Check Slice bounds in read_message to avoid panics (#371)

drdrsh · web-flow · commit d66b377a8e00 · 2023-03-17T12:31:43.000-05:00
When recv is called in the mirroring client, we noticed an occasional panic when reading the message.

thread 'tokio-runtime-worker' panicked at 'slice index starts at 5 but ends at 0', src/messages.rs:522:18
We are still debugging the reason why this happens but adding a check for slice bounds seems like a good idea. Instead of panicking, this will return an Err to the caller which will close the connection.
diff --git a/src/messages.rs b/src/messages.rs
@@ -517,14 +517,18 @@ where
 
     bytes.resize(bytes.len() + len as usize - mem::size_of::<i32>(), b'0');
 
-    match stream
-        .read_exact(
-            &mut bytes[mem::size_of::<u8>() + mem::size_of::<i32>()
-                ..mem::size_of::<u8>() + mem::size_of::<i32>() + len as usize
-                    - mem::size_of::<i32>()],
-        )
-        .await
-    {
+    let slice_start = mem::size_of::<u8>() + mem::size_of::<i32>();
+    let slice_end = slice_start + len as usize - mem::size_of::<i32>();
+
+    // Avoids a panic
+    if slice_end < slice_start {
+        return Err(Error::SocketError(format!(
+            "Error reading message from socket - Code: {:?} - Length {:?}, Error: {:?}",
+            code, len, "Unexpected length value for message"
+        )));
+    }
+
+    match stream.read_exact(&mut bytes[slice_start..slice_end]).await {
         Ok(_) => (),
         Err(err) => {
             return Err(Error::SocketError(format!(
