diff options
| author | Frank Ch. Eigler <fche@redhat.com> | 2021-02-25 14:04:20 -0500 |
|---|---|---|
| committer | Frank Ch. Eigler <fche@redhat.com> | 2021-02-25 14:07:51 -0500 |
| commit | 35e49cac53a97ae6c51190c8e2d35a215e188bba (patch) | |
| tree | 40d450b6cad987f54498c0410258eba431a0605e | |
| parent | df2f49d83cebb59af84c133ad2b981fab9332209 (diff) | |
| download | elfutils-35e49cac53a97ae6c51190c8e2d35a215e188bba.tar.gz | |
debuginfod: filter webapi for bad keywords early
Prevent some unnecessary processing of user data and
keep invalid request types out of metrics.
Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
| -rw-r--r-- | debuginfod/ChangeLog | 5 | ||||
| -rw-r--r-- | debuginfod/debuginfod.cxx | 3 | ||||
| -rw-r--r-- | tests/ChangeLog | 4 | ||||
| -rwxr-xr-x | tests/run-debuginfod-find.sh | 3 |
4 files changed, 14 insertions, 1 deletions
diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog index a66ded38..98089b2d 100644 --- a/debuginfod/ChangeLog +++ b/debuginfod/ChangeLog @@ -1,3 +1,8 @@ +2021-02-25 Frank Ch. Eigler <fche@redhat.com> + + * debuginfod.cxx (handler_cb): Filter webapi for bad + artifacttype keywords early for metric hygiene. + 2021-02-14 Frank Ch. Eigler <fche@redhat.com> * debuginfod.cxx (main -U): Use bsdtar unconditionally. Also map diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx index 6fdaf60e..2aecc049 100644 --- a/debuginfod/debuginfod.cxx +++ b/debuginfod/debuginfod.cxx @@ -1587,6 +1587,8 @@ handle_buildid (MHD_Connection* conn, else if (artifacttype == "source") atype_code = "S"; else throw reportable_exception("invalid artifacttype"); + inc_metric("http_requests_total", "type", artifacttype); + if (atype_code == "S" && suffix == "") throw reportable_exception("invalid source suffix"); @@ -1936,7 +1938,6 @@ handler_cb (void * /*cls*/, suffix = url_copy.substr(slash3); // include the slash in the suffix } - inc_metric("http_requests_total", "type", artifacttype); // get the resulting fd so we can report its size int fd; r = handle_buildid(connection, buildid, artifacttype, suffix, &fd); diff --git a/tests/ChangeLog b/tests/ChangeLog index 889f5066..94447128 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,7 @@ +2021-02-25 Frank Ch. Eigler <fche@redhat.com> + + * run-debuginfod-find.sh: Add bad webapi artifacttype test. + 2021-02-17 Frank Ch. Eigler <fche@redhat.com> * run-debuginfod-find.sh: Tweak wait_ready() to also print -vvv log of diff --git a/tests/run-debuginfod-find.sh b/tests/run-debuginfod-find.sh index 1ae63e0e..bcca6130 100755 --- a/tests/run-debuginfod-find.sh +++ b/tests/run-debuginfod-find.sh @@ -493,6 +493,9 @@ curl -s http://127.0.0.1:$PORT1/metrics | grep 'scanned_bytes_total' curl -s http://127.0.0.1:$PORT2/badapi > /dev/null || true curl -s http://127.0.0.1:$PORT2/buildid/deadbeef/debuginfo > /dev/null || true +# Confirm bad artifact types are rejected without leaving trace +curl -s http://127.0.0.1:$PORT2/buildid/deadbeef/badtype > /dev/null || true +(curl -s http://127.0.0.1:$PORT2/metrics | grep 'badtype') && false ######################################################################## # Corrupt the sqlite database and get debuginfod to trip across its errors |