scylla-cql: Avoid index-acces to buffer

Lorak-mmk · Lorak-mmk · commit a84621dae28f · 2025-10-31T16:48:50.000+01:00
If buffer is too short and we index past its end, code will panic. This
is not desirable - we want to return errors on invalid protocol
messages.
diff --git a/scylla-cql/src/frame/frame_errors.rs b/scylla-cql/src/frame/frame_errors.rs
@@ -307,6 +307,8 @@ pub enum ClusterChangeEventParseError {
 pub enum PreparedParseError {
     #[error("Malformed prepared statement's id length: {0}")]
     IdLengthParseError(LowLevelDeserializationError),
+    #[error("Malformed prepared statement's id: {0}")]
+    IdParseError(LowLevelDeserializationError),
     #[error("Invalid result metadata: {0}")]
     ResultMetadataParseError(ResultMetadataParseError),
     #[error("Invalid prepared metadata: {0}")]
diff --git a/scylla-cql/src/frame/response/result.rs b/scylla-cql/src/frame/response/result.rs
@@ -14,7 +14,7 @@ use crate::frame::frame_errors::{
 use crate::frame::request::query::PagingStateResponse;
 use crate::frame::response::event::SchemaChangeEvent;
 use crate::frame::types;
-use bytes::{Buf, Bytes};
+use bytes::Bytes;
 use std::borrow::Cow;
 use std::fmt::Debug;
 use std::sync::Arc;
@@ -1229,11 +1229,10 @@ fn deser_set_keyspace(buf: &mut &[u8]) -> StdResult<SetKeyspace, SetKeyspacePars
 }
 
 fn deser_prepared(buf: &mut &[u8]) -> StdResult<Prepared, PreparedParseError> {
-    let id_len = types::read_short(buf)
-        .map_err(|err| PreparedParseError::IdLengthParseError(err.into()))?
-        as usize;
-    let id: Bytes = buf[0..id_len].to_owned().into();
-    buf.advance(id_len);
+    let id = types::read_short_bytes(buf)
+        .map_err(PreparedParseError::IdParseError)?
+        .to_owned()
+        .into();
     let prepared_metadata =
         deser_prepared_metadata(buf).map_err(PreparedParseError::PreparedMetadataParseError)?;
     let (result_metadata, paging_state_response) =
diff --git a/scylla-cql/src/frame/types.rs b/scylla-cql/src/frame/types.rs
@@ -3,10 +3,10 @@
 use super::TryFromPrimitiveError;
 use super::frame_errors::LowLevelDeserializationError;
 use byteorder::{BigEndian, ReadBytesExt};
+use bytes::BufMut;
 use bytes::Bytes;
 #[cfg(test)]
 use bytes::BytesMut;
-use bytes::{Buf, BufMut};
 use std::collections::HashMap;
 use std::convert::TryFrom;
 use std::convert::TryInto;
@@ -603,14 +603,12 @@ pub fn read_inet(buf: &mut &[u8]) -> Result<SocketAddr, LowLevelDeserializationE
     let len = buf.read_u8()?;
     let ip_addr = match len {
         4 => {
-            let ret = IpAddr::from(<[u8; 4]>::try_from(&buf[0..4])?);
-            buf.advance(4);
-            ret
+            let ip_bytes = read_raw_bytes(4, buf)?;
+            IpAddr::from(<[u8; 4]>::try_from(ip_bytes)?)
         }
         16 => {
-            let ret = IpAddr::from(<[u8; 16]>::try_from(&buf[0..16])?);
-            buf.advance(16);
-            ret
+            let ip_bytes = read_raw_bytes(16, buf)?;
+            IpAddr::from(<[u8; 16]>::try_from(ip_bytes)?)
         }
         v => return Err(LowLevelDeserializationError::InvalidInetLength(v)),
     };
