mysql icon indicating copy to clipboard operation
mysql copied to clipboard

Published 20 hours ago verified publisher icon go-sql-driver

When the username and password are too long, it can cause a panic error in ping method.

Open pengdaCN opened this issue 1 year ago • 1 comments

Issue description

When the username is operated with a length of 4096 bits, it will definitely cause a panic error. The password has not been verified yet.

Example code

package main

import (
	"database/sql"
	"fmt"
	_ "github.com/go-sql-driver/mysql"
	"strings"
	"testing"
)

func main() {
	connStr := fmt.Sprintf("%s:%s@tcp(%s)/?timeout=%ds", strings.Repeat(`mysql`, 5000), `password`, `10.4.7.7:3306`, 3)
	db, err := sql.Open("mysql", connStr)
	if err != nil {
		panic(err)
	}

	err = db.Ping()
	if err != nil {
		panic(err)
	}
}

Error log

panic: runtime error: slice bounds out of range [:25080] with capacity 4096 [recovered]
	panic: runtime error: slice bounds out of range [:25080] with capacity 4096

Configuration

Driver version (or git SHA): 1.7

Go version: run go version in your console go version go1.21.0 linux/amd64

Server version: E.g. MySQL 5.6, MariaDB 10.0.20 mariadb Server OS: E.g. Debian 8.1 (Jessie), Windows 10 ubuntu22 wsl

pengdaCN avatar Sep 28 '23 07:09 pengdaCN