fix(domain_fronter): prevent panic when brace positions are inverted in fallback JSON extraction#1229
Open
CaptainMirage wants to merge 3 commits into
Open
Conversation
…in fallback JSON extraction
In three error-path fallback sites (finalize_tunnel_response,
finalize_batch_response, parse_relay_json), the code uses text.find('{')
and text.rfind('}') to extract a JSON object from a messy response. When
the response body is binary garbage, those byte values can appear in any
order, causing start > end. The subsequent &text[start..=end] slice then
panics with 'begin > end' and a SIGILL core dump.
Add a bounds check at all three sites: if start > end, return a structured
BadResponse error instead of slicing. Reproducible whenever Apps Script
returns a non-JSON binary response body.
…yVPN-RUST into fix/parse-relay-json-inverted-brace
…yVPN-RUST into fix/parse-relay-json-inverted-brace
Author
|
welp i somehow managed to pull from the main repo and did this, hold on im gonna fix it |
Author
|
if you may please ignore those 2 commits of trying to merge into the main branch, i somehow managed to run the pull command from an older command and did |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
three fallback sites in
finalize_tunnel_response,finalize_batch_response,and
parse_relay_jsonusetext.find('{')andtext.rfind('}')to pull a JSONobject out of a messy response, when the response body is binary garbage,
those bytes can appear in any order,
rfindmight find'}'at byte 84 whilefind finds
'{'at byte 157. The slice&text[start..=end]then panics with"begin > end" and a SIGILL core dump
Added a bounds check at all three sites: if
start > endreturn a structuredBadResponse error instead of slicing and promptly thanos snapping itself
Reproducible whenever Apps Script returns a binary or non-JSON response body,
which happens under quota pressure, transient errors, or when the exit node
returns unexpected content (sometimes managed to reproduce with huge amounts of ping)