Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crash parsing invalid file URI #3286

Closed
2 tasks done
secsys-go opened this issue Sep 28, 2022 · 3 comments
Closed
2 tasks done

Crash parsing invalid file URI #3286

secsys-go opened this issue Sep 28, 2022 · 3 comments
Labels
duplicate This issue or pull request already exists

Comments

@secsys-go
Copy link

Checklist

  • I have searched the issue tracker for open issues that relate to the same problem, before opening a new one.
  • This issue only relates to a single bug. I will open new issues for any other problems.

Describe the bug

We used the Fuzz engine to modify some Test(TestInMemoryRepositoryCanRead) data, and then the following crash appeared. It's similar to #3275, but crashes in a different location

How to reproduce

The simplified test code is in Example code

Screenshots

Crash Log

panic: runtime error: slice bounds out of range [2:1] [recovered]
        panic: runtime error: slice bounds out of range [2:1]

goroutine 21 [running]:
testing.tRunner.func1.2({0x6f8480, 0xc000166348})
        /home/zjx/.local/go/src/testing/testing.go:1211 +0x24e
testing.tRunner.func1()
        /home/zjx/.local/go/src/testing/testing.go:1214 +0x218
panic({0x6f8480, 0xc000166348})
        /home/zjx/.local/go/src/runtime/panic.go:1038 +0x215
github.com/fredbi/uri.parseAuthority({0xc00014d365, 0x5})
        /home/zjx/workspace/gowork/src/purelib/crashConfirm/fyne/vendor/github.com/fredbi/uri/uri.go:500 +0x5ad
github.com/fredbi/uri.parse({0xc00014d360, 0xc00014d354}, 0x0)
        /home/zjx/workspace/gowork/src/purelib/crashConfirm/fyne/vendor/github.com/fredbi/uri/uri.go:218 +0x2a7
github.com/fredbi/uri.Parse(...)
        /home/zjx/workspace/gowork/src/purelib/crashConfirm/fyne/vendor/github.com/fredbi/uri/uri.go:159
fyne.io/fyne/v2/storage/repository.ParseURI({0x715156, 0xa})
        /home/zjx/workspace/gowork/src/purelib/crashConfirm/fyne/storage/repository/parse.go:94 +0x3f9
fyne.io/fyne/v2/storage.ParseURI(...)
        /home/zjx/workspace/gowork/src/purelib/crashConfirm/fyne/storage/uri.go:35
fyne.io/fyne/v2/internal/repository.TestInMemoryRepositoryCanRead(0x0)
        /home/zjx/workspace/gowork/src/purelib/crashConfirm/fyne/internal/repository/memory_test.go:132 +0x165

Example code

//part of the Test Code
	m := NewInMemoryRepository("/0[")
	repository.Register("]:/", m)
	m.Data["/foo"] = []byte{}
	m.Data["/bar"] = []byte{1, 2, 3}

	foo, _ := storage.ParseURI("/0[]://0[]")

Fyne version

commit 638ae24 (HEAD -> master, origin/master, origin/HEAD)

Go compiler version

1.17.8

Operating system

Linux

Operating system version

OS: Linux r920 4.15.0-159-generic #167-Ubuntu

Additional Information

No response
@secsys-go secsys-go added the unverified A bug that has been reported but not verified label Sep 28, 2022
@andydotxyz
Copy link
Member

andydotxyz commented Sep 28, 2022
edited
Loading

Pretty sure this is a duplicate of #3275

@andydotxyz andydotxyz added duplicate This issue or pull request already exists and removed unverified A bug that has been reported but not verified labels Sep 28, 2022
@secsys-go
Copy link
Author

I have checked the previously fixed #3275 on the develop branch. But I found that the parsing error of this issue can still be triggered on develop branch. The two are different root causes

Example code

func TestParseInvalidURI(t *testing.T) {
    ParseURI("/0[]://0[]")// add for tmp verify
    
    uri, err := ParseURI("/tmp/foo.txt")
    assert.NotNil(t, err)
    assert.Nil(t, uri)
    
    uri, err = ParseURI("file")
    assert.NotNil(t, err)
    assert.Nil(t, uri)
    
    uri, err = ParseURI("file:")
    assert.NotNil(t, err)
    assert.Nil(t, uri)
    
    uri, err = ParseURI("file://")
    assert.NotNil(t, err)
    assert.Nil(t, uri)
    
    uri, err = ParseURI(":foo")
    assert.NotNil(t, err)
    assert.Nil(t, uri)
}

Crash Log

panic: runtime error: slice bounds out of range [2:1] [recovered]
	panic: runtime error: slice bounds out of range [2:1]

goroutine 6 [running]:
testing.tRunner.func1.2({0x11dfaa0, 0xc00001e3d8})
	/Users/x/sdk/go1.19/src/testing/testing.go:1396 +0x24e
testing.tRunner.func1()
	/Users/x/sdk/go1.19/src/testing/testing.go:1399 +0x39f
panic({0x11dfaa0, 0xc00001e3d8})
	/Users/x/sdk/go1.19/src/runtime/panic.go:884 +0x212
github.com/fredbi/uri.parseAuthority({0xc000025565?, 0xa?})
	/Users/x/Downloads/projs/tmpProj/fyne/vendor/github.com/fredbi/uri/uri.go:538 +0x5cd
github.com/fredbi/uri.parse({0xc000025560, 0xa}, 0x0)
	/Users/x/Downloads/projs/tmpProj/fyne/vendor/github.com/fredbi/uri/uri.go:254 +0x2df
github.com/fredbi/uri.Parse(...)
	/Users/x/Downloads/projs/tmpProj/fyne/vendor/github.com/fredbi/uri/uri.go:195
fyne.io/fyne/v2/storage/repository.ParseURI({0x11f2662, 0xa})
	/Users/x/Downloads/projs/tmpProj/fyne/storage/repository/parse.go:96 +0x3d9
fyne.io/fyne/v2/storage/repository.TestParseInvalidURI(0x0?)
	/Users/x/Downloads/projs/tmpProj/fyne/storage/repository/parse_test.go:29 +0x2e
testing.tRunner(0xc0001449c0, 0x121af60)
	/Users/x/sdk/go1.19/src/testing/testing.go:1446 +0x10b
created by testing.(*T).Run
	/Users/x/sdk/go1.19/src/testing/testing.go:1493 +0x35f

version
4b95533

@andydotxyz
Copy link
Member

Sadly your new parse error is a bug in the parser upstream, I will try to open a PR with them @secsys-go

andydotxyz added a commit to andydotxyz/uri that referenced this issue Nov 15, 2022
@andydotxyz
Fix crash in parsing invalid IPV6
38ffd64 
Mentioned in fyne-io/fyne#3286
@andydotxyz andydotxyz mentioned this issue Nov 15, 2022
Merged
andydotxyz added a commit that referenced this issue Nov 21, 2022
@andydotxyz
Update URI package to fix more corner cases
9eececc 
Noted in #3286
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
duplicate This issue or pull request already exists
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@andydotxyz @secsys-go