Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

index out of range panic #11

Closed
dvyukov opened this issue May 27, 2015 · 2 comments
Closed

index out of range panic #11

dvyukov opened this issue May 27, 2015 · 2 comments

Comments

@dvyukov
Copy link
Member

dvyukov commented May 27, 2015

The following program crashes with a panic:

package main

import "github.com/golang/snappy/snappy"

func main() {
    data := []byte("\xff\xff\xff\xff\xff\xff\xff\xff\xec0")
    n, err := snappy.DecodedLen(data)
    if err != nil || n > 1e6 {
        return
    }
    dec, err := snappy.Decode(nil, data)
    if err != nil {
        if dec != nil {
            panic("dec is not nil")
        }
        return
    }
    if len(dec) != n {
        println(len(dec), n)
        panic("bad decoded len")
    }
    n = snappy.MaxEncodedLen(len(dec))
    enc, err := snappy.Encode(nil, dec)
    if err != nil {
        panic(err)
    }
    if len(enc) > n {
        panic("bad encoded len")
    }
}
panic: runtime error: index out of range

goroutine 1 [running]:
github.com/golang/snappy/snappy.Decode(0x0, 0x0, 0x0, 0xc208041f00, 0xa, 0x20, 0x0, 0x0, 0x0, 0x0, ...)
    src/github.com/golang/snappy/snappy/decode.go:54 +0xaca
main.main()
    snappy.go:11 +0xf6

on commit 156a073
@dvyukov
Copy link
Member Author

dvyukov commented May 27, 2015

Also, on this input DecodedLen returns a negative size. It must not return negative size, it must return an error instead.

@dvyukov
Copy link
Member Author

dvyukov commented May 27, 2015

Also, decodedLen does not check error condition returned by binary.Uvarint.

makhov pushed a commit to makhov/snappy that referenced this issue Jun 1, 2015
fix Uvarint overflow. (see golang#11)
432dca5
@makhov makhov mentioned this issue Jun 1, 2015
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dvyukov