing an error is pretty impressive - the protobuf spec is pretty specific about layout, and normally it will throw a big exception there (probably mentioning "unexpected wire-type" or similar).
Emphasis: in almost all cases it will throw an exception. If you fluke some data of the right spec, but different field numbers, then it will silently ignore the unexpected data, and you'll get an all-zero struct. If you fluke some data of the right spec, but with the right field numbers and layout, you'll get garbage. But that is like saying
if I randomly generate data that by pure chance happens to be
{"foo":"0"},JavascriptSerializerdoesn't complain!!! bug!!!
Are you sure you actually deserialized some data here? and that the stream wasn't already the EOF position? For example, the following won't error, as you haven't rewound the stream - you are effective deserializing zero bytes:
var ms = new MemoryStream();
ms.Write(randomBytes, 0, randomBytes.Length);
var obj = Serializer.Deserialize<Foo>(ms);
(and zero bytes is perfectly valid for a protobuf object)
If you want to test a stream for validity, you can use ProtoReader, just skipping (SkipField() or something similar) every field until ReadNextHeader() (or whatever) returns a non-positive integer.