Fix MariaDB compressed event decoding panic

[krajcik]

Fixes a critical panic in MariaDB compressed event processing where
decodeString function attempts to read beyond buffer bounds.

Root cause: After decompressing MariaDB data in DecodeData, the
position offset (pos) from the original compressed buffer was
incorrectly used to read from the new decompressed buffer, causing slice
bounds errors.

Solution: Reset position to 0 after successful decompression since
the decompressed data should be read from the beginning.

Changes

• Reset pos = 0 after MariaDB data decompression in
  RowsEvent.DecodeData()
• This ensures proper offset calculation for subsequent data parsing

Error Details

Before fix:
panic: runtime error: slice bounds out of range [:53440] with capacity
8577
at github.com/go-mysql-org/go-mysql/replication.decodeString(row_even
t.go:1468)
at github.com/go-mysql-org/go-mysql/replication.decodeValue(row_event
.go:1408)
at github.com/go-mysql-org/go-mysql/replication.(*RowsEvent).DecodeDa
ta(row_event.go:1234)

After fix:

• MariaDB compressed events decode successfully
• No more slice bounds panics during string decoding
• Proper handling of MARIADB_UPDATE_ROWS_COMPRESSED_EVENT_V1 events

Technical Details

The issue occurred because:

1. DecompressMariadbData() replaces the original data buffer with
   decompressed content
2. The original pos offset was calculated for the compressed buffer
3. Using this offset on the new decompressed buffer caused out-of-bounds
   access
4. Resetting pos = 0 ensures reading starts from the beginning of
   decompressed data

[dveeden]

• What MariaDB version did you use for this?
• Any links to the MariaDB docs for this? (either in the issue or as code comment)
• Do you have a packet capture by any chance?
• Could we add a test for this?

[krajcik]

• What MariaDB version did you use for this?

MariaDB version 10.5.25 (when binlog_row_metadata=FULL and compressed events are enabled)

• Any links to the MariaDB docs for this? (either in the issue or as code comment)

https://mariadb.com/docs/server/clients-and-utilities/server-client-software/client-libraries/clientserver-protocol/replication-protocol/rows_event_v1v2-rows_compressed_event_v1
https://mariadb.com/kb/en/compressing-events-to-reduce-size-of-the-binary-log/
https://mariadb.com/kb/en/replication-and-binary-log-system-variables/

• Do you have a packet capture by any chance?

Unfortunately, I don't have a packet capture available.

• Could we add a test for this?

Yes, a test case would be valuable, but I don't see a simple way to create one without spinning up a MariaDB instance. The issue specifically occurs with real MariaDB compressed events (MARIADB_UPDATE_ROWS_COMPRESSED_EVENT_V1) that contain actual compressed row data.

[dveeden]

It might be possible to create a RowsEvent with the right properties and then feed it some data []byte to do the testing.

[lance6716]

There are some unit tests that hard-code the binlog event and process them, like TestParseRowPanic. You can modify the example program cmd/go-mysqlbinlog/main.go to dump the necessary events and hard-code them in tests.

If you find it's too hard for you to add tests, it's OK to leave this PR unchanged and I can help with adding tests soon.

[lance6716]

ping @krajcik

Hi, just checking in - any updates on the tests? No pressure at all - I can merge this PR and add tests later if you're unavailable.

[krajcik]

ping @krajcik

Hi, just checking in - any updates on the tests? No pressure at all - I can merge this PR and add tests later if you're unavailable.

Unfortunately, I don't have the capacity to work on tests right now. I apologize for that. I could potentially add them later, but I'm not sure when I'll have the time.