-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Assert(valid) when ext_proc filter apply header mutations #27547
Assert(valid) when ext_proc filter apply header mutations #27547
Conversation
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
/assign @yanavlasov @htuch @mpwarres @stevenzzzz |
This is a fuzzer issue: OSS fuzzer issue link: https://oss-fuzz.com/testcase-detail/5309367839490048 Accepting input from '[STDIN]' | Usage for fuzzing: honggfuzz -P [flags] -- /mnt/scratch0/clusterfuzz/bot/builds/clusterfuzz-builds-honggfuzz_envoy_13d8ff3fd8b6e12ff5bbd32d951c40c9e1c6513f/revisions/ext_proc_unit_test_fuzz Accepting input from '[STDIN]'
|
Test case: config { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, LGTM mostyl modulo comments. Needs a better description in commit message.
LGTM, thanks for the catch. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/wait
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/wait
test/extensions/filters/http/ext_proc/ext_proc_integration_test.cc
Outdated
Show resolved
Hide resolved
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
/retest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM modulo nit.
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
…#27547) * ASSERT(valid()) when ext_proc filter apply header mutations. Signed-off-by: Yanjun Xiang <yanjunxiang@google.com> Signed-off-by: Ryan Eskin <ryan.eskin89@protonmail.com>
When ext_proc server sends back some header mutation settings which contain NULL characters, like /n, /r or /0, this will cause ext_proc filter ASSERT(valid) being fired up when Envoy is built in debug mode.
In release mode, the ASSERT is no-op, however, we should add an explicit check to avoid such kind of headers get injected into Envoy.
Assert(valid) when ext_proc filter apply header mutations.
Commit Message:
Additional Description:
Risk Level:
Testing:
Docs Changes:
Release Notes:
Platform Specific Features:
[Optional Runtime guard:]
[Optional Fixes #Issue]
[Optional Fixes commit #PR or SHA]
[Optional Deprecated:]
[Optional API Considerations:]