[Go] out of bounds panics in RefResolver and MetaStringResolver

[ayush00git]

Search before asking

• I had searched in the issues and found no similar issues.

Version

0.17.0

Component(s)

Go

Minimal reproduce step

Run these tests- (just place them inside a test file and run test script)

func TestRefResolver_OOBPanic(t *testing.T) {
	resolver := newRefResolver(true) // Enable tracking
	buffer := NewByteBuffer(nil)
	
	// Craft a buffer with RefFlag (-2) followed by a huge RefID (9999)
	buffer.WriteInt8(RefFlag)
	buffer.WriteVarUint32(9999)
	buffer.SetReaderIndex(0)

	var ctxErr Error
	// This currently PANICS. The fix should prevent the panic.
	require.NotPanics(t, func() {
		resolver.ReadRefOrNull(buffer, &ctxErr)
	}, "RefResolver.GetReadObject should not panic on OOB index")
}
func TestMetaStringResolver_NegativeIndexPanic(t *testing.T) {
	resolver := NewMetaStringResolver()
	buffer := NewByteBuffer(nil)
	
	// header = 1 means (header & 1 != 0) is true (it's a reference)
	// and length = header >> 1 = 0.
	// index = length - 1 = -1.
	buffer.WriteVarUint32Small7(1)
	buffer.SetReaderIndex(0)

	var ctxErr Error
	// This currently PANICS. The fix should prevent the panic.
	require.NotPanics(t, func() {
		_, err := resolver.ReadMetaStringBytes(buffer, &ctxErr)
		if err == nil {
			// If it didn't panic, it should at least return an error
			t.Errorf("Expected error for negative index, got nil")
		}
	}, "MetaStringResolver should not panic on negative index")
}

Are you willing to submit a PR?

• I'm willing to submit a PR!

[ayush00git]

@chaokunyang that's the failing error -

❯ go test -v -count=1 -run "TestRefResolver_OOBPanic|TestMetaStringResolver_NegativeIndexPanic" 2>&1 | tail -40
                                        /usr/local/go/src/testing/testing.go:2101 +0x4c5
                Test:           TestRefResolver_OOBPanic
                Messages:       RefResolver.GetReadObject should not panic on OOB index
--- FAIL: TestRefResolver_OOBPanic (0.00s)
=== RUN   TestMetaStringResolver_NegativeIndexPanic
    security_test.go:57: 
                Error Trace:    security_test.go:57
                Error:          func (assert.PanicTestFunc)(0x65e920) should not panic
                                        Panic value:    runtime error: index out of range [-1]
                                        Panic stack:    goroutine 8 [running]:
                                runtime/debug.Stack()
                                        /usr/local/go/src/runtime/debug/stack.go:26 +0x5e
                                github.com/stretchr/testify/assert.didPanic.func1.1()
                                        /home/ayush/go/pkg/mod/github.com/stretchr/testify@v1.7.0/assert/assertions.go:1013 +0x69
                                panic({0x775f20?, 0x2ce332042978?})
                                        /usr/local/go/src/runtime/panic.go:860 +0x13a
                                github.com/apache/fory/go/fory.(*MetaStringResolver).ReadMetaStringBytes(0x2ce33203c3c0, 0x2ce3320bec80, 0x2ce33203c420)
                                        /home/ayush/contributions/apache/fory/go/fory/meta_string_resolver.go:130 +0x827
                                github.com/apache/fory/go/fory.TestMetaStringResolver_NegativeIndexPanic.func1()
                                        /home/ayush/contributions/apache/fory/go/fory/security_test.go:58 +0x28
                                github.com/stretchr/testify/assert.didPanic.func1(0x2ce3321ddda0?, 0x5cb44e?, 0x41e07f?, 0x73ce60?)
                                        /home/ayush/go/pkg/mod/github.com/stretchr/testify@v1.7.0/assert/assertions.go:1018 +0x4c
                                github.com/stretchr/testify/assert.didPanic(0xa5a5c0?)
                                        /home/ayush/go/pkg/mod/github.com/stretchr/testify@v1.7.0/assert/assertions.go:1020 +0x36
                                github.com/stretchr/testify/assert.NotPanics({0x7b7e40, 0x2ce3321a0908}, 0x2ce3321ddd70, {0x2ce3320a5f48, 0x1, 0x1})
                                        /home/ayush/go/pkg/mod/github.com/stretchr/testify@v1.7.0/assert/assertions.go:1091 +0x7e
                                github.com/stretchr/testify/require.NotPanics({0x7b8b68, 0x2ce3321a0908}, 0x2ce3321ddd70, {0x2ce332094f48, 0x1, 0x1})
                                        /home/ayush/go/pkg/mod/github.com/stretchr/testify@v1.7.0/require/require.go:1456 +0xa6
                                github.com/apache/fory/go/fory.TestMetaStringResolver_NegativeIndexPanic(0x2ce3321a0908)
                                        /home/ayush/contributions/apache/fory/go/fory/security_test.go:57 +0x194
                                testing.tRunner(0x2ce3321a0908, 0x7b3580)
                                        /usr/local/go/src/testing/testing.go:2036 +0xea
                                created by testing.(*T).Run in goroutine 1
                                        /usr/local/go/src/testing/testing.go:2101 +0x4c5
                Test:           TestMetaStringResolver_NegativeIndexPanic
                Messages:       MetaStringResolver should not panic on negative index
--- FAIL: TestMetaStringResolver_NegativeIndexPanic (0.00s)
FAIL
exit status 1
FAIL    github.com/apache/fory/go/fory  0.004s