Skip to content

Commit

Permalink
[1.8] Fix kafka bound checks (#1172)
Browse files Browse the repository at this point in the history
  • Loading branch information
@grcevski
grcevski authored Sep 17, 2024
1 parent 166d284 commit 98352a7
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 3 deletions.
6 changes: 3 additions & 3 deletions pkg/internal/ebpf/common/kafka_detect_transform.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -206,7 +206,7 @@ func getTopicName(pkt []byte, offset int, op Operation, apiVersion int16) (strin
}

offset += 4
if offset > len(pkt) {
if offset >= len(pkt) {
return "", errors.New("invalid buffer length")
}
topicNameSize, err := getTopicNameSize(pkt, offset, op, apiVersion)
Expand All @@ -215,7 +215,7 @@ func getTopicName(pkt []byte, offset int, op Operation, apiVersion int16) (strin
}
offset += 2

if offset > len(pkt) {
if offset >= len(pkt) {
return "", nil
}
maxLen := offset + topicNameSize
Expand Down Expand Up @@ -253,7 +253,7 @@ func getTopicNameSize(pkt []byte, offset int, op Operation, apiVersion int16) (i
if err != nil {
return 0, err
}
} else {
} else if offset < len(pkt) {
topicNameSize = int(binary.BigEndian.Uint16(pkt[offset:]))
}
if topicNameSize <= 0 {
Expand Down
9 changes: 9 additions & 0 deletions pkg/internal/ebpf/common/kafka_detect_transform_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,15 @@ func TestProcessKafkaRequest(t *testing.T) {
input []byte
expected *KafkaInfo
}{
{
name: "Fetch request (v11) truncated",
input: []byte{0, 0, 0, 94, 0, 1, 0, 11, 0, 0, 0, 224, 0, 6, 115, 97, 114, 97, 109, 97, 255, 255, 255, 255, 0, 0, 1, 244, 0, 0, 0, 1, 6, 64, 0, 0, 0, 0, 0, 0, 0, 255, 255, 255, 255, 0, 0, 0, 1},
expected: &KafkaInfo{
ClientID: "sarama",
Operation: Fetch,
TopicOffset: 45,
},
},
{
name: "Fetch request (v11)",
input: []byte{0, 0, 0, 94, 0, 1, 0, 11, 0, 0, 0, 224, 0, 6, 115, 97, 114, 97, 109, 97, 255, 255, 255, 255, 0, 0, 1, 244, 0, 0, 0, 1, 6, 64, 0, 0, 0, 0, 0, 0, 0, 255, 255, 255, 255, 0, 0, 0, 1, 0, 9, 105, 109, 112, 111, 114, 116, 97, 110, 116, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 19, 0, 0, 0, 0, 0, 0, 0, 0, 0, 16, 0, 0, 0, 0, 0, 0, 0, 0},
Expand Down

0 comments on commit 98352a7

Please sign in to comment.