fix(go): add bounds checking to ByteVector (#8776)

Add missing bounds checking to ByteVector before slice operations in the Go FlatBuffers implementation. Relative offset and vector length are now checked against the buffer size. Instead of panicking, the code now returns nil. Regression test added. Signed-off-by: Ville Vesilehto <ville@vesilehto.fi> Co-authored-by: Justin Davis <jtdavis777@gmail.com>
2025-12-21 22:25:30 +02:00
parent d01f20f2fb
commit 9d64b9c0c0
2 changed files with 66 additions and 1 deletions
--- a/go/table.go
+++ b/go/table.go
@@ -31,10 +31,25 @@ func (t *Table) String(off UOffsetT) string {
 }

 // ByteVector gets a byte slice from data stored inside the flatbuffer.
+// If the offset is invalid or out of bounds, returns nil to prevent crashes.
 func (t *Table) ByteVector(off UOffsetT) []byte {
+	n := UOffsetT(len(t.Bytes))
+	// Need at least SizeUOffsetT bytes to read the relative vector offset.
+	u := UOffsetT(SizeUOffsetT)
+	if n < u || off > n-u {
+		return nil
+	}
 	off += GetUOffsetT(t.Bytes[off:])
+	// Need at least SizeUOffsetT bytes to read the vector length.
+	if n < u || off > n-u {
+		return nil
+	}
 	start := off + UOffsetT(SizeUOffsetT)
 	length := GetUOffsetT(t.Bytes[off:])
+	// Avoid overflow by checking the length against the remaining buffer space.
+	if length > n-start {
+		return nil
+	}
 	return t.Bytes[start : start+length]
 }