-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A lot of potential Index Out Of Bounds #19
Comments
thanks for reporting the issue! Can you share the logarchive? There is a check early on to make sure index is not larger than the array https://github.com/mandiant/macos-UnifiedLogs/blob/main/src/message.rs#L83 If you cannot share the entire logarchive, if you share a single .tracev3 file that triggers the panic that migit be sufficient.
Otherwise, i will need to setup a beta version of macOS to test. |
I was able to setup a macOS Sequoia beta instance and reproduce the crash. The log format has been updated a little in the new release. I have already updated the parser locally to support the changes. No more crashes 😸 . I also see what caused the index out of bounds and that has also been fixed. I will merge ur PR first and i would like to continue to test the changes and also add tests. Will aim to have merged probably Sunday. If you could share the logarchive that would useful to help validate the changes |
Found another : shindan-io@d276842 We cannot share the logarchive. |
We added some debug statements to see what was causing the crashes.
|
Thank you for the debug output. The errors are similar to what I got as well. New If you have a chance to test it that would be great thanks! |
Just tested on the The entries that make the program panic on No more panics as of now! 👍 |
Im glad the panics are gone. However, the error message I am wondering if there are still new changes introduced in the latest versions of macOS/iOS. |
I collected this list of log messages that cause index out ouf bound.
|
thanks @ReturnRei that is helpful. It looks like the entries are all related to It looks like these logs are related to email possibly. I will try to setup an email on my beta system to see if I can trigger the message. Another option that could be done, if you have access to a macOS system (if you don't no worries):
The hexdump should contain the flags associated with the log and can be used to determine what flag/type is associated with |
Here's one @puffyCid
|
Thanks @ReturnRei that was helpful. I pushed another update to the PR fix. |
@puffyCid |
Hello,
We had an
ios 18.0 beta 4
sysdiag that made this lib panic! (@ReturnRei will perhaps provide more details)I quick fixed it in this commit :
shindan-io@fc30ecf
But I find my fix just ugly, i'm far from confident in the existing code.
The code heavy rely on
array[index]
indexers, which canpanic!
.On other way could be to forget about indexers and use the
array.get(index)
that returns anOption
and let us all the semantics to handle the missing case properly.Same goes with subslicing,
slice[x..]
could be replaced byget(x..)
too.Are you aware if this ?
Do you think it's a flaw and that needs some fixing effort ?
Can we help ?
(I can submit a PR with my quick fix, but as said, I think it's a far more general problem and perhaps we should fix it for good)
The text was updated successfully, but these errors were encountered: