bug: out-of-bound access may crash the process
Closed this issue · 1 comments
gaukas commented
Problem
DecodeQUICHeaderAndFrames() crashed unexpectedly on line github.com/gaukas/clienthellod@v0.3.3/quic_header.go:119
Reason
There are out-of-bound access of slices in the program which crashes the Go program once caught by Golang.
Full Log
Jul 09 04:15:56 REDACTED caddy[26582]: panic: runtime error: slice bounds out of range [:20] with capacity 4
Jul 09 04:15:56 REDACTED caddy[26582]: goroutine 15 [running]:
Jul 09 04:15:56 REDACTED caddy[26582]: github.com/gaukas/clienthellod.DecodeQUICHeaderAndFrames({0xc000033808, 0x4b0, 0x7f8})
Jul 09 04:15:56 REDACTED caddy[26582]: github.com/gaukas/clienthellod@v0.3.3/quic_header.go:119 +0xcd7
Jul 09 04:15:56 REDACTED caddy[26582]: github.com/gaukas/clienthellod.ParseQUICCIP({0xc000033808, 0x4b0, 0x7f8})
Jul 09 04:15:56 REDACTED caddy[26582]: github.com/gaukas/clienthellod@v0.3.3/quic_client_initial_packet.go:27 +0x45
Jul 09 04:15:56 REDACTED caddy[26582]: github.com/gaukas/clienthellod/modcaddy/listener.(*ListenerWrapper).udpLoop(0xc000b7e2d0)
Jul 09 04:15:56 REDACTED caddy[26582]: github.com/gaukas/clienthellod@v0.3.3/modcaddy/listener/listener.go:121 +0xfc
Jul 09 04:15:56 REDACTED caddy[26582]: created by github.com/gaukas/clienthellod/modcaddy/listener.(*ListenerWrapper).Provision
Jul 09 04:15:56 REDACTED caddy[26582]: github.com/gaukas/clienthellod@v0.3.3/modcaddy/listener/listener.go:81 +0x2ac
Jul 09 04:15:56 REDACTED systemd[1]: caddy.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
Jul 09 04:15:56 REDACTED systemd[1]: caddy.service: Failed with result 'exit-code'.