Discovered errors including array out-of-bounds.

[xizheyin]

Description

Hello, the previous issue didn't cover all the bugs. Our fuzz testing tool has discovered 15 new different errors, but they may have similar underlying causes. Similar to some of the errors mentioned earlier, replay16 to replay28 indicate multiple array out-of-bounds errors in the fn from_str(s: &str) -> Result<Self, Self::Err> function in src/efmt/format.rs. Additionally, replay29 and replay30 show arithmetic overflow and encoding errors in the from_gregorian_str function in src/epoch.rs. The causes of these errors may be similar to those mentioned before. Please review them. The replay files will be stored at the following link, where error15-30 correspond to replay15-30.

error16

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:416:25

error17

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:472:25

error18

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:392:25

error19

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:408:25

error20

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:456:25

error21

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:376:25

error22

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:384:25

error23

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:448:25

error24

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:464:25

error25

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:368:25

error26

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:432:25

error27

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:440:25

error28

thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:480:25

error29

thread 'main' panicked at 'attempt to subtract with overflow', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/epoch.rs:1001:54

error30

thread 'main' panicked at 'byte index 23 is not a char boundary; it is inside '၄' (bytes 22..25) of `2022-09-16T23:15:8 ၄၄၄7-`', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/epoch.rs:977:50

[ChristopherRabotin]

Thanks, we'll fix those for version 4.

…

On Mon, Jun 19, 2023, 09:35 XizheYin_nju ***@***.***> wrote: Description Hello, the previous issue didn't cover all the bugs. Our fuzz testing tool has discovered 15 new different errors, but they may have similar underlying causes. Similar to some of the errors mentioned earlier, replay16 to replay28 indicate multiple array out-of-bounds errors in the fn from_str(s: &str) -> Result<Self, Self::Err> function in src/efmt/ format.rs. Additionally, replay29 and replay30 show arithmetic overflow and encoding errors in the from_gregorian_str function in src/epoch.rs. The causes of these errors may be similar to those mentioned before. Please review them. The replay files will be stored at the following link <https://github.com/XizheYin-NJU/replay_files_hifitime>, where error15-30 correspond to replay15-30. error16 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:416:25 error17 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:472:25 error18 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:392:25 error19 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:408:25 error20 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:456:25 error21 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:376:25 error22 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:384:25 error23 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:448:25 error24 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:464:25 error25 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:368:25 error26 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:432:25 error27 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:440:25 error28 thread 'main' panicked at 'index out of bounds: the len is 16 but the index is 16', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/efmt/format.rs:480:25 error29 thread 'main' panicked at 'attempt to subtract with overflow', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/epoch.rs:1001:54 error30 thread 'main' panicked at 'byte index 23 is not a char boundary; it is inside '၄' (bytes 22..25) of `2022-09-16T23:15:8 ၄၄၄7-`', /home/yxz/.cargo/registry/src/mirrors.ustc.edu.cn-61ef6e0cd06fb9b8/hifitime-3.8.2/src/epoch.rs:977:50 — Reply to this email directly, view it on GitHub <#246>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABEZV2DZ46IRNX5TMCJO7H3XMBWVJANCNFSM6AAAAAAZMDT4WE> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[ChristopherRabotin]

@cardigan1008 , thank you for your contribution in #324 ! Does the PR fix all of the bugs you reported here, or is there more work needed ? If your PR fixes all of these bugs, I can close this issue.

Thanks

[cardigan1008]

For this issue, I cannot reproduce the left two panic bugs using the reported cases, since some methods may have been refactored. For example, in panic 29:

fn main() {
    let _local10 = if let Ok(x) = hifitime::prelude::Epoch::from_gregorian_str("2004-07-06T23:25:38.1168423218    9              000000872180000000230-05:009 5\"\"\u{8106c}") {
        x
    } else {
        use std::process;
        process::exit(0);
    };
    let _local11 = hifitime::prelude::Epoch::as_tdb_duration_since_j2000(&(_local10));
    let _ = hifitime::prelude::Epoch::to_tai_parts(&(_local10));
    let _ = hifitime::prelude::Epoch::to_gregorian_tai(&(_local10));
    let _local16 = hifitime::prelude::Epoch::as_jde_tdb_duration(&(_local10));
}

as_tdb_duration_since_j2000() and as_jde_tdb_duration() cannot be found.

[ChristopherRabotin]

Indeed, as_tdb_duration_since_j2000 has been removed and as_jde_tdb_duration is now to_jde_tdb_duration.