Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Response Ops][Alerting] isSnoozeActive can cause Kibana to hang for invalid rRule parameters #205558

Open
ymao1 opened this issue Jan 4, 2025 · 2 comments
Open

[Response Ops][Alerting] isSnoozeActive can cause Kibana to hang for invalid rRule parameters #205558

ymao1 opened this issue Jan 4, 2025 · 2 comments
Labels
bug Fixes for quality problems that affect the customer experience Feature:Alerting Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)

Comments

@ymao1
Copy link
Contributor

ymao1 commented Jan 4, 2025

We're seeing an issue where snooze schedules with bymonth or bymonthday set to 0 or [0] are causing an infinite loop inside the isSnoozeActive function.

This is recreateable in the jest tests

diff --git a/x-pack/plugins/alerting/server/lib/snooze/is_snooze_active.test.ts b/x-pack/plugins/alerting/server/lib/snooze/is_snooze_active.test.ts
index 9fdce331a7d..15b40bb9ea3 100644
--- a/x-pack/plugins/alerting/server/lib/snooze/is_snooze_active.test.ts
+++ b/x-pack/plugins/alerting/server/lib/snooze/is_snooze_active.test.ts
@@ -139,7 +139,7 @@ describe('isSnoozeActive', () => {
         freq: Frequency.YEARLY,
         interval: 1,
         bymonthday: [1],
-        bymonth: [1],
+        bymonth: [[0]],
         tzid: 'Europe/Madrid',
         dtstart: '2023-01-01T00:00:00.000Z',
       } as RRuleRecord,

diff --git a/x-pack/plugins/alerting/server/lib/snooze/is_snooze_active.test.ts b/x-pack/plugins/alerting/server/lib/snooze/is_snooze_active.test.ts
index 9fdce331a7d..4fb5c91d21d 100644
--- a/x-pack/plugins/alerting/server/lib/snooze/is_snooze_active.test.ts
+++ b/x-pack/plugins/alerting/server/lib/snooze/is_snooze_active.test.ts
@@ -139,7 +139,7 @@ describe('isSnoozeActive', () => {
         freq: Frequency.YEARLY,
         interval: 1,
         bymonthday: [1],
-        bymonth: [1],
+        bymonth: [0],
         tzid: 'Europe/Madrid',
         dtstart: '2023-01-01T00:00:00.000Z',
       } as RRuleRecord,

diff --git a/x-pack/plugins/alerting/server/lib/snooze/is_snooze_active.test.ts b/x-pack/plugins/alerting/server/lib/snooze/is_snooze_active.test.ts
index 9fdce331a7d..5b78890b780 100644
--- a/x-pack/plugins/alerting/server/lib/snooze/is_snooze_active.test.ts
+++ b/x-pack/plugins/alerting/server/lib/snooze/is_snooze_active.test.ts
@@ -106,7 +106,7 @@ describe('isSnoozeActive', () => {
     const snoozeA = {
       duration: 198000000,
       rRule: {
-        byweekday: ['SA'],
+        byweekday: [0],
         tzid: 'Europe/Madrid',
         freq: Frequency.DAILY,
         interval: 1,

Making these modifications will cause the jest tests to hang.

We need to determine whether this 0 value is a valid configuration for rRule. If it's not, we need to determine how it's being set and prevent this function from going into an infinite loop
@ymao1 ymao1 added bug Fixes for quality problems that affect the customer experience Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) labels Jan 4, 2025
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

@Zacqary
Copy link
Contributor

Zacqary commented Jan 6, 2025

0 is not a valid bymonth value. January is 1.

The iCalendar spec implies in one of the examples that invalid dates are supposed to be ignored. So to fix this issue we need to:

  • Make therrule library ignore BYMONTH=0 instead of infinitely looping
  • Test for invalid values on all properties, for additional safety
  • Make sure APIs and UIs can only send valid rrule parameters

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Fixes for quality problems that affect the customer experience Feature:Alerting Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Zacqary @ymao1 @elasticmachine