Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] #1967

Closed
secsys-go opened this issue Sep 17, 2022 · 1 comment
Closed

[BUG] #1967

secsys-go opened this issue Sep 17, 2022 · 1 comment
Assignees
@kataras
Labels
🤘 status:resolved

Comments

@secsys-go
Copy link
Contributor

secsys-go commented Sep 17, 2022
edited
Loading

Describe the bug
We used the Fuzz engine to modify some Test(TestUseRouterParentDisallow) data, and then the following crash appeared. We hope to get the help of the developer to confirm whether it is a real bug.

To Reproduce

        const expectedResponse = "no_userouter_allowed"
	app := iris.New()
	app.UseRouter(func(ctx iris.Context) {
		ctx.WriteString("always")
		ctx.Next()
	})
	app.Get("/index", func(ctx iris.Context) {
		ctx.WriteString(expectedResponse)
	})

	app.SetPartyMatcher(func(ctx iris.Context, p iris.Party) bool {
		// modifies the PartyMatcher to not match any UseRouter,
		// tests should receive the handlers response alone.
		return false
	})

	var1 := "\\"
	app.PartyFunc(var1, func(p iris.Party) { // it's the same instance of app.
		p.UseRouter(func(ctx iris.Context) {
			ctx.WriteString("_2")
			ctx.Next()
		})
		p.Get("/", func(ctx iris.Context) {
			ctx.WriteString(expectedResponse)
		})
	})

	var2 := "*\\*\\*"
	app.PartyFunc(var2, func(p iris.Party) {
		p.UseRouter(func(ctx iris.Context) {
			ctx.WriteString("_3")
			ctx.Next()
		})

		p.Get("/", func(ctx iris.Context) {
			ctx.WriteString(expectedResponse)
		})
	})

	e := httptest.New(t, app)
	var3 := 3052361222786394716
	var4 := "\\*\\*\\*\\*\\*\\*\\*\\*\\*\\*"
	e.GET("/user").Expect().Status(var3).Body().Equal(var4) //crash in Expect()

Crash log

panic: runtime error: index out of range [0] with length 0 [recovered]
        panic: runtime error: index out of range [0] with length 0

goroutine 64 [running]:
testing.tRunner.func1.2({0xd2ac80, 0xc0002a9b30})
        /home/zjx/.local/go/src/testing/testing.go:1211 +0x24e
testing.tRunner.func1()
        /home/zjx/.local/go/src/testing/testing.go:1214 +0x218
panic({0xd2ac80, 0xc0002a9b30})
        /home/zjx/.local/go/src/runtime/panic.go:1038 +0x215
github.com/kataras/iris/v12/core/router.(*trie).search(0xc00059f840, {0xc000805fe0, 0x5}, 0xc00031c0c8)
        /home/zjx/workspace/gowork/src/purelib/crashConfirm/iris/core/router/trie.go:252 +0xd37
github.com/kataras/iris/v12/core/router.(*routerHandler).HandleRequest(0xc0001a86c0, 0xc00031c0a0)
        /home/zjx/workspace/gowork/src/purelib/crashConfirm/iris/core/router/handler.go:446 +0x30b
github.com/kataras/iris/v12/core/router.(*Router).buildMainHandlerWithFilters.func3({0xefe298, 0xc00059f980}, 0x0)
        /home/zjx/workspace/gowork/src/purelib/crashConfirm/iris/core/router/router.go:164 +0x108
github.com/kataras/iris/v12/core/router.(*Router).ServeHTTP(0x40f067, {0xefe298, 0xc00059f980}, 0xc00070f701)
        /home/zjx/workspace/gowork/src/purelib/crashConfirm/iris/core/router/router.go:339 +0x30
github.com/iris-contrib/httpexpect/v2.Binder.RoundTrip({{0xef11a0, 0xc00070e9c0}, 0x0}, 0xc000016600)
        /home/zjx/workspace/gowork/pkg/mod/github.com/iris-contrib/httpexpect/v2@v2.3.1/binder.go:61 +0x35e
net/http.send(0xc000016600, {0xef24a0, 0xc000705fe0}, {0xd5d640, 0x1, 0x0})
        /home/zjx/.local/go/src/net/http/client.go:252 +0x5d8
net/http.(*Client).send(0xc000380030, 0xc000016600, {0x0, 0xb1c6491963c6b4ae, 0x0})
        /home/zjx/.local/go/src/net/http/client.go:176 +0x9b
net/http.(*Client).do(0xc000380030, 0xc000016600)
        /home/zjx/.local/go/src/net/http/client.go:725 +0x908
net/http.(*Client).Do(0xc0003cba40, 0x48c6f7)
        /home/zjx/.local/go/src/net/http/client.go:593 +0x19
github.com/iris-contrib/httpexpect/v2.(*Request).sendRequest.func1()
        /home/zjx/workspace/gowork/pkg/mod/github.com/iris-contrib/httpexpect/v2@v2.3.1/request.go:1276 +0x2d
github.com/iris-contrib/httpexpect/v2.(*Request).retryRequest.func1(0x30, 0xc0003cbbb8, 0xc0003cbb30, 0xc0003cbb58, 0xc0003cbb00)
        /home/zjx/workspace/gowork/pkg/mod/github.com/iris-contrib/httpexpect/v2@v2.3.1/request.go:1344 +0x2c9
github.com/iris-contrib/httpexpect/v2.(*Request).retryRequest(0xc0001d8580, 0x0)
        /home/zjx/workspace/gowork/pkg/mod/github.com/iris-contrib/httpexpect/v2@v2.3.1/request.go:1346 +0x245
github.com/iris-contrib/httpexpect/v2.(*Request).sendRequest(0xc0001d8580)
        /home/zjx/workspace/gowork/pkg/mod/github.com/iris-contrib/httpexpect/v2@v2.3.1/request.go:1275 +0x4c
github.com/iris-contrib/httpexpect/v2.(*Request).roundTrip(0xc0001d8580)
        /home/zjx/workspace/gowork/pkg/mod/github.com/iris-contrib/httpexpect/v2@v2.3.1/request.go:1194 +0x12d
github.com/iris-contrib/httpexpect/v2.(*Request).Expect(0xc0001d8580)
        /home/zjx/workspace/gowork/pkg/mod/github.com/iris-contrib/httpexpect/v2@v2.3.1/request.go:1155 +0x36
github.com/kataras/iris/v12/core/router_test.TestUseRouterParentDisallow(0x1)
        /home/zjx/workspace/gowork/src/purelib/crashConfirm/iris/core/router/router_handlers_order_test.go:275 +0x17a

Desktop:

  • OS: Linux r920 4.15.0-159-generic #167-Ubuntu

iris.Version

  • e.g. commit 9e8a58b (HEAD -> master, origin/master, origin/HEAD)
@kataras
Copy link
Owner

kataras commented Sep 17, 2022

Hello @secsys-go, fetch the latest @master version and try again, it's fixed.

main.go

package main

import "github.com/kataras/iris/v12"

func main() {
	app := newApp()
	app.Listen(":8080")
}

func newApp() *iris.Application {
	const expectedResponse = "no_userouter_allowed"
	app := iris.New()
	app.Logger().SetLevel("debug")

	app.UseRouter(func(ctx iris.Context) {
		ctx.WriteString("always")
		ctx.Next()
	})
	app.Get("/index", func(ctx iris.Context) {
		ctx.WriteString(expectedResponse)
	})

	app.SetPartyMatcher(func(ctx iris.Context, p iris.Party) bool {
		// modifies the PartyMatcher to not match any UseRouter,
		// tests should receive the handlers response alone.
		return false
	})

	var1 := "0"
	app.PartyFunc(var1, func(p iris.Party) { // it's the same instance of app.
		p.UseRouter(func(ctx iris.Context) {
			ctx.WriteString("_2")
			ctx.Next()
		})
		p.Get("/", func(ctx iris.Context) {
			ctx.WriteString(expectedResponse)
		})
	})

	var2 := "0\\\\\\0"
	app.PartyFunc(var2, func(p iris.Party) {
		p.UseRouter(func(ctx iris.Context) {
			ctx.WriteString("_3")
			ctx.Next()
		})

		p.Get("/", func(ctx iris.Context) {
			ctx.WriteString(expectedResponse)
		})
	})

	return app
}

main_test.go

package main

import (
	"testing"

	"github.com/kataras/iris/v12/httptest"
)

func TestIssue(t *testing.T) {
	app := newApp()
	httptest.New(t, app)
}

@secsys-go secsys-go mentioned this issue Sep 18, 2023
Open
@secsys-go secsys-go mentioned this issue Sep 27, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kataras kataras

Labels
🤘 status:resolved
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kataras @secsys-go