uuid.Parse allows invalid UUID's #131

dhuckins · 2023-09-28T19:21:06Z

it seems that there are some cases where uuid.Parse is not throwing an error for invalid uuids
examples of invalid UUID's that do not give errors

extra dashes: -6ba7b810-9dad-11d1-80b4-00c04fd430c8-
extra characters: 06ba7b810-9dad-11d1-80b4-00c04fd430c81
quotes: "6ba7b810-9dad-11d1-80b4-00c04fd430c8"

see here for a reproducible example

The text was updated successfully, but these errors were encountered:

bormanp · 2023-10-03T23:35:39Z

This is a known "feature" and has been discussed before. Fixing this could very well break existing code. I actually don't see any issue with the first and third examples. The current code also can parse [6ba7b810-9dad-11d1-80b4-00c04fd430c8], <6ba7b810-9dad-11d1-80b4-00c04fd430c8>, (6ba7b810-9dad-11d1-80b4-00c04fd430c8), '6ba7b810-9dad-11d1-80b4-00c04fd430c8' all of which I have no particular problem with. I agree that the seocnd example does not return an error is unfortunate. In any event, the time for this change has long since passed.

If validating, rather than just parsing, strings as UUIDs I could imagine a function like:

func Validate(s string) (uuid, error) {
    if len(s) == 36 + 2 { 
      // do some checks
    }
    return Parse(s)
}

bormanp · 2023-10-03T23:53:02Z

This is a duplicate of issue #60

bormanp mentioned this issue Oct 3, 2023

fixed issue #131 by improving the Parse function in uuid.go + unit tests #132

Closed

bormanp closed this as completed Oct 3, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

uuid.Parse allows invalid UUID's #131

uuid.Parse allows invalid UUID's #131

dhuckins commented Sep 28, 2023

bormanp commented Oct 3, 2023

bormanp commented Oct 3, 2023

uuid.Parse allows invalid UUID's #131

uuid.Parse allows invalid UUID's #131

Comments

dhuckins commented Sep 28, 2023

bormanp commented Oct 3, 2023

bormanp commented Oct 3, 2023