Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[router] fix assert when encoding metadata #13511

Merged
merged 1 commit into from
Oct 13, 2020

Conversation

asraa
Copy link
Contributor

@asraa asraa commented Oct 12, 2020

Signed-off-by: Asra Ali [email protected]

Commit Message: Fix an invalid ASSERT when encoding metadata frames in the router.
Additional Description:
METADATA frames can't end stream, so there must be data, trailers, or a reset stream frame to end the stream. The ASSERT was meant to verify that there is data following METADATA frames to end the stream (for example, in case a client sends headers only request and metadata is added, FM adds empty data to end the stream). However, trailers could also end the stream, or the client could send body later/never. The ASSERT is invalid.

The PR removes the ASSERT.

Open to suggestions to have an ASSERT, but I couldn't think of one that was worth it / could be detected here. "if we had a header only request before, ASSERT there is empty data", or "if there is no possibility of stream reset occurring at this stage, ASSERT there is data or trailers."

Risk Level: Low. This only affects the ASSERT, has no impact on traffic.
Testing: Integration test added as a regression. Fuzz testcase added.
Fixes:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26238

Signed-off-by: Asra Ali <[email protected]>
@asraa asraa requested review from soya3129 and snowp October 12, 2020 17:35
Copy link
Contributor

@snowp snowp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@alyssawilk alyssawilk merged commit eb9af96 into envoyproxy:master Oct 13, 2020
mpuncel added a commit to mpuncel/envoy that referenced this pull request Oct 14, 2020
* master: (22 commits)
  http: using CONNECT_ERROR for HTTP/2 (envoyproxy#13519)
  listener: respect address.pipe.mode (it didn't work) (envoyproxy#13493)
  examples: Fix more deprecations/warnings in configs (envoyproxy#13529)
  overload: tcp connection refusal overload action (envoyproxy#13311)
  tcp: towards pluggable upstreams (envoyproxy#13331)
  conn_pool: fixing comments (envoyproxy#13520)
  Prevent SEGFAULT when disabling listener (envoyproxy#13515)
  Convert overload manager config literals to YAML (envoyproxy#13518)
  Fix runtime feature variable name (envoyproxy#13533)
  dependencies: refactor repository location schema utils, cleanups. (envoyproxy#13452)
  router:  fix an invalid ASSERT when encoding metadata frames in the router. (envoyproxy#13511)
  http2: Proactively disconnect connections flooded when resetting stream (envoyproxy#13482)
  ci use azp to sync filter example (envoyproxy#13501)
  mongo_proxy: support configurable command list for metrics (envoyproxy#13494)
  http local rate limit: note token bucket is shared (envoyproxy#13525)
  wasm/extensions: Wasm extension policy. (envoyproxy#13526)
  http: removing envoy.reloadable_features.http1_flood_protection (envoyproxy#13508)
  build: update ppc64le CI build status shield (envoyproxy#13521)
  dependencies: enforce dependency shepherd sign-off via RepoKitteh. (envoyproxy#13522)
  Add no_traffic_healthy_interval (envoyproxy#13336)
  ...

Signed-off-by: Michael Puncel <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants