Bug Report: Invalid Input Handling in Scanner::slice Method #121
Description
Bug Report: Invalid Input Handling in Scanner::slice Method
Description
When using the Scanner::slice method, passing an out-of-bounds argument causes the program to panic. This behavior indicates a potential design flaw, as it fails to handle invalid input properly, impacting the stability of the application.
PoC
consider the following code:
extern crate n2;
use n2::scanner::Scanner;
fn main() {
// Prepare a valid UTF-8 byte array, null-terminated
let valid_utf8_bytes: &[u8] = b"Hello, world!\0";
// Create Scanner instance
let scanner = Scanner::new(valid_utf8_bytes);
// Attempt to slice with an unsafe range (beyond the size of buf)
let start = 0;
let end = 100; // Explicitly set out of bounds size
// Call the slice method
let result = scanner.slice(start, end);
println!("Slice result: {}", result);
}
In my platform, it shows the following result.
Compiling ne-test v0.1.0 (/home/lwz/github/ne-test)
Finished `dev` profile [unoptimized + debuginfo] target(s) in 0.28s
Running `target/debug/ne-test`
thread 'main' panicked at core/src/panicking.rs:221:5:
unsafe precondition(s) violated: slice::get_unchecked requires that the range is within the slice
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
thread caused non-unwinding panic. aborting.
已中止 (核心已转储)
lwz@lwz-ThinkStation-P3-Tower:~/github/ne-test$
Expected Outcome
It is expected that the method handles input errors gracefully instead of panicking. For instance, the function could return a Result type or some other form of error handling.
I notice this PoC causes program aborting without 'unsafe' block, so I think maybe it is a Bug. This panic behavior could lead to program crashes in real applications, Sorry for if I am wrong.