Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

http: fix datadog and squash handling of responses without body #13328

Merged
merged 1 commit into from
Sep 30, 2020

Conversation

alyssawilk
Copy link
Contributor

Commit Message: Fixing bugs in datadog and sqaush where unexpected bodyless responses would crash Envoy
Risk Level: low
Testing: new unit tests
Docs Changes: n/a
Release Notes: inline

Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
@alyssawilk alyssawilk changed the title http: fix datadog and squash http: fix datadog and squash handling of responses without body Sep 30, 2020
@alyssawilk
Copy link
Contributor Author

per API discussion I've got
https://github.com/envoyproxy/envoy/compare/master...alyssawilk:datadog2?expand=1
which simply allocates a buffer. I don't think there's any perf hit so I mildly prefer the simplicity to optional reference wrapper.
The down side is there could be slight behavioral changes because one then can't differentiate no body from empty body, so if we go that route I'd be inclined to land it in a separate PR and only backport the bugfix.
Actually either way I think for backporting it'd probably be worth landing the minimal change on its own. WDYT?

@alyssawilk
Copy link
Contributor Author

cc @envoyproxy/stable-maintainers for assessment

@mattklein123
Copy link
Member

Yeah I agree on the further fixups. I like I mentioned in the other discussion, you could keep the reference return, and just return a static const buffer if the actual buffer is empty. This would probably perform slightly better but it's probably not worth it. Up to you.

/wait

@alyssawilk
Copy link
Contributor Author

I don't think we could do static const, because it's mutable (and often mutated). I think we either stack allocate individual buffers, or do reference wrappers

@mattklein123
Copy link
Member

I don't think we could do static const, because it's mutable (and often mutated). I think we either stack allocate individual buffers, or do reference wrappers

Ah OK. I'm fine either way. IIRC the buffer impl doesn't allocate any slices until data is added, so probably minimal perf hit.

@alyssawilk
Copy link
Contributor Author

cool.
As said due to minor behavioral differences (code paths for H2 [headers only] vs [headers with delayed 0 body fin] I'd prefer to land the API change as a follow up, especially as if this gets backported (hoping it makes the bar for the reporter's sake) it's easier to do the smaller fix.
Anything else you'd like to see here?

@mattklein123
Copy link
Member

I'd prefer to land the API change as a follow up, especially as if this gets backported (hoping it makes the bar for the reporter's sake) it's easier to do the smaller fix.

Ah OK sounds good!

@PiotrSikora
Copy link
Contributor

/backport

@repokitteh-read-only repokitteh-read-only bot added the backport/review Request to backport to stable releases label Sep 30, 2020
@alyssawilk alyssawilk merged commit b8b6c84 into envoyproxy:master Sep 30, 2020
alyssawilk added a commit that referenced this pull request Oct 1, 2020
As a follow-up to #13328, always creating a body buffer to avoid the pattern of null pointer derefs.

Risk Level: Medium
Testing: unit tests pass
Docs Changes: n/a
Release Notes: yes

Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
@PiotrSikora
Copy link
Contributor

@cpakulski anything with backport/review label needs to be evaluated for backporting and if approved, that label should be changed to backport/approved and PRs sent to stable releases.

@cpakulski cpakulski added backport/approved Approved backports to stable releases and removed backport/review Request to backport to stable releases labels Dec 16, 2020
cpakulski pushed a commit to cpakulski/envoy that referenced this pull request Dec 17, 2020
…proxy#13328)

Commit Message: Fixing bugs in datadog and sqaush where unexpected bodyless responses would crash Envoy
Risk Level: low
Testing: new unit tests
Docs Changes: n/a
Release Notes: inline

Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>
alyssawilk pushed a commit that referenced this pull request Jan 5, 2021
…without body (#13328) (#14458)

Commit Message: Fixing bugs in datadog and sqaush where unexpected bodyless responses would crash Envoy
Risk Level: low
Testing: new unit tests, updated certs
Docs Changes: n/a
Release Notes: inline
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>
Co-authored-by: alyssawilk <alyssar@chromium.org>
istio-testing pushed a commit to istio/envoy that referenced this pull request Jan 8, 2021
* docs: kick-off 1.15.1 release. (envoyproxy#12166)

Signed-off-by: Piotr Sikora <piotrsikora@google.com>

* tls: update BoringSSL-FIPS to 20190808. (envoyproxy#12170)

Signed-off-by: Piotr Sikora <piotrsikora@google.com>

* test: Exclude wasm_vm_test from CI by making it a "manual" test. (#207)

The wee v8 build times out in CI under --config=asan because the machine the job is scheduled on is too small.

Signed-off-by: Antonio Vicente <avd@google.com>

* [v1.15] http: header map security fixes for duplicate headers (#197) (#200)

Previously header matching did not match on all headers for
non-inline headers. This patch changes the default behavior to
always logically match on all headers. Multiple individual
headers will be logically concatenated with ',' similar to what
is done with inline headers. This makes the behavior effectively
consistent. This behavior can be temporary reverted by setting
the runtime value "envoy.reloadable_features.header_match_on_all_headers"
to "false".

Targeted fixes have been additionally performed on the following
extensions which make them consider all duplicate headers by default as
a comma concatenated list:
1) Any extension using CEL matching on headers.
2) The header to metadata filter.
3) The JWT filter.
4) The Lua filter.
Like primary header matching used in routing, RBAC, etc. this behavior
can be disabled by setting the runtime value
"envoy.reloadable_features.header_match_on_all_headers" to false.

Finally, the setCopy() header map API previously only set the first
header in the case of duplicate non-inline headers. setCopy() now
behaves similiarly to the other set*() APIs and replaces all found
headers with a single value. This may have had security implications
in the extauth filter which uses this API. This behavior can be disabled
by setting the runtime value
"envoy.reloadable_features.http_set_copy_replace_all_headers" to false.

Fixes https://github.com/envoyproxy/envoy-setec/issues/188

Signed-off-by: Matt Klein <mklein@lyft.com>

* backport to v1.15: Fix Kafka Repository Location (#223)

Update mirror used to fetch kafka dependency to a valid, working mirror.

Based on envoyproxy#13025
Resolves envoyproxy#13011

Signed-off-by: Antonio Vicente <avd@google.com>

* release: cutting 1.15.1 (#217)

Signed-off-by: Antonio Vicente <avd@google.com>

* docs: Fix release notes for v1.15.1 release. (envoyproxy#13318)

Signed-off-by: Antonio Vicente <avd@google.com>

* Backport flaky test and tsan fixes to releases/v1.15 branch (envoyproxy#13337)

* hds: fix integration test flakes (envoyproxy#12214)

Part of envoyproxy#12184

Signed-off-by: Matt Klein <mklein@lyft.com>
Signed-off-by: Antonio Vicente <avd@google.com>

* Switch to a tsan-instrumented libc++ for tsan tests (envoyproxy#12134)

This fixes envoyproxy#9784 and re-enables vhds_integration_test

Risk Level: Low, but will most likely increase memory usage

Signed-off-by: Dmitri Dolguikh <ddolguik@redhat.com>

Signed-off-by: Antonio Vicente <avd@google.com>

* test: shard hds_integration_test (envoyproxy#12482)

This should avoid TSAN timeout flakes.

Signed-off-by: Matt Klein <mklein@lyft.com>
Signed-off-by: Antonio Vicente <avd@google.com>

* test: shard http2_integration_test (envoyproxy#11939)

This should mitigate TSAN timeout.

Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Signed-off-by: Antonio Vicente <avd@google.com>

* test: fix http2_integration_test flake (envoyproxy#12450)

Fixes envoyproxy#12442

Signed-off-by: Matt Klein <mklein@lyft.com>
Signed-off-by: Antonio Vicente <avd@google.com>

* Kick CI

Signed-off-by: Antonio Vicente <avd@google.com>

Co-authored-by: Matt Klein <mklein@lyft.com>
Co-authored-by: Dmitri Dolguikh <ddolguik@redhat.com>
Co-authored-by: Lizan Zhou <lizan@tetrate.io>

* docs: kick off v1.15.3-dev (envoyproxy#13695)

Signed-off-by: Christoph Pakulski <christoph@tetrate.io>

* 1.15: CI fixes backport (envoyproxy#13697)

Backport following commits to 1.15:
748b2ab (mac ci: try ignoring update failure (envoyproxy#13658), 2020-10-20)
f95f539 (ci: various improvements (envoyproxy#13660), 2020-10-20)
73d78f8 (ci: use multiple stage (envoyproxy#13557), 2020-10-15)
b7a4756 (ci: use azp for api and go-control-plane sync (envoyproxy#13550), 2020-10-14)
876a6bb (ci use azp to sync filter example (envoyproxy#13501), 2020-10-12)
a0f31ee (ci: use azp to generate docs (envoyproxy#13481), 2020-10-12)

Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Co-authored-by: asraa <asraa@google.com>

* 1.15: fix CI script (envoyproxy#13724)

Signed-off-by: Lizan Zhou <lizan@tetrate.io>

* Prevent SEGFAULT when disabling listener (envoyproxy#13515) (envoyproxy#13903)

This prevents the stop_listening overload action from causing
segmentation faults that can occur if the action is enabled after the
listener has already shut down.

Signed-off-by: Alex Konradi <akonradi@google.com>
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>

* proxy protocol: set downstreamRemoteAddress on StreamInfo (envoyproxy#14131) (envoyproxy#14169)

This fixes a regression which resulted in the downstreamRemoteAddress
on the StreamInfo for a connection not having the address supplied by
the proxy protocol filter, but instead having the address of the
directly connected peer.

This issue does not affect HTTP filters.

Fixes envoyproxy#14087

Signed-off-by: Greg Greenway <ggreenway@apple.com>
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>

* ci: temproray disable vhds_integration_test in TSAN (envoyproxy#12067) (envoyproxy#14217)

Signed-off-by: Lizan Zhou <lizan@tetrate.io>

* tcmalloc changed and the data coming out of tcmalloc::MallocExtension::GetNumericProperty("generic.current_allocated_bytes") (envoyproxy#14165)

Commit Message: tcmalloc changed and the data coming out of tcmalloc::MallocExtension::GetNumericProperty("generic.current_allocated_bytes") no longer appears to be deterministic, even in unthreaded tests. So disable exact mem checks till we sort that out
Additional Description:
Risk Level: low
Testing: just thread_local_store_test
Docs Changes: n/a
Release Notes: n/a

no longer appears to be deterministic, even in unthreaded tests. So disable exact mem checks till we sort that out

Signed-off-by: Joshua Marantz <jmarantz@google.com>
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>

Co-authored-by: Joshua Marantz <jmarantz@google.com>

* backport to v1.15: connection: Remember transport socket read resumption requests and replay them when re-enabling read. (envoyproxy#13772) (envoyproxy#14173)

* connection: Remember transport socket read resumption requests and replay them when re-enabling read. (envoyproxy#13772)

Fixes SslSocket read resumption after readDisable when processing the SSL record that contains the last bytes of the HTTP message

Signed-off-by: Antonio Vicente <avd@google.com>

* backport to 1.15: udp: properly handle truncated/dropped datagrams (envoyproxy#14122) (envoyproxy#14166)

Signed-off-by: Matt Klein <mklein@lyft.com>
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>
Co-authored-by: Matt Klein <mklein@lyft.com>
Co-authored-by: Christoph Pakulski <christoph@tetrate.io>

* backport to 1.15: vrp: allow supervisord to open its log file (envoyproxy#14066) (envoyproxy#14280)

Commit Message: Allow supervisord to open its log file
Additional Description:
Change the default location of the log file and give supervisord
permissions to write to it.

Risk Level: low
Testing: built image locally
Docs Changes: n/a
Release Notes: n/a
Platform Specific Features: n/a

Signed-off-by: Alex Konradi <akonradi@google.com>
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>

* rel 1.15: close release 1.15.3 (envoyproxy#14303)

Signed-off-by: Christoph Pakulski <christoph@tetrate.io>

* Kick off rel 1.15.4. (envoyproxy#14323)

Signed-off-by: Christoph Pakulski <christoph@tetrate.io>

* backport to 1.15: http: fix datadog and squash handling of responses without body (envoyproxy#13328) (envoyproxy#14458)

Commit Message: Fixing bugs in datadog and sqaush where unexpected bodyless responses would crash Envoy
Risk Level: low
Testing: new unit tests, updated certs
Docs Changes: n/a
Release Notes: inline
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>
Co-authored-by: alyssawilk <alyssar@chromium.org>

* backport 1.15: http: fixing a bug with IPv6 hosts (envoyproxy#14273)

Fixing a bug where HTTP parser offsets for IPv6 hosts did not include [] and Envoy assumed it did.
This results in mis-parsing addresses for IPv6 CONNECT requests and IPv6 hosts in fully URLs over HTTP/1.1

Risk Level: low
Testing: new unit, integration tests
Docs Changes: n/a
Release Notes: inline

Signed-off-by: Shikugawa <rei@tetrate.io>
Co-authored-by: alyssawilk <alyssar@chromium.org>

* backport to 1.15: tls: fix detection of the upstream connection close event. (envoyproxy#13858) (envoyproxy#14568)

Fixes envoyproxy#13856.

Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>

Co-authored-by: Piotr Sikora <piotrsikora@google.com>
Co-authored-by: antonio <avd@google.com>
Co-authored-by: Matt Klein <mklein@lyft.com>
Co-authored-by: Dmitri Dolguikh <ddolguik@redhat.com>
Co-authored-by: Lizan Zhou <lizan@tetrate.io>
Co-authored-by: Christoph Pakulski <christoph@tetrate.io>
Co-authored-by: asraa <asraa@google.com>
Co-authored-by: Joshua Marantz <jmarantz@google.com>
Co-authored-by: Rei Shimizu <Shikugawa@gmail.com>
Co-authored-by: alyssawilk <alyssar@chromium.org>
cpakulski pushed a commit to cpakulski/envoy that referenced this pull request Jan 11, 2021
…proxy#13328)

Commit Message: Fixing bugs in datadog and sqaush where unexpected bodyless responses would crash Envoy
Risk Level: low
Testing: new unit tests
Docs Changes: n/a
Release Notes: inline

Signed-off-by: Alyssa Wilk <alyssar@chromium.org>

Signed-off-by: alyssawilk <alyssar@chromium.org>
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>
cpakulski pushed a commit to cpakulski/envoy that referenced this pull request Jan 12, 2021
…proxy#13328)

Commit Message: Fixing bugs in datadog and sqaush where unexpected bodyless responses would crash Envoy
Risk Level: low
Testing: new unit tests
Docs Changes: n/a
Release Notes: inline

Signed-off-by: Alyssa Wilk <alyssar@chromium.org>

Signed-off-by: alyssawilk <alyssar@chromium.org>
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>
alyssawilk added a commit that referenced this pull request Jan 12, 2021
…without body (#13328) (#14635)

Commit Message: Fixing bugs in datadog and sqaush where unexpected bodyless responses would crash Envoy
Risk Level: low
Testing: new unit tests
Docs Changes: n/a
Release Notes: inline

Signed-off-by: Christoph Pakulski <christoph@tetrate.io>
Co-authored-by: alyssawilk <alyssar@chromium.org>
alyssawilk added a commit that referenced this pull request Jan 12, 2021
…without body (#13328) (#14658)

Commit Message: Fixing bugs in datadog and squash where unexpected bodyless responses would crash Envoy
Risk Level: low
Testing: new unit tests
Docs Changes: n/a
Release Notes: inline

Signed-off-by: Christoph Pakulski <christoph@tetrate.io>
Co-authored-by: alyssawilk <alyssar@chromium.org>
@cpakulski
Copy link
Contributor

Backported to releases 1.13-1.15. Removing backport/approved label.

@cpakulski cpakulski removed the backport/approved Approved backports to stable releases label Jan 12, 2021
@alyssawilk alyssawilk deleted the datadog branch June 10, 2021 13:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants