[pulsar-client-go] branch master updated: Fix slice bounds out of range for readSingleMessage (#709)

Thu, 13 Jan 2022 23:33:12 -0800 

This is an automated email from the ASF dual-hosted git repository.

yong pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar-client-go.git


The following commit(s) were added to refs/heads/master by this push:
     new 244facf  Fix slice bounds out of range for readSingleMessage (#709)
244facf is described below

commit 244facfe21a8dfed5be617347e8113459344f77b
Author: xiaolong ran <[email protected]>
AuthorDate: Fri Jan 14 15:31:00 2022 +0800

    Fix slice bounds out of range for readSingleMessage (#709)
    
    Signed-off-by: xiaolongran <[email protected]>
    
    Fixes #702
    
    ### Motivation
    
    
    As #702 desc, In some scenarios, when the `Read(size uint32) []byte` 
interface in **Buffer** is called, the panic of a slice out of bounds may 
occur. So in this pr, the judgment of boundary conditions is added. When the 
slice is out of bounds, a `CommandAck_BatchDeSerializeError` error will be sent 
to the Broker to avoid the Go SDK process being down due to the panic.
    
    
![image](https://user-images.githubusercontent.com/20965307/149326745-f12559ea-4909-47a0-97c1-1cff52602709.png)
    
    After adding the current logic, the effect of execution is as follows:
    
    
    
    
![image](https://user-images.githubusercontent.com/20965307/149327302-62c0a641-38fd-4f26-93d6-92dfc18e2724.png)
    
    
    
    ### Modifications
    
    - Add logic to check slice boundaries for `Read()` of Buffer
---
 pulsar/consumer_partition.go | 2 +-
 pulsar/internal/buffer.go    | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/pulsar/consumer_partition.go b/pulsar/consumer_partition.go
index d438b87..1d95c42 100644
--- a/pulsar/consumer_partition.go
+++ b/pulsar/consumer_partition.go
@@ -585,7 +585,7 @@ func (pc *partitionConsumer) MessageReceived(response 
*pb.CommandMessage, header
 
        for i := 0; i < numMsgs; i++ {
                smm, payload, err := reader.ReadMessage()
-               if err != nil {
+               if err != nil || payload == nil {
                        pc.discardCorruptedMessage(pbMsgID, 
pb.CommandAck_BatchDeSerializeError)
                        return err
                }
diff --git a/pulsar/internal/buffer.go b/pulsar/internal/buffer.go
index c6d007d..f3b8fe6 100644
--- a/pulsar/internal/buffer.go
+++ b/pulsar/internal/buffer.go
@@ -19,6 +19,8 @@ package internal
 
 import (
        "encoding/binary"
+
+       log "github.com/sirupsen/logrus"
 )
 
 // Buffer is a variable-sized buffer of bytes with Read and Write methods.
@@ -110,6 +112,11 @@ func (b *buffer) IsWritable() bool {
 }
 
 func (b *buffer) Read(size uint32) []byte {
+       // Check []byte slice size, avoid slice bounds out of range
+       if b.readerIdx+size > uint32(len(b.data)) {
+               log.Errorf("The input size [%d] > byte slice of data size 
[%d]", b.readerIdx+size, len(b.data))
+               return nil
+       }
        res := b.data[b.readerIdx : b.readerIdx+size]
        b.readerIdx += size
        return res

Reply via email to