Prevent ERR_OUT_OF_RANGE errors when reading messageSize from buffer #571
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
|
We're facing the same issue, and can confirm that applying the proposed fix via diff --git a/lib/protocol.js b/lib/protocol.js
index 7bef96597d29825a79786d73418af79e15b1f6eb..b771c2bc34df0383fafba8d6071f652ff94c4f56 100644
--- a/lib/protocol.js
+++ b/lib/protocol.js
@@ -49,6 +49,16 @@ export const parseSimpleType = (type, buf, offset, offsetEnd) => {
const errorResponseMessageIndicator = pgMessages.errorResponse.indicator.charCodeAt(0);
export const parseMessage = (message, buf, messageOffset = 0) => {
let bufferOffset = messageOffset;
+
+ // Check if we have enough data to read the indicator and message size
+ // The + 5 is made up of 1 byte for readInt8 and 4 bytes for readUInt32BE
+ if (bufferOffset + 5 > buf.length) {
+ return {
+ type: "IncompleteMessageError",
+ messageName: message.name,
+ };
+ }
+
const indicator = buf.readInt8(bufferOffset);
const expectedIndicator = message.indicator.charCodeAt(0);
const isUnexpectedErrorMessage = indicator === errorResponseMessageIndicator && |
|
(We can also confirm it's incredibly hard to reproduce this across environments, but I was "lucky" enough to hit it 9 times out of 10 on our project.) |
|
I can add another confirmation. We fixed this internally by adding a similar check after the first |
zth
pushed a commit
to zth/pgtyped-rescript
that referenced
this pull request
Apr 27, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi 👋 , this is a follow up to this PR from last year. We ran into an issue today where the
const messageSize = buf.readUInt32BE(bufferOffset);line would cause anERR_OUT_OF_RANGEerror in about 1/5 executions ofpgtyped. The error would always occur when parsing a file which referenced a large enum. The error began occurring when a change was merged to add two values to this enum.My suspicion is that the additional enum value has caused the boundary of the TCP packet splitting to land in the middle of the bytes making up the
messageSizeinteger. The fix that I have implemented is to first check that the buffer has enough data to read the indicator and messageSize, before attempting to do so.I attempted to create a minimal reproduction, but was unable to. Running just the affected file resulted in the error occurring only about 1/20 executions, and I wasn't able to reproduce the error at all when I attempted to simplify the DB schema to just the large enum and associated tables.