Skip to content
This repository was archived by the owner on Apr 2, 2023. It is now read-only.

panic: runtime error: index out of range in maindata.readHuffman #22

Closed
gy741 opened this issue Feb 6, 2018 · 2 comments
Closed

panic: runtime error: index out of range in maindata.readHuffman #22

gy741 opened this issue Feb 6, 2018 · 2 comments
Labels
bug

Comments

@gy741
Copy link

gy741 commented Feb 6, 2018
edited
Loading

Hello.

I found a index out of range bug in go-mp3.

Please confirm.

Thanks.

reproduce code:

package mp3

import (
	"bytes"
	"testing"
)

type bytesReadCloser struct {
	*bytes.Reader
}

func (b *bytesReadCloser) Close() error {
	return nil
}

func TestFuzzingIssue3(t *testing.T) {
	inputs := []string{
			"\xff\xfa%00000000000000000" +
			"000000000000s0000000" +
			"00000000000000000000" +
			"00000000000000000000" +
			"00000000000000000000" +
			"00000000000000000000",
	}
	for _, input := range inputs {
		b := &bytesReadCloser{bytes.NewReader([]byte(input))}
		_, _ = NewDecoder(b)
	}
}

panic: runtime error: index out of range [recovered]
	panic: runtime error: index out of range

goroutine 5 [running]:
panic(0x500300, 0xc42000a120)
	/usr/lib/go-1.7/src/runtime/panic.go:500 +0x1a1
testing.tRunner.func1(0xc4200683c0)
	/usr/lib/go-1.7/src/testing/testing.go:579 +0x25d
panic(0x500300, 0xc42000a120)
	/usr/lib/go-1.7/src/runtime/panic.go:458 +0x243
github.com/hajimehoshi/go-mp3/internal/maindata.readHuffman(0xc420012450, 0xfffa2530, 0xc420080000, 0xc420082000, 0xdbd, 0x1, 0x1, 0x0, 0x0)
	/home/karas/go/src/github.com/hajimehoshi/go-mp3/internal/maindata/huffman.go:76 +0x27a
github.com/hajimehoshi/go-mp3/internal/maindata.Read(0x7f8624321230, 0xc420012420, 0x0, 0x7f86fffa2530, 0xc420080000, 0x0, 0x0, 0xc42000a590, 0x8)
	/home/karas/go/src/github.com/hajimehoshi/go-mp3/internal/maindata/maindata.go:152 +0x417
github.com/hajimehoshi/go-mp3/internal/frame.Read(0x59c420, 0xc420012420, 0x0, 0x0, 0x3, 0x3, 0x3, 0x8)
	/home/karas/go/src/github.com/hajimehoshi/go-mp3/internal/frame/frame.go:97 +0x2f7
github.com/hajimehoshi/go-mp3.(*Decoder).readFrame(0xc42004c2a0, 0x0, 0x0)
	/home/karas/go/src/github.com/hajimehoshi/go-mp3/decode.go:41 +0x59
github.com/hajimehoshi/go-mp3.NewDecoder(0x59cb20, 0xc420026028, 0x78, 0xc42007e000, 0x78)
	/home/karas/go/src/github.com/hajimehoshi/go-mp3/decode.go:207 +0x102
github.com/hajimehoshi/go-mp3.TestFuzzingIssue3(0xc4200683c0)
	/home/karas/go/src/github.com/hajimehoshi/go-mp3/fuzzing_test.go:27 +0x11c
testing.tRunner(0xc4200683c0, 0x52f068)
	/usr/lib/go-1.7/src/testing/testing.go:610 +0x81
created by testing.(*T).Run
	/usr/lib/go-1.7/src/testing/testing.go:646 +0x2ec
@hajimehoshi hajimehoshi added the bug label Feb 6, 2018
@hajimehoshi
Copy link
Owner

Confirmed. Thanks!

@hajimehoshi
Copy link
Owner

Added a kind of ad-hoc fix, but it should be much better than crashing.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hajimehoshi @gy741