index out of range panic

Question

index out of range panic

dvyukov opened this issue 10 years ago · 2 comments

The following program crashes with a panic:

package main

import "github.com/golang/snappy/snappy"

func main() {
    data := []byte("\xff\xff\xff\xff\xff\xff\xff\xff\xec0")
    n, err := snappy.DecodedLen(data)
    if err != nil || n > 1e6 {
        return
    }
    dec, err := snappy.Decode(nil, data)
    if err != nil {
        if dec != nil {
            panic("dec is not nil")
        }
        return
    }
    if len(dec) != n {
        println(len(dec), n)
        panic("bad decoded len")
    }
    n = snappy.MaxEncodedLen(len(dec))
    enc, err := snappy.Encode(nil, dec)
    if err != nil {
        panic(err)
    }
    if len(enc) > n {
        panic("bad encoded len")
    }
}

panic: runtime error: index out of range

goroutine 1 [running]:
github.com/golang/snappy/snappy.Decode(0x0, 0x0, 0x0, 0xc208041f00, 0xa, 0x20, 0x0, 0x0, 0x0, 0x0, ...)
    src/github.com/golang/snappy/snappy/decode.go:54 +0xaca
main.main()
    snappy.go:11 +0xf6

on commit 156a073

Answer 1 · 2015-05-27T09:48:43.000Z

Also, on this input DecodedLen returns a negative size. It must not return negative size, it must return an error instead.

Answer 2 · 2015-05-27T09:52:59.000Z

Also, decodedLen does not check error condition returned by binary.Uvarint.