Skip to content

Fix 'panic: runtime error: slice bounds out of range' #801

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
May 22, 2018
Merged

Fix 'panic: runtime error: slice bounds out of range' #801

merged 5 commits into from
May 22, 2018

Conversation

richardwilkes
Copy link
Contributor

@richardwilkes richardwilkes commented May 22, 2018
edited
Loading

Description

The code added in commit f557730 introduced a bug that prevents access to some databases by failing to check to see if the data it is looking for was actually present. This corrects that.

Discovered using MemSQL 5.5.8.

The data in the packet that was received in the readInitPacket() function was:

[10 53 46 53 46 56 0 165 0 0 0 60 70 63 58 68 104 34 97 0 223 247 33 2 0 15 128 21 0 0 0 0 0 0 0 0 0 0 98 120 114 47 85 75 109 99 51 77 50 64 0 109 121 115 113 108 95 110 97 116 105 118 101 95 112 97 115 115 119 111 114 100]

Checklist

  • Code compiles correctly
  • Created tests which fail without the change (if possible)
  • All tests passing
  • Extended the README / documentation, if necessary
  • Added myself / the copyright holder to the AUTHORS file

@julienschmidt
Copy link
Member

julienschmidt commented May 22, 2018
edited
Loading

The TODO section right below seems to be about the plugin name. If no NUL byte is found it should use data[pos:] instead (end-of-file / packet), I think.

Edit: Please also use our pull-request template.

@julienschmidt julienschmidt added this to the v1.4.0 milestone May 22, 2018
@richardwilkes
Copy link
Contributor Author

Made the suggested change and updated the initial description to use your template. Did not mark each section with a check as I didn't touch those areas -- not clear whether they should be checked despite this.

@julienschmidt
Copy link
Member

Do you mind moving the

// EOF if version (>= 5.5.7 and < 5.5.10) or (>= 5.6.0 and < 5.6.2)
// \NUL otherwise

above the pluginName code and remove the TODO and other commented-out code? It was there because we didn't read the plugin name so far.

@julienschmidt
Copy link
Member

Can you also tell use how you ran into that bug, i.e. what database server and version you are using?
Even better, but not mandatory, would be a packet dump, which we could use in a regression test.

julienschmidt
julienschmidt reviewed May 22, 2018
View reviewed changes
packets.go
// return
//}
//return ErrMalformPkt
if end := bytes.IndexByte(data[pos:], 0x00); end != -1 {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I meant moving the comment here (add an extra blank line above). Besides that, the changes LGTM.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah... ok, will do

@julienschmidt julienschmidt merged commit 5afaf12 into go-sql-driver:master May 22, 2018
@julienschmidt
Copy link
Member

Thanks!

julienschmidt added a commit that referenced this pull request May 22, 2018
@julienschmidt
packets: add regression test for #801
9da0fc8 
Updates #801
@julienschmidt julienschmidt mentioned this pull request May 22, 2018
Merged
5 tasks
julienschmidt added a commit that referenced this pull request May 23, 2018
@julienschmidt
packets: add regression test for #801 (#802)
44c24df 
Updates #801
@collinalexbell
Copy link

I am getting the following error with this new code:

unknown authentication plugin name ''

With the old code, I get the slice bounds out of range error.

@collinalexbell collinalexbell mentioned this pull request May 27, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@julienschmidt julienschmidt julienschmidt approved these changes

Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
v1.4.0
Development

Successfully merging this pull request may close these issues.
3 participants
@richardwilkes @julienschmidt @collinalexbell