Fix buffer overrun on non-terminated comment

Also made the behavior consistent when an incomplete comment is found.

server/core/modutil.cc

@@ -1466,7 +1466,11 @@ std::string get_canonical(GWBUF* querybuf)
         else if (*it == '/' && is_next(it, buf.end(), "/*"))
         {
             auto comment_start = std::next(it, 2);
-            if (comment_start != buf.end() && *comment_start != '!' && *comment_start != 'M')
+            if (comment_start == buf.end())
+            {
+                break;
+            }
+            else if (*comment_start != '!' && *comment_start != 'M')
             {
                 // Non-executable comment
                 while (it != buf.end())
@@ -1479,6 +1483,11 @@ std::string get_canonical(GWBUF* querybuf)
                     }
                     ++it;
                 }
+
+                if (it == buf.end())
+                {
+                    break;
+                }
             }
             else
             {
@@ -1507,6 +1516,7 @@ std::string get_canonical(GWBUF* querybuf)
 
                 ++it;
             }
+
             if (it == buf.end())
             {
                 break;
@@ -1545,6 +1555,8 @@ std::string get_canonical(GWBUF* querybuf)
         {
             rval[i++] = *it;
         }
+
+        mxb_assert(it != buf.end());
     }
 
     // Shrink the buffer so that the internal bookkeeping of std::string remains up to date

server/core/test/canonical_tests/comment.expected

@@ -9,3 +9,7 @@ SELECT ? /*! +? */;
 SELECT ? /*!? +? */;
 SELECT ? /*M! +? */;
 SELECT ? /*M!? +? */;
+SELECT ?
+SELECT ?
+SELECT ?
+SELECT ?

server/core/test/canonical_tests/comment.sql

@@ -9,3 +9,7 @@ SELECT 1 /*! +1 */;
 SELECT 1 /*!50101 +1 */;
 SELECT 2 /*M! +1 */;
 SELECT 2 /*M!50101 +1 */;
+SELECT 2 /* 
+SELECT 2 /*
+SELECT 2 /*/
+SELECT 2 /**/