Check Slice bounds in read_message to avoid panics (#371)

When recv is called in the mirroring client, we noticed an occasional panic when reading the message. thread 'tokio-runtime-worker' panicked at 'slice index starts at 5 but ends at 0', src/messages.rs:522:18 We are still debugging the reason why this happens but adding a check for slice bounds seems like a good idea. Instead of panicking, this will return an Err to the caller which will close the connection.
2026-03-23 01:16:30 +00:00 · 2023-03-17 12:31:43 -05:00
parent ac21ce50f1
commit d66b377a8e
1 changed files with 12 additions and 8 deletions
--- a/src/messages.rs
+++ b/src/messages.rs
@@ -517,14 +517,18 @@ where

    bytes.resize(bytes.len() + len as usize - mem::size_of::<i32>(), b'0');

-    match stream
-        .read_exact(
-            &mut bytes[mem::size_of::<u8>() + mem::size_of::<i32>()
-                ..mem::size_of::<u8>() + mem::size_of::<i32>() + len as usize
-                    - mem::size_of::<i32>()],
-        )
-        .await
-    {
+    let slice_start = mem::size_of::<u8>() + mem::size_of::<i32>();
+    let slice_end = slice_start + len as usize - mem::size_of::<i32>();
+
+    // Avoids a panic
+    if slice_end < slice_start {
+        return Err(Error::SocketError(format!(
+            "Error reading message from socket - Code: {:?} - Length {:?}, Error: {:?}",
+            code, len, "Unexpected length value for message"
+        )));
+    }
+
+    match stream.read_exact(&mut bytes[slice_start..slice_end]).await {
        Ok(_) => (),
        Err(err) => {
            return Err(Error::SocketError(format!(