You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
readPrelogin methods reads the data from transport and does not check if the packet data is received as expected. Currently it only checks for empty response. If driver received invalid packets, the driver will run in to panic with out of index error.
The driver can get invalid packets if transport is broken/disconnected.
To fix this issue, a new check to be added if expected packet length is received
struct_buf, err := ioutil.ReadAll(r)
if err != nil {
return nil, err
}
...
if len(struct_buf) == 0 {
return nil, errors.New("invalid empty PRELOGIN response, it must contain at least one byte")
}
offset := 0
results := map[uint8][]byte{}
for {
rec_type := struct_buf[offset]
if rec_type == preloginTERMINATOR {
break
}
rec_offset := binary.BigEndian.Uint16(struct_buf[offset+1:]) // will panic if packet is invalid
rec_len := binary.BigEndian.Uint16(struct_buf[offset+3:]) // will panic if packet is invalid
value := struct_buf[rec_offset : rec_offset+rec_len] // will panic if packet is invalid
results[rec_type] = value
offset += 5
}
Bug
readPrelogin methods reads the data from transport and does not check if the packet data is received as expected. Currently it only checks for empty response. If driver received invalid packets, the driver will run in to panic with out of index error.
The driver can get invalid packets if transport is broken/disconnected.
To fix this issue, a new check to be added if expected packet length is received
go-mssqldb/tds.go
Line 235 in 537893a
The text was updated successfully, but these errors were encountered: