Comments (4)
EmperorEarth
commented on September 15, 2024
Some more data (from Ubuntu 16.04 LTS)
Bugged UUIDs are bolded
UUIDs generated within the same transaction are included for context
79CF2018CA11E7A6B67EF825168B4700
79CFA7B018CA11E7A6B67EF825168B47
79CFE78B18CA11E7A6B67EF825168B47
79CFF7C418CA11E7A6B67EF825168B47
79D0080D18CA11E7A6B67EF825168B47
E73A909E18A811E7A6B67EF825168B47
E7029918A811E7A6B67EF825168B4700
E715FD18A811E7A6B67EF825168B4700
E729E518A811E7A6B67EF825168B4700
E73A4818A811E7A6B67EF825168B4700
E74E7B18A811E7A6B67EF825168B4700
E75A114718A811E7A6B67EF825168B47
E75A33DD18A811E7A6B67EF825168B47
E75A9FC418A811E7A6B67EF825168B47
E75ACDC618A811E7A6B67EF825168B47
E75AE77118A811E7A6B67EF825168B47
E75AFB8218A811E7A6B67EF825168B47
E75B19E118A811E7A6B67EF825168B47
E75B2D4518A811E7A6B67EF825168B47
E75B3F8818A811E7A6B67EF825168B47
E75B612418A811E7A6B67EF825168B47
E75B739118A811E7A6B67EF825168B47
E75B972218A811E7A6B67EF825168B47
E75BA97618A811E7A6B67EF825168B47
E75BBDAF18A811E7A6B67EF825168B47
E75BCEC618A811E7A6B67EF825168B47
E75BDE3418A811E7A6B67EF825168B47
E75BF29718A811E7A6B67EF825168B47
466CB10218A911E7A6B67EF825168B47
468F336A18A911E7A6B67EF825168B47
468F4A5618A911E7A6B67EF825168B47
468F8118A911E7A6B67EF825168B4700
1E000BC118AA11E7A6B67EF825168B47
00C9FCD618AE11E7A6B67EF825168B47// also bugged? not sure
1E255E18AA11E7A6B67EF825168B4700
1E25864018AA11E7A6B67EF825168B47
1E25A10318AA11E7A6B67EF825168B47
1E25C0A118AA11E7A6B67EF825168B47
1E25D52418AA11E7A6B67EF825168B47
1E25E67B18AA11E7A6B67EF825168B47
1E2607F718AA11E7A6B67EF825168B47
1E26264918AA11E7A6B67EF825168B47
1E263EFE18AA11E7A6B67EF825168B47
So far, 12 of my 579 UUIDs have trailing 00's (Just over 2%)
Side note, I have 2/570 UUIDs with a leading 00.
00C9FCD618AE11E7A6B67EF825168B47
00FA63FC18AE11E7A6B67EF825168B47
from go.uuid.
EmperorEarth
commented on September 15, 2024
Can it be my sanitizer?
import (
"database/sql"
"fmt"
"github.com/satori/go.uuid"
)
func foo(db *sql.DB) {
id := uuid.NewV1()
_, _ := db.Exec(sanitizeSQL("INSERT INTO bar (id, baz) VALUES ('%s', '%s')", id.Bytes(), "baq"))
}
func sanitizeSQL(format string, args ...interface{}) string {
for i := range args {
args[i] = sanitizeArg(args[i])
}
return fmt.Sprintf(format, args...)
}
func sanitizeArg(v interface{}) interface{} {
s, ok := v.(string)
if !ok {
return v
}
// protect vs sql injection
s = strings.Replace(s, "\\", "\\\\", -1)
s = strings.Replace(s, "\"", "\\\"", -1)
s = strings.Replace(s, "'", "\\'", -1)
return strings.TrimSpace(s)
}
from go.uuid.
EmperorEarth
commented on September 15, 2024
Probably solved by methane here
from go.uuid.
satori
commented on September 15, 2024
@EmperorEarth the problem might be that you are formatting .Bytes() output into %s instead of .String()
from go.uuid.
Related Issues (20)
- assignment mismatch: 2 variables but uuid.NewV4 returns 1 values HOT 4
- uuid.NewV4() - fixed in master, but bugged in all releases HOT 2
- Readme Coverage and GoDoc coverage report different values HOT 1
- PSA: This repo is dead
- assignment mismatch: 2 variables but uuid.NewV4 returns 1 values HOT 6
- release version problem HOT 6
- incompatible code between HEAD of master and tag v1.2.0 HOT 1
- Need new release/tag for vulnerability fix HOT 1
- Why did I get this mistake? HOT 1
- IMPORTANT: Unresolved CVE on latest release (CVE-2021-3538 ) HOT 1
- Create functions that allows go get empty/default uuid HOT 3
- It's time to switch to gitee.com/gofrs/uuid HOT 1
- Can you tag the fix that is in master using ReadFull as 1.2.1? HOT 1
- CVE-2021-3538 HOT 1
- Is it thread-Safe?! HOT 1
- Fix Request: CVE-2021-3538 HOT 2
- Issue using go.uuid in docker container HOT 3
- New Release possible? HOT 4
- could not get new version for go.mod HOT 1
- NewV1() get same result on Windows HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go.uuid.