mysql icon indicating copy to clipboard operation
mysql copied to clipboard
verified publisher icon go-sql-driver

When the username and password are too long, it can cause a panic error in ping method.

Open pengdaCN opened this issue 2 years ago • 1 comments

Issue description

When the username is operated with a length of 4096 bits, it will definitely cause a panic error. The password has not been verified yet.

Example code

package main

import (
	"database/sql"
	"fmt"
	_ "github.com/go-sql-driver/mysql"
	"strings"
	"testing"
)

func main() {
	connStr := fmt.Sprintf("%s:%s@tcp(%s)/?timeout=%ds", strings.Repeat(`mysql`, 5000), `password`, `10.4.7.7:3306`, 3)
	db, err := sql.Open("mysql", connStr)
	if err != nil {
		panic(err)
	}

	err = db.Ping()
	if err != nil {
		panic(err)
	}
}

Error log

panic: runtime error: slice bounds out of range [:25080] with capacity 4096 [recovered]
	panic: runtime error: slice bounds out of range [:25080] with capacity 4096

Configuration

Driver version (or git SHA): 1.7

Go version: run go version in your console go version go1.21.0 linux/amd64

Server version: E.g. MySQL 5.6, MariaDB 10.0.20 mariadb Server OS: E.g. Debian 8.1 (Jessie), Windows 10 ubuntu22 wsl

pengdaCN avatar Sep 28 '23 07:09 pengdaCN

Same problem here. We are using JWT tokens to authorize against Azure MySQL Flexible Server. Our username and token combined are over 4k for some identities.

Problem is in this part of code https://github.com/go-sql-driver/mysql/blob/2f1527670cb7207fd213f92c7120f9387fe256cf/packets.go#L395.

There should be control, if pktLen is really bellow limit for small buffer and if not, use takeBuffer instead.

slice bounds out of range [:4111] with capacity 4096

kratkyzobak avatar Aug 20 '24 12:08 kratkyzobak