Open jdstrand opened 1 month ago
An external reporter sent an issue in for an InfluxQL crash in influx-cli. Tested with influxdb2 2.7.6-1 and influxdb2-cli 2.7.5-1 on Ubuntu 20.04 LTS amd64.
$ export V1AUTH=$(echo -n "anything:$TOKEN" | base64 --wrap 0) # generate some line protocol $ cat > file.lp <<EOM t0,t0_tag0=initTag t0_f0=0i 1715694000 t0,t0_tag0=initTag t0_f0=1i 1715694001 t0,t0_tag1=initTag t0_f0=0i 1715694000 EOM # write $ curl -H "Authorization: Basic $V1AUTH" -X POST "$URL/write?db=test1&precision=s" --data-binary @./file.lp $
Simple query works:
$ influx v1 shell --host $URL --token $TOKEN InfluxQL Shell dev Connected to InfluxDB OSS v2.7.6 > USE test1 > select * from t0 Interactive Table View (press q to exit mode, shift+up/down to navigate tables): Name: t0 ┏━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━┳━━━━━━━━━┳━━━━━━━━━┓ ┃ index ┃ time ┃ t0_f0 ┃ t0_tag0 ┃ t0_tag1 ┃ ┣━━━━━━━╋━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╋━━━━━━━━━━━━━━╋━━━━━━━━━╋━━━━━━━━━┫ ┃ 1┃ 1715694000000000000.0000000000┃ 0.0000000000┃initTag ┃ <nil>┃ ┃ 2┃ 1715694000000000000.0000000000┃ 0.0000000000┃<nil> ┃ initTag┃ ┃ 3┃ 1715694001000000000.0000000000┃ 1.0000000000┃initTag ┃ <nil>┃ ┣━━━━━━━┻━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┻━━━━━━━━━━━━━━┻━━━━━━━━━┻━━━━━━━━━┫ ┃ 5 Columns, 3 Rows, Page 1/1┃ ┃ Table 1/1, Statement 1/1┃ ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
This one crashes:
$ influx v1 shell --host $URL --token $TOKEN InfluxQL Shell dev Connected to InfluxDB OSS v2.7.6 > USE test1 > SELECT * FROM test1.autogen.t0 WHERE ((2514049662u) ^ (((0) != (201203873)) OR (''))) GROUP BY t1_tag0, t1_f0 ORDER BY DESC LIMIT 2147483647 panic: runtime error: slice bounds out of range [:-2] [recovered] panic: close of nil channel goroutine 1 [running]: github.com/charmbracelet/bubbletea.(*standardRenderer).kill.func1() /go/pkg/mod/github.com/charmbracelet/bubbletea@v0.21.0/standard_renderer.go:91 +0x1b sync.(*Once).doSlow(0xe2a380?, 0xc000078028?) /go/src/sync/once.go:74 +0xbf sync.(*Once).Do(...) /go/src/sync/once.go:65 github.com/charmbracelet/bubbletea.(*standardRenderer).kill(0xc0002180a0) /go/pkg/mod/github.com/charmbracelet/bubbletea@v0.21.0/standard_renderer.go:90 +0x92 github.com/charmbracelet/bubbletea.(*Program).shutdown(0xc0003a8000, 0x0?) /go/pkg/mod/github.com/charmbracelet/bubbletea@v0.21.0/tea.go:584 +0x42 github.com/charmbracelet/bubbletea.(*Program).StartReturningModel.func3() /go/pkg/mod/github.com/charmbracelet/bubbletea@v0.21.0/tea.go:369 +0x45 panic({0xc6dbe0?, 0xc000384060?}) /go/src/runtime/panic.go:920 +0x270 github.com/influxdata/influx-cli/v2/clients/v1_shell.Model.Init({{0xc0003a406c, 0x2}, 0xc0003800c0, 0x1, 0x1, 0x1, 0x1, {0xc0003a0000, 0x3, 0x3}, ...}) /root/project/clients/v1_shell/table_model.go:180 +0x4b0 github.com/charmbracelet/bubbletea.(*Program).StartReturningModel(0xc0003a8000) /go/pkg/mod/github.com/charmbracelet/bubbletea@v0.21.0/tea.go:400 +0x6cd github.com/influxdata/influx-cli/v2/clients/v1_shell.(*Client).outputTable(0xc000278b60, {0xc000386030}) /root/project/clients/v1_shell/v1_shell.go:662 +0x4cb github.com/influxdata/influx-cli/v2/clients/v1_shell.(*Client).runAndShowQuery(0xc000278b60, {0xc0004bf680?, 0xe27dc8?}) /root/project/clients/v1_shell/v1_shell.go:369 +0x525 github.com/influxdata/influx-cli/v2/clients/v1_shell.(*Client).executor(0xc000278b60, {0xc0004bf680, 0x8d}) /root/project/clients/v1_shell/v1_shell.go:214 +0x5e5 github.com/influxdata/go-prompt.(*Prompt).Run(0xc00030e120) /go/pkg/mod/github.com/influxdata/go-prompt@v0.2.8/prompt.go:84 +0x73f github.com/influxdata/influx-cli/v2/clients/v1_shell.(*Client).Create(0xc000278b60, {0xe2f620, 0xc000260820}) /root/project/clients/v1_shell/v1_shell.go:168 +0x4eb main.newV1ShellCmd.func1(0xc0001aa840) /root/project/cmd/influx/v1_shell.go:41 +0x35a github.com/urfave/cli.HandleAction({0xbbbe20?, 0xc000010798?}, 0x5?) /go/pkg/mod/github.com/urfave/cli@v1.22.5/app.go:524 +0x50 github.com/urfave/cli.Command.Run({{0xccd4d2, 0x5}, {0x0, 0x0}, {0x0, 0x0, 0x0}, {0xce71db, 0x17}, {0x0, ...}, ...}, ...) /go/pkg/mod/github.com/urfave/cli@v1.22.5/command.go:173 +0x63e github.com/urfave/cli.(*App).RunAsSubcommand(0xc000264380, 0xc0001aa580) /go/pkg/mod/github.com/urfave/cli@v1.22.5/app.go:405 +0xdc7 github.com/urfave/cli.Command.startApp({{0xccbff7, 0x2}, {0x0, 0x0}, {0x0, 0x0, 0x0}, {0xcf0771, 0x1f}, {0x0, ...}, ...}, ...) /go/pkg/mod/github.com/urfave/cli@v1.22.5/command.go:372 +0xb58 github.com/urfave/cli.Command.Run({{0xccbff7, 0x2}, {0x0, 0x0}, {0x0, 0x0, 0x0}, {0xcf0771, 0x1f}, {0x0, ...}, ...}, ...) /go/pkg/mod/github.com/urfave/cli@v1.22.5/command.go:102 +0x7e5 github.com/urfave/cli.(*App).Run(0xc0001fe540, {0xc00023df10, 0x6, 0x7}) /go/pkg/mod/github.com/urfave/cli@v1.22.5/app.go:277 +0xb07 main.main() /root/project/cmd/influx/main.go:124 +0xc6
So does this one when pressing 'shift+down arrow' to page down:
$ influx v1 shell --host $URL --token $TOKEN InfluxQL Shell dev Connected to InfluxDB OSS v2.7.6 > USE test1 > SELECT * FROM test1.autogen.t0 WHERE ((2514049662u) ^ (((0) != (201203873)) OR (''))) GROUP BY t0_tag0 ORDER BY DESC LIMIT 2147483647 panic: runtime error: slice bounds out of range [:-2] [recovered] panic: close of nil channel goroutine 1 [running]: github.com/charmbracelet/bubbletea.(*standardRenderer).kill.func1() /go/pkg/mod/github.com/charmbracelet/bubbletea@v0.21.0/standard_renderer.go:91 +0x1b sync.(*Once).doSlow(0xe2a380?, 0xc000078028?) /go/src/sync/once.go:74 +0xbf sync.(*Once).Do(...) /go/src/sync/once.go:65 github.com/charmbracelet/bubbletea.(*standardRenderer).kill(0xc0001441e0) /go/pkg/mod/github.com/charmbracelet/bubbletea@v0.21.0/standard_renderer.go:90 +0x92 github.com/charmbracelet/bubbletea.(*Program).shutdown(0xc0000dc420, 0x0?) /go/pkg/mod/github.com/charmbracelet/bubbletea@v0.21.0/tea.go:584 +0x42 github.com/charmbracelet/bubbletea.(*Program).StartReturningModel.func3() /go/pkg/mod/github.com/charmbracelet/bubbletea@v0.21.0/tea.go:369 +0x45 panic({0xc6dbe0?, 0xc000028390?}) /go/src/runtime/panic.go:920 +0x270 github.com/influxdata/influx-cli/v2/clients/v1_shell.Model.Init({{0xc000122118, 0x2}, 0xc0001bb440, 0x1, 0x1, 0x2, 0x2, {0xc0002a4450, 0x1, 0x1}, ...}) /root/project/clients/v1_shell/table_model.go:180 +0x4b0 github.com/charmbracelet/bubbletea.(*Program).StartReturningModel(0xc0000dc420) /go/pkg/mod/github.com/charmbracelet/bubbletea@v0.21.0/tea.go:400 +0x6cd github.com/influxdata/influx-cli/v2/clients/v1_shell.(*Client).outputTable(0xc000103040, {0xc00012c048}) /root/project/clients/v1_shell/v1_shell.go:662 +0x4cb github.com/influxdata/influx-cli/v2/clients/v1_shell.(*Client).runAndShowQuery(0xc000103040, {0xc00027a000?, 0xe27dc8?}) /root/project/clients/v1_shell/v1_shell.go:369 +0x525 github.com/influxdata/influx-cli/v2/clients/v1_shell.(*Client).executor(0xc000103040, {0xc00027a000, 0x86}) /root/project/clients/v1_shell/v1_shell.go:214 +0x5e5 github.com/influxdata/go-prompt.(*Prompt).Run(0xc00029e120) /go/pkg/mod/github.com/influxdata/go-prompt@v0.2.8/prompt.go:84 +0x73f github.com/influxdata/influx-cli/v2/clients/v1_shell.(*Client).Create(0xc000103040, {0xe2f620, 0xc000114000}) /root/project/clients/v1_shell/v1_shell.go:168 +0x4eb main.newV1ShellCmd.func1(0xc000136160) /root/project/cmd/influx/v1_shell.go:41 +0x35a github.com/urfave/cli.HandleAction({0xbbbe20?, 0xc000010798?}, 0x5?) /go/pkg/mod/github.com/urfave/cli@v1.22.5/app.go:524 +0x50 github.com/urfave/cli.Command.Run({{0xccd4d2, 0x5}, {0x0, 0x0}, {0x0, 0x0, 0x0}, {0xce71db, 0x17}, {0x0, ...}, ...}, ...) /go/pkg/mod/github.com/urfave/cli@v1.22.5/command.go:173 +0x63e github.com/urfave/cli.(*App).RunAsSubcommand(0xc000124000, 0xc0001aa580) /go/pkg/mod/github.com/urfave/cli@v1.22.5/app.go:405 +0xdc7 github.com/urfave/cli.Command.startApp({{0xccbff7, 0x2}, {0x0, 0x0}, {0x0, 0x0, 0x0}, {0xcf0771, 0x1f}, {0x0, ...}, ...}, ...) /go/pkg/mod/github.com/urfave/cli@v1.22.5/command.go:372 +0xb58 github.com/urfave/cli.Command.Run({{0xccbff7, 0x2}, {0x0, 0x0}, {0x0, 0x0, 0x0}, {0xcf0771, 0x1f}, {0x0, ...}, ...}, ...) /go/pkg/mod/github.com/urfave/cli@v1.22.5/command.go:102 +0x7e5 github.com/urfave/cli.(*App).Run(0xc0001fe540, {0xc00023ff10, 0x6, 0x7}) /go/pkg/mod/github.com/urfave/cli@v1.22.5/app.go:277 +0xb07 main.main() /root/project/cmd/influx/main.go:124 +0xc6
This is not considered security relevant as it is a crash in an interactive CLI tool where the tool is aborting and not under attacker control.
cc @powersj
An external reporter sent an issue in for an InfluxQL crash in influx-cli. Tested with influxdb2 2.7.6-1 and influxdb2-cli 2.7.5-1 on Ubuntu 20.04 LTS amd64.
Simple query works:
This one crashes:
So does this one when pressing 'shift+down arrow' to page down:
This is not considered security relevant as it is a crash in an interactive CLI tool where the tool is aborting and not under attacker control.