Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: When use gzip and call with MaxCallRecvMsgSize(math.MaxInt64), will read 0 byte. #6119

Closed
catundercar opened this issue Mar 15, 2023 · 15 comments
Closed

Bug: When use gzip and call with MaxCallRecvMsgSize(math.MaxInt64), will read 0 byte. #6119

catundercar opened this issue Mar 15, 2023 · 15 comments
Assignees
@infovivek2020
Labels
Status: Duplicate Status: Help Wanted Type: Bug

Comments

@catundercar
Copy link

NOTE: if you are reporting is a potential security vulnerability or a crash,
please follow our CVE process at
https://github.com/grpc/proposal/blob/master/P4-grpc-cve-process.md instead of
filing an issue here.

Please see the FAQ in our main README.md, then answer the questions below
before submitting your issue.

What version of gRPC are you using?

master

What version of Go are you using (go version)?

1.19.2

What operating system (Linux, Windows, …) and version?

Linux

What did you do?

If possible, provide a recipe for reproducing the error.
like this demo:
https://github.com/grpc/grpc-go/tree/master/examples/features/compression
I called with grpc.MaxCallRecvMsgSize(math.MaxInt64)
And then, I got this result:

UnaryEcho call returned "", <nil>

The response message was "".

What did you expect to see?

UnaryEcho call returned "compress", <nil>
@catundercar catundercar mentioned this issue Mar 15, 2023
Closed
@dfawley
Copy link
Member

dfawley commented Mar 21, 2023

I called with grpc.MaxCallRecvMsgSize(math.MaxInt64)

This is definitely wrong. The most you'd ever want to do is math.MaxInt. And even that is a pretty insane maximum. The intent of this setting is to protect you from running out of memory. No machine has 9,223,372,036,854,775,807 bytes of memory.

@catundercar
Copy link
Author

catundercar commented Mar 22, 2023
edited
Loading

I called with grpc.MaxCallRecvMsgSize(math.MaxInt64)

This is definitely wrong. The most you'd ever want to do is math.MaxInt. And even that is a pretty insane maximum. The intent of this setting is to protect you from running out of memory. No machine has 9,223,372,036,854,775,807 bytes of memory.

You're right, in actual business scenarios, the received data will never reach math.MaxInt. But that's not the key of this issue. Perhaps I didn't describe it clearly enough. The key of this issue is that when using the gzip compressor and configuring grpc.MaxCallRecvMsgSize(math.MaxInt), no matter how small the actual data is, even if it's only one byte, the logic in the decompressor will overflow, causing no data to be read.

I want to emphasize a point that the original available configuration of grpc.MaxCallRecvMsgSize(math.MaxInt) causes the service to not return any valid messages and there is no error reported during the call, when combined with the gzip compression method. It should be a problem that needs to be fixed, rather than asking the user to modify their previously available code.
Looking forward to your reply.

@github-actions github-actions bot added the stale label Mar 28, 2023
@grpc grpc deleted a comment from github-actions bot Mar 28, 2023
@dfawley
Copy link
Member

dfawley commented Mar 28, 2023

As mentioned in the PR, this could be fixed by limiting the allowable values in MaxCallRecvMsgSize to math.MaxInt64-1. The PR as submitted is incorrect, as we need to be able to read beyond the configured limit to determine whether there was an overrun.

@catundercar
Copy link
Author

Yes, it is possible to know if the limit is exceeded without reading out all the bytes. Now it looks like there is no better way to do this than to change the MaxCallRecvMsgSize parameter.😥

@zasweq zasweq closed this as completed Sep 19, 2023
@dfawley dfawley reopened this Sep 19, 2023
@catundercar
Copy link
Author

Sorry, I recently discovered that it has been reactivated. Do you have any suitable ways to fix this issue?

@purnesh42H purnesh42H assigned purnesh42H and unassigned catundercar Jun 4, 2024
@purnesh42H
Copy link
Contributor

@catundercar are you interested in continuing to work on this?

@purnesh42H purnesh42H assigned catundercar and unassigned purnesh42H Jun 6, 2024
@catundercar
Copy link
Author

catundercar commented Jun 6, 2024
edited
Loading

@catundercar are you interested in continuing to work on this?

Yep, but I have no good idea. 😂

@github-actions GitHub Actions
Copy link

This issue is labeled as requiring an update from the reporter, and no update has been received after 6 days. If no update is provided in the next 7 days, this issue will be automatically closed.

@github-actions github-actions bot added the stale label Jun 12, 2024
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Jun 19, 2024
@purnesh42H purnesh42H reopened this Jun 19, 2024
@infovivek2020
Copy link
Contributor

@purnesh42H please assign me this issue

@infovivek2020
Copy link
Contributor

@purnesh42H while repro getting the as expected response (UnaryEcho call returned "compress", )image

@purnesh42H purnesh42H removed the P2 label Aug 13, 2024
@infovivek2020 infovivek2020 mentioned this issue Aug 14, 2024
Closed
@infovivek2020
Copy link
Contributor

@purnesh42H have a look to the PR [https://github.com/infovivek2020/pull/2] I am able to repro in local

@infovivek2020
Copy link
Contributor

@purnesh42H Please have a look to the PR on applied change https://github.com/grpc/grpc-go/issues/4552 we do not have this issue

@purnesh42H
Copy link
Contributor

@infovivek2020 please confirm if this issue is a duplicate of #4552

@infovivek2020
Copy link
Contributor

This issue is duplicate one, it is resolved by PR https://github.com/grpc/grpc-go/issues/4552

@easwars easwars closed this as not planned Won't fix, can't repro, duplicate, stale Aug 26, 2024
@easwars
Copy link
Contributor

easwars commented Aug 26, 2024

Closing this issue as this is marked as a duplicate of #4552

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@infovivek2020 infovivek2020

Labels
Status: Duplicate Status: Help Wanted Type: Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@easwars @purnesh42H @catundercar @infovivek2020 @dfawley @zasweq