panic: runtime error: index out of range in (*Decoder).any
gy741 opened this issue · 0 comments
gy741 commented
Hello.
I found a index out of range bug in djson.
Please confirm.
Thanks.
reproduce code:
package djson
import (
"testing"
)
func TestFuzzCrashers(t *testing.T) {
var crashers = []string{
"[[[[[[[[[-",
}
for _, f := range crashers {
Decode([]byte(f))
}
}
Crash Log
--- FAIL: TestFuzzCrashers (0.00s)
panic: runtime error: index out of range [recovered]
panic: runtime error: index out of range
goroutine 16 [running]:
panic(0x513c80, 0xc42000a120)
/usr/lib/go-1.7/src/runtime/panic.go:500 +0x1a1
testing.tRunner.func1(0xc4200689c0)
/usr/lib/go-1.7/src/testing/testing.go:579 +0x25d
panic(0x513c80, 0xc42000a120)
/usr/lib/go-1.7/src/runtime/panic.go:458 +0x243
github.com/a8m/djson.(*Decoder).any(0xc42003eec0, 0x0, 0x0, 0x5e90a8, 0x0)
/home/karas/go/src/github.com/a8m/djson/decode.go:135 +0x190
github.com/a8m/djson.(*Decoder).array(0xc420035eb0, 0x0, 0x0, 0x0, 0x0, 0xc42003e580)
/home/karas/go/src/github.com/a8m/djson/decode.go:339 +0xe5
github.com/a8m/djson.(*Decoder).any(0xc420035eb0, 0x0, 0x0, 0x5e90a8, 0x0)
/home/karas/go/src/github.com/a8m/djson/decode.go:174 +0x52f
github.com/a8m/djson.(*Decoder).array(0xc420035eb0, 0x0, 0x0, 0x0, 0x0, 0xc42003e6a0)
/home/karas/go/src/github.com/a8m/djson/decode.go:339 +0xe5
github.com/a8m/djson.(*Decoder).any(0xc420035eb0, 0x0, 0x0, 0x5e90a8, 0x0)
/home/karas/go/src/github.com/a8m/djson/decode.go:174 +0x52f
github.com/a8m/djson.(*Decoder).array(0xc420035eb0, 0x0, 0x0, 0x0, 0x0, 0xc42003e7c0)
/home/karas/go/src/github.com/a8m/djson/decode.go:339 +0xe5
github.com/a8m/djson.(*Decoder).any(0xc420035eb0, 0x0, 0x0, 0x5e90a8, 0x0)
/home/karas/go/src/github.com/a8m/djson/decode.go:174 +0x52f
github.com/a8m/djson.(*Decoder).array(0xc420035eb0, 0x5, 0x44, 0x0, 0x5cf2a0, 0xc42003e8e0)
/home/karas/go/src/github.com/a8m/djson/decode.go:339 +0xe5
github.com/a8m/djson.(*Decoder).any(0xc420035eb0, 0x0, 0x0, 0x5e90a8, 0x0)
/home/karas/go/src/github.com/a8m/djson/decode.go:174 +0x52f
github.com/a8m/djson.(*Decoder).array(0xc420035eb0, 0x0, 0x0, 0x0, 0x4b7c4c, 0xc42003ea00)
/home/karas/go/src/github.com/a8m/djson/decode.go:339 +0xe5
github.com/a8m/djson.(*Decoder).any(0xc420035eb0, 0x0, 0x0, 0x5e90a8, 0x0)
/home/karas/go/src/github.com/a8m/djson/decode.go:174 +0x52f
github.com/a8m/djson.(*Decoder).array(0xc420035eb0, 0xc42003eb48, 0x40eabe, 0xc420068068, 0xc42003eb98, 0xc420023b30)
/home/karas/go/src/github.com/a8m/djson/decode.go:339 +0xe5
github.com/a8m/djson.(*Decoder).any(0xc420035eb0, 0x0, 0x0, 0x5e90a8, 0x0)
/home/karas/go/src/github.com/a8m/djson/decode.go:174 +0x52f
github.com/a8m/djson.(*Decoder).array(0xc420035eb0, 0x0, 0x0, 0x0, 0x0, 0xc420023c50)
/home/karas/go/src/github.com/a8m/djson/decode.go:339 +0xe5
github.com/a8m/djson.(*Decoder).any(0xc420035eb0, 0x0, 0x0, 0x5e90a8, 0x0)
/home/karas/go/src/github.com/a8m/djson/decode.go:174 +0x52f
github.com/a8m/djson.(*Decoder).array(0xc420035eb0, 0x0, 0xc420023d58, 0x4ba55a, 0xc420068000, 0xc420023d70)
/home/karas/go/src/github.com/a8m/djson/decode.go:339 +0xe5
github.com/a8m/djson.(*Decoder).any(0xc420035eb0, 0x0, 0x0, 0x5e90a8, 0x0)
/home/karas/go/src/github.com/a8m/djson/decode.go:174 +0x52f
github.com/a8m/djson.(*Decoder).array(0xc420035eb0, 0x5cf2a0, 0x100c00000000000, 0x0, 0x10, 0xc420084170)
/home/karas/go/src/github.com/a8m/djson/decode.go:339 +0xe5
github.com/a8m/djson.(*Decoder).any(0xc420035eb0, 0x100, 0xc420084170, 0x10, 0xc420084170)
/home/karas/go/src/github.com/a8m/djson/decode.go:174 +0x52f
github.com/a8m/djson.Decode(0xc420084170, 0xa, 0x10, 0xc420084170, 0xa, 0x10, 0x66cc677)
/home/karas/go/src/github.com/a8m/djson/interface.go:83 +0x76
github.com/a8m/djson.TestFuzzCrashers(0xc4200689c0)
/home/karas/go/src/github.com/a8m/djson/fuzzer_test.go:14 +0x84
testing.tRunner(0xc4200689c0, 0x545fc0)
/usr/lib/go-1.7/src/testing/testing.go:610 +0x81
created by testing.(*T).Run
/usr/lib/go-1.7/src/testing/testing.go:646 +0x2ec
exit status 2
FAIL github.com/a8m/djson 0.007s