search

Mrs4s / go-cqhttp

cqhttp的golang实现,轻量、原生跨平台.
GNU Affero General Public License v3.0
10.41k stars 1.63k forks source link

[Bug]: slice bounds out of range #2399

Closed KewenCode closed 1 year ago

KewenCode commented 1 year ago

请确保您已阅读以上注意事项,并勾选下方的确认框。

go-cqhttp 版本

1.1.7-7346b61

运行环境

其它(请在下方说明)

运行架构

ARM [64] (别名:AArch64 / ARMv8)

连接方式

HTTP

使用协议

6 | aPad

重现步骤

在Armbian下分别使用./go-cqhttp-xx和docker运行1.1.7 #2353 的编译版(该分支在最新dev基础上修改) 测试对接公用签名和本地签名以后,都出现了slice bounds out of range提示 在win64下测试也是同样问题(有概率造成签名实例无法注销,需要重启签名)

[2023-08-22` 22:06:23] [INFO]: 当前版本:7346b61 
[2023-08-22 22:06:23] [WARNING]: 已开启Debug模式. 
[2023-08-22 22:06:23] [INFO]: 将使用 device.json 内的设备信息运行Bot. 
[2023-08-22 22:06:23] [INFO]: 使用服务器 https://qsign.dev/8970 进行数据包签名 
[2023-08-22 22:06:30] [INFO]: 连接至签名服务器: https://qsign.dev/8970 
[2023-08-22 22:06:33] [INFO]: 注册QQ实例 28 成功: The QQ has already loaded an instance, so this time it is deleting the existing instance and creating a new one. 
[2023-08-22 22:06:33] [INFO]: Bot将在5秒后登录并开始信息处理, 按 Ctrl+C 取消. 
[2023-08-22 22:06:33] [INFO]: 每 30 分钟将刷新一次签名 token 
[2023-08-22 22:06:38] [INFO]: 开始尝试登录并同步消息... 
[2023-08-22 22:06:38] [INFO]: 使用协议: Android Pad 8.9.63.11390 
[2023-08-22 22:06:39] [INFO]: 从文件 data/versions/6.json 读取协议版本 Android Pad 8.9.70.11635. 
[2023-08-22 22:06:39] [INFO]: Protocol -> connect to server: [::ffff:180.101.246.123]:14000 
[2023-08-22 22:06:41] [DEBUG]: Protocol -> rev pkt: wtlogin.exchange_emp seq: 54892 
[2023-08-22 22:06:41] [WARNING]: Protocol -> device lock is disabled. HTTP API may fail. 
[2023-08-22 22:06:41] [DEBUG]: Protocol -> rev pkt: StatSvc.register seq: 54894 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: ProfileService.Pb.ReqSystemMsgNew.Group seq: 54895 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: ProfileService.Pb.ReqSystemMsgNew.Group seq: 54896 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: RegPrxySvc.GetMsgV2 seq: -1289477596 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: RegPrxySvc.getOffMsg seq: 54897 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: RegPrxySvc.PushParam seq: -1289477595 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: RegPrxySvc.PushParam seq: -1289477594 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: RegPrxySvc.PbGetMsg seq: -1289477593 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: RegPrxySvc.NoticeEnd seq: -1289477592 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: StatSvc.GetDevLoginInfo seq: 54899 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: StatSvc.GetDevLoginInfo seq: 54900 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: MessageSvc.PbGetMsg seq: 54898 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: MessageSvc.PbDeleteMsg seq: 54901 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: trpc.o3.ecdh_access.EcdhAccess.SsoSecureA2Establish seq: 54893 
[2023-08-22 22:06:42] [INFO]: submit sign: uin=28, cmd=trpc.o3.ecdh_access.EcdhAccess.SsoSecureA2Establish, callbackID=0, buffer=[10 135 2 179 115 198 138 190 81 20 218 224 61 7 55 47 60 138 243 84 86 96 202 184 155 233 125 198 50 68 165 106 40 142 167 241 42 135 75 251 53 31 30 52 212 65 87 126 69 31 72 45 138 197 229 148 230 95 77 26 72 108 63 202]... 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: trpc.group_pro.synclogic.SyncLogic.SyncFirstView seq: 54902 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: trpc.group_pro.synclogic.SyncLogic.PushFirstView seq: -1289477096 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: trpc.group_pro.synclogic.SyncLogic.PushFirstView seq: -1289477096 
[2023-08-22 22:06:42] [DEBUG]: Protocol -> rev pkt: OidbSvcTrpcTcp.0xfc9_1 seq: 54903 
[2023-08-22 22:06:42] [INFO]: 正在检查协议更新... 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> rev pkt: ConfigPushSvc.PushReq seq: -575241143 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> got new server addr: 180.110.193.149 location: sh 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> got new server addr: 42.81.192.158 location: tj 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> got new server addr: 183.47.99.24 location: sz 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> got new server addr: 49.7.253.45 location: tj 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> got new server addr: 180.109.192.57 location: sh 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> got new server addr: 183.47.102.193 location: sz 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> got new server addr: 49.7.253.214 location: tj 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> got new server addr: 121.229.94.168 location: sh 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> got new server addr: 42.81.192.158 location: tj 
[2023-08-22 22:06:44] [INFO]: 收到服务器地址更新通知, 将在下一次重连时应用.  
[2023-08-22 22:06:44] [DEBUG]: Protocol -> rev pkt: ConfigPushSvc.PushDomain seq: -575240713 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> Unhandled Command: ConfigPushSvc.PushDomain
Seq: 34295
This message can be ignored. 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> rev pkt: ConfigPushSvc.PushReq seq: -575240715 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> got file storage svc push. 
[2023-08-22 22:06:44] [INFO]: 检测到协议更新: 8.9.70.11635 -> 8.9.63.11390 
[2023-08-22 22:06:44] [INFO]: 如果登录时出现版本过低错误, 可尝试使用 -update-protocol 参数启动 
[2023-08-22 22:06:44] [INFO]: 登录成功 欢迎使用: 
[2023-08-22 22:06:44] [INFO]: 开始加载好友列表... 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> rev pkt: friendlist.getFriendGroupList seq: 54906 
[2023-08-22 22:06:44] [INFO]: 共加载 3 个好友. 
[2023-08-22 22:06:44] [INFO]: 开始加载群列表... 
[2023-08-22 22:06:44] [DEBUG]: Protocol -> rev pkt: friendlist.GetTroopListReqV2 seq: 54907 
[2023-08-22 22:06:45] [DEBUG]: Protocol -> rev pkt: friendlist.GetTroopMemberListReq seq: 54908 
[2023-08-22 22:06:45] [INFO]: 共加载 1 个群. 
[2023-08-22 22:06:45] [DEBUG]: Protocol -> rev pkt: StatSvc.SetStatusFromClient seq: 54909 
[2023-08-22 22:06:45] [INFO]: 资源初始化完成, 开始处理信息. 
[2023-08-22 22:06:45] [INFO]: アトリは、高性能ですから! 
[2023-08-22 22:06:45] [INFO]: 正在检查更新. 
[2023-08-22 22:06:45] [INFO]: CQ WebSocket 服务器已启动: [::]:15203 
[2023-08-22 22:06:45] [INFO]: CQ HTTP 服务器已启动: [::]:15202 
[2023-08-22 22:06:45] [DEBUG]: Protocol -> rev pkt: OnlinePush.ReqPush seq: -1518996401 
[2023-08-22 22:06:46] [WARNING]: 检查更新失败! 
[2023-08-22 22:06:46] [INFO]: 检查更新完成. 当前已运行最新版本. 
[2023-08-22 22:06:46] [INFO]: 开始诊断网络情况 
[2023-08-22 22:06:46] [DEBUG]: Protocol -> rev pkt: trpc.o3.ecdh_access.EcdhAccess.SsoSecureA2Establish seq: 54905 
[2023-08-22 22:06:46] [INFO]: submit sign: uin=28, cmd=trpc.o3.ecdh_access.EcdhAccess.SsoSecureA2Establish, callbackID=1, buffer=[10 134 1 5 113 61 175 159 248 85 130 44 54 54 222 108 179 247 89 152 234 99 152 245 193 99 217 31 174 84 74 90 84 140 58 155 192 244 158 234 52 234 228 232 125 60 203 11 167 196 147 160 173 179 3 50 21 140 193 108 100 30 44 3]... 
[2023-08-22 22:06:48] [DEBUG]: 聊天服务器连接延迟: 26ms 
[2023-08-22 22:06:48] [DEBUG]: 聊天服务器丢包率: 0% 
[2023-08-22 22:06:48] [DEBUG]: 长消息服务器连接延迟: 7ms 
[2023-08-22 22:06:48] [DEBUG]: 长消息服务器响应延迟: 55ms 
[2023-08-22 22:06:48] [DEBUG]: 媒体服务器连接延迟: 10ms 
[2023-08-22 22:06:48] [DEBUG]: 媒体服务器丢包率: 0% 
[2023-08-22 22:06:48] [INFO]: 网络诊断完成. 未发现问题 
[2023-08-22 22:06:49] [DEBUG]: Protocol -> rev pkt: trpc.o3.ecdh_access.EcdhAccess.SsoSecureA2Establish seq: 54910 
[2023-08-22 22:06:49] [INFO]: submit sign: uin=28, cmd=trpc.o3.ecdh_access.EcdhAccess.SsoSecureA2Establish, callbackID=2, buffer=[10 148 1 58 6 20 163 221 89 107 65 207 57 49 144 217 46 225 27 175 138 122 109 41 236 220 190 10 40 64 30 99 113 241 194 65 144 14 245 248 76 23 120 19 86 152 227 205 98 130 122 5 229 106 217 9 37 154 145 6 92 39 107 199]... 
[2023-08-22 22:06:51] [DEBUG]: Protocol -> rev pkt: trpc.o3.ecdh_access.EcdhAccess.SsoSecureA2Access seq: 54911 
panic: runtime error: slice bounds out of range [:4] with capacity 2

goroutine 311 [running]:
github.com/Mrs4s/go-cqhttp/cmd/gocq.signSubmit({0x400052a5c0, 0xa}, {0x40003d22e8, 0x30}, 0xa8?, {0x400052a010, 0x2, 0x2}, {0x6706ce, 0x4})
    github.com/Mrs4s/go-cqhttp/cmd/gocq/login.go:322 +0x47c
github.com/Mrs4s/go-cqhttp/cmd/gocq.signCallback({0x400052a5c0, 0xa}, {0x40000cc820?, 0x1, 0x4000221500?}, {0x6706ce, 0x4})
    github.com/Mrs4s/go-cqhttp/cmd/gocq/login.go:343 +0x6c
created by github.com/Mrs4s/go-cqhttp/cmd/gocq.signRequset
    github.com/Mrs4s/go-cqhttp/cmd/gocq/login.go:371 +0x8f8

期望的结果是什么?

修复问题

实际的结果是什么?

slice bounds out of range

简单的复现代码/链接(可选)

No response

日志记录(可选)

No response

补充说明(可选)

No response

1umine commented 1 year ago

https://github.com/Mrs4s/go-cqhttp/blob/dev/cmd/gocq/login.go#L314-L321

buffStr := hex.EncodeToString(buffer)
tail := 64
endl := "..."
if len(buffStr) < tail {
    tail = len(buffStr)
    endl = "."
}
log.Infof("submit %v: uin=%v, cmd=%v, callbackID=%v, buffer=%v%s", t, uin, cmd, callbackID, buffer[:tail], endl)

log时用了buffer而不是buffStr,导致出错,https://github.com/Mrs4s/go-cqhttp/pull/2389/commits/4b3232af282b9ba05d765ae58ac5efec2a2e3a9c 修了

Dreamail commented 1 year ago

4b3232a好像没有合并进dev

1umine commented 1 year ago

4b3232a好像没有合并进dev

在我的pr的commit里,现在还没合,要用的话我的 action 里有

Dreamail commented 1 year ago

我以为是丢了(