MySQL auth: bad configuration causes panic

[hollymcr]

Using some code based on cmd/single/main.go with MySQL configuration in .yml, every time a client connected to the broker resulted in "panic: runtime error: invalid memory address or nil pointer dereference"

I eventually traced this to a typo in the field names I had put in my .yml. The result was that the code: a.authStmt, _ = sqlxDB.Preparex(authSql) .. was failing as the SQL was invalid.

However there's no code to catch that error and so when the client connects, err := a.authStmt.QueryRowx(key).Scan(&password, &allow) .. in OnConnectAuthenticate was crashing.

This is the first time I've worked in Go so I'm not going to attempt to suggest a suitable fix - for now I'll just be careful about config file typos!

[wind-c]

Let me look at the contents of auth-mysql.yml.

[hollymcr]

I don't have the file which failed any more but it should be easy to replicate. Simply change one of the field names in a working configuration to a non-existent field name.

The issue is that Preparex() can fail (there's probably lots of ways it could fail other than invalid fields) but as there is no error checking at that point a.authStmt is left as nil, and then later there's an attempt to call (nil).QueryRowx(key)

[wind-c]

Is the program running properly now?

[wind-c]

I'll try to replicate it and fix it.

[hollymcr]

I'm running a heavily modified version to suit my application (for example I needed different MySQL schema details for different ports, and I've added PBKDF2 handling so that I can mimic/replicate the way Mosquitto's Go Auth package works).

But when I tested previously the code ran fine once I set the field names correctly. But a panic isn't the best way to report a user configuration issue!