Open deepakprabhakara opened 7 years ago
When you set a query URI on the client that is greater than length 256 the server crashes with the following stacktrace:-
panic: runtime error: slice bounds out of range
goroutine 8 [running]: github.com/redsift/prism/vendor/github.com/zubairhamed/canopus.BytesToMessage(0xc4202be000, 0x50c, 0x5dc, 0x5dc, 0x50c, 0x0, 0x0) /Users/deepakp/workspace/go/src/github.com/redsift/prism/vendor/github.com/zubairhamed/canopus/message.go:158 +0xc0d github.com/redsift/prism/vendor/github.com/zubairhamed/canopus.(DefaultCoapServer).handleSession(0xc42017abb0, 0x47e2040, 0xc42001caf0) /Users/deepakp/workspace/go/src/github.com/redsift/prism/vendor/github.com/zubairhamed/canopus/server.go:508 +0xb0 created by github.com/redsift/prism/vendor/github.com/zubairhamed/canopus.(DefaultCoapServer).handleIncomingData.func1 /Users/deepakp/workspace/go/src/github.com/redsift/prism/vendor/github.com/zubairhamed/canopus/server.go:435 +0x33e exit status 2
Would the right fixe be to check the index bounds in line 157 of messages.go? If so I can send a PR soon.
if optionLength > 0 && optionLength < uint(len(tmp)) {
When you set a query URI on the client that is greater than length 256 the server crashes with the following stacktrace:-
panic: runtime error: slice bounds out of range
goroutine 8 [running]: github.com/redsift/prism/vendor/github.com/zubairhamed/canopus.BytesToMessage(0xc4202be000, 0x50c, 0x5dc, 0x5dc, 0x50c, 0x0, 0x0) /Users/deepakp/workspace/go/src/github.com/redsift/prism/vendor/github.com/zubairhamed/canopus/message.go:158 +0xc0d github.com/redsift/prism/vendor/github.com/zubairhamed/canopus.(DefaultCoapServer).handleSession(0xc42017abb0, 0x47e2040, 0xc42001caf0) /Users/deepakp/workspace/go/src/github.com/redsift/prism/vendor/github.com/zubairhamed/canopus/server.go:508 +0xb0 created by github.com/redsift/prism/vendor/github.com/zubairhamed/canopus.(DefaultCoapServer).handleIncomingData.func1 /Users/deepakp/workspace/go/src/github.com/redsift/prism/vendor/github.com/zubairhamed/canopus/server.go:435 +0x33e exit status 2
Would the right fixe be to check the index bounds in line 157 of messages.go? If so I can send a PR soon.
if optionLength > 0 && optionLength < uint(len(tmp)) {