Skip to content

fix(go): add bounds checking to DeserializeStreams for payloads > 64KB#3165

Open
atharvalade wants to merge 1 commit into
apache:masterfrom
atharvalade:fix/go-sdk-deserialize-streams-64kb
Open

fix(go): add bounds checking to DeserializeStreams for payloads > 64KB#3165
atharvalade wants to merge 1 commit into
apache:masterfrom
atharvalade:fix/go-sdk-deserialize-streams-64kb

Conversation

@atharvalade
Copy link
Copy Markdown
Contributor

@atharvalade atharvalade commented Apr 24, 2026

Which issue does this PR close?

Closes #3130

Rationale

DeserializeStreams and DeserializeToStream had zero bounds checking and no error propagation, causing silent data corruption for stream lists larger than 64KB.

What changed?

DeserializeToStream performed raw slice accesses without validating that the payload contained enough bytes for the 33-byte fixed header or the variable-length name. With large payloads (>64KB), any framing misalignment caused position drift—subsequent streams were deserialized from wrong offsets, silently returning corrupted data with no error.

The fix adds bounds validation before every access in DeserializeToStream (returns error on insufficient data), propagates errors through DeserializeStreams, and updates the TCP caller. A new test file covers single-stream, multi-stream, truncated header/name, corrupted payload, max-length name, and a 70KB+ regression test that verifies every field of ~1000 streams.

Local Execution

  • Passed
  • Pre-commit hooks ran

AI Usage

  1. Opus 4.6
  2. Minimal AI used
  3. All tests ran locally and pass; verified against the Rust wire format
  4. Yes, all code can be explained

@atharvalade atharvalade changed the title ix(go-sdk): add bounds checking to DeserializeStreams for payloads > 64KB fix(go-sdk): add bounds checking to DeserializeStreams for payloads > 64KB Apr 24, 2026
@atharvalade atharvalade force-pushed the fix/go-sdk-deserialize-streams-64kb branch from 10dedb2 to 18ae55f Compare April 24, 2026 15:53
@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 24, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 90.90909% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 73.78%. Comparing base (1ae123f) to head (91e6df0).

Files with missing lines Patch % Lines
...nary_serialization/binary_response_deserializer.go 90.47% 1 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff            @@
##             master    #3165   +/-   ##
=========================================
  Coverage     73.78%   73.78%           
  Complexity      943      943           
=========================================
  Files          1200     1200           
  Lines        109094   109106   +12     
  Branches      85994    85994           
=========================================
+ Hits          80492    80502   +10     
- Misses        25866    25867    +1     
- Partials       2736     2737    +1
Components Coverage Δ
Rust Core 74.91% <ø> (ø)
Java SDK 58.44% <ø> (ø)
C# SDK 69.47% <ø> (ø)
Python SDK 81.43% <ø> (ø)
Node SDK 91.44% <ø> (ø)
Go SDK 39.91% <90.90%> (+0.10%) ⬆️
Files with missing lines Coverage Δ
foreign/go/client/tcp/tcp_stream_management.go 82.85% <100.00%> (ø)
...nary_serialization/binary_response_deserializer.go 85.95% <90.47%> (-0.08%) ⬇️
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@atharvalade atharvalade changed the title fix(go-sdk): add bounds checking to DeserializeStreams for payloads > 64KB fix(go): add bounds checking to DeserializeStreams for payloads > 64KB Apr 24, 2026
@atharvalade atharvalade force-pushed the fix/go-sdk-deserialize-streams-64kb branch from 18ae55f to e40eac9 Compare April 24, 2026 17:06
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 7, 2026

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days if no further activity occurs.

If you need a review, please ensure CI is green and the PR is rebased on the latest master. Don't hesitate to ping the maintainers - either @core on Discord or by mentioning them directly here on the PR.

Thank you for your contribution!

@github-actions github-actions Bot added stale Inactive issue or pull request and removed stale Inactive issue or pull request labels May 7, 2026
@hubcio
Copy link
Copy Markdown
Contributor

hubcio commented May 14, 2026

/ready

@github-actions github-actions Bot added the S-waiting-on-review PR is waiting on a reviewer label May 14, 2026
slbotbm
slbotbm reviewed May 14, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@slbotbm slbotbm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

one comment, otherwise lgtm

Comment thread foreign/go/binary_serialization/binary_response_deserializer_test.go Outdated
Comment on lines +110 to +118
if streams[0].Id != 1 || streams[0].Name != "stream-one" {
t.Errorf("stream[0] = {Id:%d, Name:%q}, want {Id:1, Name:\"stream-one\"}", streams[0].Id, streams[0].Name)
}
if streams[1].Id != 2 || streams[1].Name != "s2" {
t.Errorf("stream[1] = {Id:%d, Name:%q}, want {Id:2, Name:\"s2\"}", streams[1].Id, streams[1].Name)
}
if streams[2].Id != 3 || streams[2].Name != "third" {
t.Errorf("stream[2] = {Id:%d, Name:%q}, want {Id:3, Name:\"third\"}", streams[2].Id, streams[2].Name)
}
Copy link
Copy Markdown
Contributor

@slbotbm slbotbm May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here, only the Id and that name are being checked. I think it would be better to check everything.

Copy link
Copy Markdown
Contributor Author

@atharvalade atharvalade May 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch, now checking all fields

@hubcio
Copy link
Copy Markdown
Contributor

hubcio commented May 14, 2026

@slbotbm use /author after you are done with review :)

/author

@github-actions github-actions Bot added S-waiting-on-author PR is waiting on author response and removed S-waiting-on-review PR is waiting on a reviewer labels May 14, 2026
@atharvalade atharvalade force-pushed the fix/go-sdk-deserialize-streams-64kb branch from 2ca3da2 to 91e6df0 Compare May 17, 2026 06:59
@atharvalade
Copy link
Copy Markdown
Contributor Author

atharvalade commented May 17, 2026

/ready

@github-actions github-actions Bot added S-waiting-on-review PR is waiting on a reviewer and removed S-waiting-on-author PR is waiting on author response labels May 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@slbotbm slbotbm slbotbm left review comments

Reviewers whose approvals may not affect merge requirements

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

S-waiting-on-review PR is waiting on a reviewer

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

go-sdk: DeserializeStreams known bug with payloads > 64KB

3 participants

@atharvalade @hubcio @slbotbm