-
Notifications
You must be signed in to change notification settings - Fork 31
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
runtime error: slice bounds out of range #48
Comments
Thanks for reporting this issue. I will check it out later
…On Sat, 18 Feb 2023, 10:00 Omar Ramadan, ***@***.***> wrote:
Description
Describe the issue that you're seeing.
caddy server container crashed with panic. hope this might help someone.
great project thank you
cdn-in-a-box-caddy-1 | panic: runtime error: slice bounds out of range
[862:0] cdn-in-a-box-caddy-1 | cdn-in-a-box-caddy-1 | goroutine 21235869
[running]: cdn-in-a-box-caddy-1 |
github.com/corazawaf/coraza/v3/internal/corazawaf.(*bodyBufferReader).Read(0xc047d6cd50,
{0xc038774000?, 0x0?, 0x7fce60935688?}) cdn-in-a-box-caddy-1 |
***@***.***/internal/corazawaf/body_buffer.go:98
+0x139 cdn-in-a-box-caddy-1 | io.discard.ReadFrom({}, {0x1f8f960,
0xc047d6cd50}) cdn-in-a-box-caddy-1 | io/io.go:611 +0x72
cdn-in-a-box-caddy-1 | io.copyBuffer({0x1f97800, 0x2ca05e0}, {0x1f8f960,
0xc047d6cd50}, {0xc05461a000, 0x8000, 0x8000}) cdn-in-a-box-caddy-1 |
io/io.go:413 +0x14b cdn-in-a-box-caddy-1 |
io.(*multiReader).writeToWithBuffer(0xc051094c48, {0x1f97800, 0x2ca05e0},
{0xc05461a000, 0x8000, 0x8000}) cdn-in-a-box-caddy-1 | io/multi.go:54
+0x125 cdn-in-a-box-caddy-1 | io.(*multiReader).WriteTo(0x19bcd00?,
{0x1f97800, 0x2ca05e0}) cdn-in-a-box-caddy-1 | io/multi.go:45 +0x56
cdn-in-a-box-caddy-1 | io.copyBuffer({0x1f97800, 0x2ca05e0},
{0x7fce601809b8, 0xc047d4bbf0}, {0x0, 0x0, 0x0}) cdn-in-a-box-caddy-1 |
io/io.go:409 +0x16e cdn-in-a-box-caddy-1 | io.Copy(...)
cdn-in-a-box-caddy-1 | io/io.go:386 cdn-in-a-box-caddy-1 |
net/http.(*transferWriter).doBodyCopy(0xc02cddcdc0, {0x1f97800?,
0x2ca05e0?}, {0x7fce601809b8?, 0xc047d4bbf0?}) cdn-in-a-box-caddy-1 |
net/http/transfer.go:412 +0x4d cdn-in-a-box-caddy-1 |
net/http.(*transferWriter).writeBody(0xc02cddcdc0, {0x1f8e160,
0xc0293ac640}) cdn-in-a-box-caddy-1 | net/http/transfer.go:375 +0x418
cdn-in-a-box-caddy-1 | net/http.(*Request).write(0xc069109700, {0x1f8e160,
0xc0293ac640}, 0x0, 0x0, 0x0) cdn-in-a-box-caddy-1 |
net/http/request.go:701 +0xb46 cdn-in-a-box-caddy-1 |
net/http.(*persistConn).writeLoop(0xc0595f9b00) cdn-in-a-box-caddy-1 |
net/http/transport.go:2395 +0x174 cdn-in-a-box-caddy-1 | created by
net/http.(*Transport).dialConn cdn-in-a-box-caddy-1 |
net/http/transport.go:1752 +0x1791
Steps to reproduce
Clear steps describing how to reproduce the issue. Please please please
link to a demo project if possible, this makes your issue *much* easier
to diagnose (seriously).
reverse proxy server being hammered by bots
Expected result
What should happen?
Actual result
What happened.
—
Reply to this email directly, view it on GitHub
<#48>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAXOYAVBXS3YJBDFVEXQXKTWYCFRBANCNFSM6AAAAAAVAHORA4>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
…eading the body buffer. See https://github.com/corazawaf/coraza/issues/664.
This is a weird issue and I guess it happens only because you run bots and at some point during the read you also write and then move towards a file. |
Thanks for the fix @jcchavezs. I am seeing this crash a few times per day right now. Would appreciate a release into corazawaf/coraza-caddy when the change is landed. |
@kkroo <https://github.com/kkroo> could you please test with the latest
version of this module to get the errors again?
…On Thu, 23 Feb 2023, 19:51 Omar Ramadan, ***@***.***> wrote:
Thanks for the fix @jcchavezs <https://github.com/jcchavezs>. I am seeing
this crash a few times per day right now. Would appreciate a release into
corazawaf/coraza-caddy when the change is landed.
—
Reply to this email directly, view it on GitHub
<#48>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAXOYARTOHFDR3QXJCAAWC3WY6WUZANCNFSM6AAAAAAVAHORA4>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
Just rebuilt from master and report back if I see another crash. |
As I said, the proposed fix is very unusual logic so we want to be 100% we
are looking at the right code. Please do send me logs if this happens again.
…On Sat, 25 Feb 2023, 22:28 Omar Ramadan, ***@***.***> wrote:
Just rebuilt from master and report back if I see another crash.
Doesn't look like the fix made it in the latest version though.
github.com/corazawaf/coraza-caddy v1.2.3-0.20230224222231-e5bec900d1d2
github.com/corazawaf/coraza/v3 v3.0.0-20230222164726-1ac270a3257d
—
Reply to this email directly, view it on GitHub
<#48>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAXOYAQEHXTALCOX734JHQTWZJ2QHANCNFSM6AAAAAAVAHORA4>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
Thanks for this. I think the issue is the way the middleware is handled vs how coraza expects it to handle. We need to upgrade caddy's middleware and make it somehow with http middleware. I am moving this issue to Caddy for now and do the work there. |
I will try to get this done this week. We need to port changes from coraza
itself. Before I was trying to reuse the same abstraction but ended up with
the conclusion that it wasn't worth. Better to have duplication over a bad
abstraction.
…On Sun, 5 Mar 2023, 14:05 Felipe Zipitría, ***@***.***> wrote:
Assigned #48 <#48> to
@jcchavezs <https://github.com/jcchavezs>.
—
Reply to this email directly, view it on GitHub
<#48 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAXOYAQWV3PXZWQTESCAZEDW2SFSPANCNFSM6AAAAAAVJJ2GFE>
.
You are receiving this because you were assigned.Message ID:
***@***.***>
|
@kkroo we completely rewrite the connector. Do you mind testing again with latest commit? |
Ping @kkroo |
@kkroo Can you please help us getting this solved? |
Currently, the body buffer would hold a piece of the body, hence a reader will be sent to the connector in order to pass it to upstream. The problem happens when the transaction is closed, the body buffer is resetted but the reader is still out there and the connector tries to drain it (using something like io.Copy(io.Discard, body) in order to reuse the connection, the body buffer is already empty (lenght 0) but the body buffer reader points to the end of the buffer (e.g. 512), hence attempting to read it till the end (from 512 to 0) trigger an out of range error. Closes corazawaf/coraza-caddy#48.
Currently, the body buffer would hold a piece of the body, hence a reader will be sent to the connector in order to pass it to upstream. The problem happens when the transaction is closed, the body buffer is resetted but the reader is still out there and the connector tries to drain it (using something like io.Copy(io.Discard, body) in order to reuse the connection, the body buffer is already empty (lenght 0) but the body buffer reader points to the end of the buffer (e.g. 512), hence attempting to read it till the end (from 512 to 0) trigger an out of range error. Closes corazawaf/coraza-caddy#48.
…825) * fix: blocks body buffer reader once the body buffer has been reset. Currently, the body buffer would hold a piece of the body, hence a reader will be sent to the connector in order to pass it to upstream. The problem happens when the transaction is closed, the body buffer is resetted but the reader is still out there and the connector tries to drain it (using something like io.Copy(io.Discard, body) in order to reuse the connection, the body buffer is already empty (lenght 0) but the body buffer reader points to the end of the buffer (e.g. 512), hence attempting to read it till the end (from 512 to 0) trigger an out of range error. Closes corazawaf/coraza-caddy#48.
@iMashtak would you be up to create a PR on this repo upgrading to Coraza v3.0.2 addressing this issue? |
Description
Describe the issue that you're seeing.
caddy server container crashed with panic. hope this might help someone. great project thank you
Steps to reproduce
Clear steps describing how to reproduce the issue. Please please please link to a demo project if possible, this makes your issue much easier to diagnose (seriously).
reverse proxy server being hammered by bots
Expected result
What should happen?
Actual result
What happened.
The text was updated successfully, but these errors were encountered: