Skip to content

🐛 [Bug]: Panic on specific query param for QueryParser #3120

New issue
New issue
Closed
#3126
#3121
Closed
🐛 [Bug]: Panic on specific query param for QueryParser#3120
#3126
#3121
Assignees
dojutsu-user
Labels
v2☢️ Bug👍 Accepting PR
@arielsrv

Description

@arielsrv
arielsrv
opened on Sep 4, 2024

Bug Description

If you want to do specific request with brackets so will throw a panic

How to Reproduce

package main

import (
	"github.com/gofiber/fiber/v2"
	"log"
)

func main() {
	// Initialize a new Fiber app
	app := fiber.New()

	// Define a route for the GET method on the root path '/'
	app.Get("/", func(ctx *fiber.Ctx) error {
		var user User
		err := ctx.QueryParser(&user)
		if err != nil {
			return ctx.Status(400).SendString("Invalid user data")
		}
		return ctx.SendString("Hello, World!")
	})

	// Start the server on port 3000
	log.Fatal(app.Listen(":3000"))
}

type User struct {
	ID   int    `json:"id"`
	Name string `json:"name"`
}
curl 'http://localhost:3000/?data[=name'

GOROOT=/opt/homebrew/Cellar/go/1.23.0/libexec #gosetup
GOPATH=/Users/ariel.pineiro/go #gosetup
/opt/homebrew/Cellar/go/1.23.0/libexec/bin/go build -o /Users/ariel.pineiro/Library/Caches/JetBrains/GoLand2024.2/tmp/GoLand/___go_build_issue issue #gosetup
/Users/ariel.pineiro/Library/Caches/JetBrains/GoLand2024.2/tmp/GoLand/___go_build_issue

 ┌───────────────────────────────────────────────────┐ 
 │                   Fiber v2.52.5                   │ 
 │               http://127.0.0.1:3000               │ 
 │       (bound on host 0.0.0.0 and port 3000)       │ 
 │                                                   │ 
 │ Handlers ............. 2  Processes ........... 1 │ 
 │ Prefork ....... Disabled  PID ............. 43705 │ 
 └───────────────────────────────────────────────────┘ 

panic: runtime error: index out of range [5] with length 5

goroutine 20 [running]:
github.com/gofiber/fiber/v2.parseParamSquareBrackets({0x140000b2308, 0x5})
        /Users/ariel.pineiro/go/pkg/mod/github.com/gofiber/fiber/v2@v2.52.5/ctx.go:1311 +0x264
github.com/gofiber/fiber/v2.(*Ctx).QueryParser.func1({0x140000b2308?, 0x4?, 0x1400016d8b8?}, {0x140000b2330, 0x4, 0x8})
        /Users/ariel.pineiro/go/pkg/mod/github.com/gofiber/fiber/v2@v2.52.5/ctx.go:1284 +0xd4
github.com/valyala/fasthttp.visitArgs({0x140000b6070, 0x1, 0x1400016d998?}, 0x1400016d948)
        /Users/ariel.pineiro/go/pkg/mod/github.com/valyala/fasthttp@v1.51.0/args.go:359 +0x68
github.com/valyala/fasthttp.(*Args).VisitAll(...)
        /Users/ariel.pineiro/go/pkg/mod/github.com/valyala/fasthttp@v1.51.0/args.go:74
github.com/gofiber/fiber/v2.(*Ctx).QueryParser(0x140000c8000, {0x1031c4ca0?, 0x140000ca240})
        /Users/ariel.pineiro/go/pkg/mod/github.com/gofiber/fiber/v2@v2.52.5/ctx.go:1275 +0xdc
main.main.func1(0x140000c8000)
        /Users/ariel.pineiro/projects/iskaypetcom/issue/main.go:15 +0x40
github.com/gofiber/fiber/v2.(*App).next(0x1400015ca00, 0x140000c8000)
        /Users/ariel.pineiro/go/pkg/mod/github.com/gofiber/fiber/v2@v2.52.5/router.go:145 +0x188
github.com/gofiber/fiber/v2.(*App).handler(0x1400015ca00, 0x1030ef048?)
        /Users/ariel.pineiro/go/pkg/mod/github.com/gofiber/fiber/v2@v2.52.5/router.go:172 +0x74
github.com/valyala/fasthttp.(*Server).serveConn(0x14000190000, {0x10322b608?, 0x1400009e000})
        /Users/ariel.pineiro/go/pkg/mod/github.com/valyala/fasthttp@v1.51.0/server.go:2359 +0xdd0
github.com/valyala/fasthttp.(*workerPool).workerFunc(0x1400011a820, 0x140000a2020)
        /Users/ariel.pineiro/go/pkg/mod/github.com/valyala/fasthttp@v1.51.0/workerpool.go:224 +0x70
github.com/valyala/fasthttp.(*workerPool).getCh.func1()
        /Users/ariel.pineiro/go/pkg/mod/github.com/valyala/fasthttp@v1.51.0/workerpool.go:196 +0x38
created by github.com/valyala/fasthttp.(*workerPool).getCh in goroutine 1
        /Users/ariel.pineiro/go/pkg/mod/github.com/valyala/fasthttp@v1.51.0/workerpool.go:195 +0x208

Process finished with the exit code 2

Expected Behavior

err == nil

Fiber Version

v2.52.5

Code Snippet (optional)

package main

import (
	"github.com/gofiber/fiber/v2"
	"log"
)

func main() {
	// Initialize a new Fiber app
	app := fiber.New()

	// Define a route for the GET method on the root path '/'
	app.Get("/", func(ctx *fiber.Ctx) error {
		var user User
		err := ctx.QueryParser(&user)
		if err != nil {
			return ctx.Status(400).SendString("Invalid user data")
		}
		return ctx.SendString("Hello, World!")
	})

	// Start the server on port 3000
	log.Fatal(app.Listen(":3000"))
}

type User struct {
	ID   int    `json:"id"`
	Name string `json:"name"`
}

Checklist:

  • I agree to follow Fiber's Code of Conduct.
  • I have checked for existing issues that describe my problem prior to opening this one.
  • I understand that improperly formatted bug reports may be closed without explanation.

Metadata

Metadata

Assignees

Labels

v2☢️ Bug👍 Accepting PR

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions