Skip to content

Fix auth interception integer overflow #1052

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Sep 16, 2025
Merged

Fix auth interception integer overflow #1052

merged 3 commits into from
Sep 16, 2025

Conversation

@krichprollsch
Copy link
Member

@krichprollsch krichprollsch commented Sep 16, 2025

With proxy auth interception we had a crash (with puppeteer or playwright scenarios)

DEBUG cdp : request intercept . . . . . . . . . . . . . . . . [+2411ms]
      state = continue with auth
      id = 1
      response = ProvideCredentials

thread 173974 panic: integer overflow
/home/pierre/wrk/browser/src/http/Client.zig:233:22: 0x3268ee5 in continueTransfer (lightpanda)
    self.intercepted -= 1;
                     ^
/home/pierre/wrk/browser/src/cdp/domains/fetch.zig:316:52: 0x3269eba in continueWithAuth__anon_129776 (lightpanda)
    try bc.cdp.browser.http_client.continueTransfer(transfer);
                                                   ^
/home/pierre/wrk/browser/src/cdp/domains/fetch.zig:42:53: 0x31e5012 in processMessage__anon_114148 (lightpanda)
        .continueWithAuth => return continueWithAuth(cmd),
                                                    ^
/home/pierre/wrk/browser/src/cdp/cdp.zig:206:95: 0x31e4339 in dispatchCommand__anon_114026 (lightpanda)
                    asUint(u40, "Fetch") => return @import("domains/fetch.zig").processMessage(command),
                                                                                              ^
/home/pierre/wrk/browser/src/cdp/cdp.zig:164:32: 0x31e6b37 in dispatch__anon_113835 (lightpanda)
                dispatchCommand(&command, input.method) catch |err| {
                               ^
/home/pierre/wrk/browser/src/cdp/cdp.zig:112:33: 0x31e6f87 in processMessage (lightpanda)
            return self.dispatch(arena.allocator(), self, msg);
                                ^
/home/pierre/wrk/browser/src/cdp/cdp.zig:105:32: 0x316e497 in handleMessage (lightpanda)
            self.processMessage(msg) catch return false;
                               ^
/home/pierre/wrk/browser/src/server.zig:462:56: 0x316e36d in processWebsocketMessage (lightpanda)
                .text, .binary => if (cdp.handleMessage(msg.data) == false) {
                                                       ^
/home/pierre/wrk/browser/src/server.zig:256:63: 0x3182651 in processData (lightpanda)
            .cdp => |*cdp| return self.processWebsocketMessage(cdp),
                                                              ^
/home/pierre/wrk/browser/src/server.zig:245:32: 0x318281f in readSocket (lightpanda)
        return self.processData(n) catch false;
                               ^
/home/pierre/wrk/browser/src/server.zig:153:46: 0x3182d43 in readLoop (lightpanda)
                    if (try client.readSocket() == false) {
                                             ^
/home/pierre/wrk/browser/src/server.zig:111:26: 0x31839bc in run (lightpanda)
            self.readLoop(socket, timeout_ms) catch |err| {
                         ^
/home/pierre/wrk/browser/src/main.zig:142:23: 0x31be511 in run (lightpanda)
            server.run(address, timeout) catch |err| {
                      ^
/home/pierre/wrk/browser/src/main.zig:46:8: 0x31c01e3 in main (lightpanda)
    run(alloc) catch |err| {
       ^
/usr/local/zig-0.15.1/lib/std/start.zig:627:37: 0x31c09bd in main (lightpanda)
            const result = root.main() catch |err| {
                                    ^
../sysdeps/nptl/libc_start_call_main.h:58:16: 0x72165622a1c9 in __libc_start_call_main (../sysdeps/x86/libc-start.c)
../csu/libc-start.c:360:3: 0x72165622a28a in __libc_start_main_impl (../sysdeps/x86/libc-start.c)
???:?:?: 0x294c024 in ??? (???)
???:?:?: 0x0 in ??? (???)
run
└─ run exe lightpanda failure
error: the following command terminated unexpectedly:
./.zig-cache/o/84f9c4fd4a9a28567aebbb9f2fab8dec/lightpanda serve --port 9223 --http_proxy http://127.0.0.1:3000 --log_level debug

@krichprollsch krichprollsch self-assigned this Sep 16, 2025
@krichprollsch krichprollsch added the bug Something isn't working label Sep 16, 2025
@krichprollsch krichprollsch changed the title Fix auth interception overflow Fix auth interception integer overflow Sep 16, 2025
@krichprollsch krichprollsch force-pushed the fix-auth-interception-overflow branch 2 times, most recently from 622192c to 8856b29 Compare September 16, 2025 14:15
@krichprollsch krichprollsch force-pushed the fix-auth-interception-overflow branch from 8856b29 to eae8a90 Compare September 16, 2025 14:24
@krichprollsch krichprollsch merged commit 59b4033 into main Sep 16, 2025
10 checks passed
@krichprollsch krichprollsch deleted the fix-auth-interception-overflow branch September 16, 2025 14:31
@github-actions github-actions bot locked and limited conversation to collaborators Sep 16, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@karlseguin karlseguin karlseguin approved these changes

Assignees

@krichprollsch krichprollsch

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@krichprollsch @karlseguin