Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix two decoding bugs found by go-fuzz #523

Merged
merged 1 commit into from
Aug 26, 2015
Merged

Fix two decoding bugs found by go-fuzz #523

merged 1 commit into from
Aug 26, 2015

Conversation

eapache
Copy link
Contributor

@eapache eapache commented Aug 26, 2015

(https://github.com/dvyukov/go-fuzz)

  • handle negative message-set sizes in FetchResponses
  • handle IPv6 and/or malformed broker addresses

@Shopify/kafka

(https://github.com/dvyukov/go-fuzz)

- handle negative message-set sizes in FetchResponses
- handle IPv6 and/or malformed broker addresses
b.addr = net.JoinHostPort(host, fmt.Sprint(port))
if _, _, err := net.SplitHostPort(b.addr); err != nil {
return err
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I assume this was because of a hostname with a colon in it?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

and hostnames with [ in them and \0 and all sorts of other interesting garbage that go-fuzz generated

@wvanbergen
Copy link
Contributor

Nice work 👏 🚢

eapache added a commit that referenced this pull request Aug 26, 2015
Fix two decoding bugs found by go-fuzz
@eapache eapache merged commit 3a50f2c into master Aug 26, 2015
@eapache eapache deleted the fuzz-fixes branch August 26, 2015 13:59
eapache added a commit that referenced this pull request Aug 27, 2015
The fix in #523 did not cover all cases, as found by subsequent go-fuzz runs.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants