Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix descriptor panic #53

Merged
merged 2 commits into from
Aug 8, 2023
Merged

Fix descriptor panic #53

merged 2 commits into from
Aug 8, 2023

Conversation

eric
Copy link
Contributor

@eric eric commented Aug 8, 2023

We've seen this panic in the wild and were able to reproduce it with fuzzing.

$ go test -fuzz FuzzDescriptor
fuzz: elapsed: 0s, gathering baseline coverage: 0/379 completed
failure while testing seed corpus entry: FuzzDescriptor/6ae8bb726335d15a
fuzz: elapsed: 0s, gathering baseline coverage: 0/379 completed
--- FAIL: FuzzDescriptor (0.04s)
    --- FAIL: FuzzDescriptor (0.00s)
        testing.go:1485: panic: runtime error: invalid memory address or nil pointer dereference
            goroutine 25 [running]:
            runtime/debug.Stack()
            	/opt/homebrew/Cellar/go/1.20.3/libexec/src/runtime/debug/stack.go:24 +0xbc
            testing.tRunner.func1()
            	/opt/homebrew/Cellar/go/1.20.3/libexec/src/testing/testing.go:1485 +0x264
            panic({0x1012351e0, 0x1013fc680})
            	/opt/homebrew/Cellar/go/1.20.3/libexec/src/runtime/panic.go:884 +0x204
            github.com/asticode/go-astits.calcDescriptorUnknownLength(...)
            	/Users/eric/src/go-astits/descriptor.go:1989
            github.com/asticode/go-astits.calcDescriptorLength(0x140000e00f0)
            	/Users/eric/src/go-astits/descriptor.go:2055 +0x111c
            github.com/asticode/go-astits.calcDescriptorsLength(...)
            	/Users/eric/src/go-astits/descriptor.go:2131
            github.com/asticode/go-astits.writeDescriptorsWithLength(0x1400011d690?, {0x1400008c3e0?, 0x2?, 0x2?})
            	/Users/eric/src/go-astits/descriptor.go:2151 +0x6c
            github.com/asticode/go-astits.FuzzDescriptor.func1(0x1400011d718?, {0x1400009a3e8?, 0x0?, 0x0?})
            	/Users/eric/src/go-astits/descriptor_test.go:731 +0x1f8
            reflect.Value.call({0x10122b400?, 0x101276e58?, 0x1400006ee38?}, {0x1011988e5, 0x4}, {0x140000985a0, 0x2, 0x0?})
            	/opt/homebrew/Cellar/go/1.20.3/libexec/src/reflect/value.go:586 +0x87c
            reflect.Value.Call({0x10122b400?, 0x101276e58?, 0x14000092000?}, {0x140000985a0?, 0x101276420?, 0x101395580?})
            	/opt/homebrew/Cellar/go/1.20.3/libexec/src/reflect/value.go:370 +0x90
            testing.(*F).Fuzz.func1.1(0x140000103c0?)
            	/opt/homebrew/Cellar/go/1.20.3/libexec/src/testing/fuzz.go:335 +0x360
            testing.tRunner(0x14000082b60, 0x140000aa3f0)
            	/opt/homebrew/Cellar/go/1.20.3/libexec/src/testing/testing.go:1576 +0x10c
            created by testing.(*F).Fuzz.func1
            	/opt/homebrew/Cellar/go/1.20.3/libexec/src/testing/fuzz.go:322 +0x4c4
            
    
FAIL
exit status 1
FAIL	github.com/asticode/go-astits	0.521s

@asticode asticode merged commit b0b1924 into asticode:master Aug 8, 2023
@asticode
Copy link
Owner

asticode commented Aug 8, 2023

FYI I've created a v1.13.0 tag 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@eric @asticode