Skip to content

Commit

Permalink
[EXPORTER] handling of invalid ports in UrlParser (#3142)
Browse files Browse the repository at this point in the history
  • Loading branch information
@sjinks
sjinks authored Nov 14, 2024
1 parent c81a3d4 commit 149d29c
Show file tree
Hide file tree
Showing 2 changed files with 59 additions and 5 deletions.
29 changes: 24 additions & 5 deletions ext/include/opentelemetry/ext/http/common/url_parser.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,9 @@

#pragma once

#include <stdlib.h>
#include <cerrno>
#include <cstdint>
#include <cstdlib>
#include <string>

#include "opentelemetry/version.h"
Expand Down Expand Up @@ -88,8 +89,11 @@ class UrlParser
path_ = std::string("/"); // use default path
if (is_port)
{
port_ = static_cast<uint16_t>(
std::stoi(std::string(url_.begin() + cpos, url_.begin() + url_.length())));
std::string port_str(
url_.begin() + static_cast<std::string::difference_type>(cpos),
url_.begin() + static_cast<std::string::difference_type>(url_.length()));

port_ = GetPort(port_str);
}
else
{
Expand All @@ -99,8 +103,9 @@ class UrlParser
}
if (is_port)
{
port_ =
static_cast<uint16_t>(std::stoi(std::string(url_.begin() + cpos, url_.begin() + pos)));
std::string port_str(url_.begin() + static_cast<std::string::difference_type>(cpos),
url_.begin() + static_cast<std::string::difference_type>(pos));
port_ = GetPort(port_str);
}
else
{
Expand Down Expand Up @@ -164,6 +169,20 @@ class UrlParser

return std::string::npos;
}

std::uint16_t GetPort(const std::string &s)
{
char *e = nullptr;
errno = 0;
auto port = std::strtol(s.c_str(), &e, 10);
if (e == s.c_str() || e != s.c_str() + s.size() || errno == ERANGE || port < 0 || port > 65535)
{
success_ = false;
return 0;
}

return static_cast<uint16_t>(port);
}
};

class UrlDecoder
Expand Down
35 changes: 35 additions & 0 deletions ext/test/http/url_parser_test.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,41 @@ TEST(UrlParserTests, BasicTests)
{"path", "/path1@bbb/path2"},
{"query", "q1=a1&q2=a2"},
{"success", "true"}}},
{"https://https://example.com/some/path",
{{"host", "https"},
{"port", "0"},
{"scheme", "https"},
{"path", "//example.com/some/path"},
{"query", ""},
{"success", "false"}}},
{"https://example.com:-1/some/path",
{{"host", "example.com"},
{"port", "0"},
{"scheme", "https"},
{"path", "/some/path"},
{"query", ""},
{"success", "false"}}},
{"https://example.com:65536/some/path",
{{"host", "example.com"},
{"port", "0"},
{"scheme", "https"},
{"path", "/some/path"},
{"query", ""},
{"success", "false"}}},
{"https://example.com:80a/some/path",
{{"host", "example.com"},
{"port", "0"},
{"scheme", "https"},
{"path", "/some/path"},
{"query", ""},
{"success", "false"}}},
{"https://example.com:18446744073709551616/some/path",
{{"host", "example.com"},
{"port", "0"},
{"scheme", "https"},
{"path", "/some/path"},
{"query", ""},
{"success", "false"}}},
};
for (auto &url_map : urls_map)
{
Expand Down

1 comment on commit 149d29c

@github-actions
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Performance Alert ⚠️

Possible performance regression was detected for benchmark 'OpenTelemetry-cpp api Benchmark'.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 2.

Benchmark suite Current: 149d29c Previous: c81a3d4 Ratio
BM_SpinLockThrashing/2/process_time/real_time 0.6420868901130096 ms/iter 0.17108871133287967 ms/iter 3.75
BM_NaiveSpinLockThrashing/1/process_time/real_time 0.15395770312231058 ms/iter 0.0766985265118288 ms/iter 2.01
BM_NaiveSpinLockThrashing/2/process_time/real_time 0.526229275243782 ms/iter 0.1865914630405794 ms/iter 2.82
BM_NaiveSpinLockThrashing/4/process_time/real_time 1.8266042073567708 ms/iter 0.6979875839673556 ms/iter 2.62

This comment was automatically generated by workflow using github-action-benchmark.

Please sign in to comment.