-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Envoy ext_proc filter throw exception when received response timeout Duration is too large #27260
Envoy ext_proc filter throw exception when received response timeout Duration is too large #27260
Conversation
…void ext_proc filter fuzzer crash due to duration config out-of-bounds. Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
CC @envoyproxy/api-shepherds: Your approval is needed for changes made to |
The crash traceback is: ==1818001== ERROR: libFuzzer: deadly signal NOTE: libFuzzer has rudimentary signal handlers. |
/assign @yanavlasov @adisuissa @htuch |
…imeout Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
I think the 1hr limit should be ok for most use-cases.
Left a small comment on the handling of the override as part of the response case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/wait-any
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/wait
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/wait
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! A few minor comments, but overall looks good.
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
Let's revert the descriptions updates as they don't add anything, and we can approve this.
…Duration is too large (envoyproxy#27260) * Adding ext_proc filter config and response timeout Duration PGVs to avoid ext_proc filter fuzzer crash due to duration config out-of-bounds. Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
…Duration is too large (envoyproxy#27260) * Adding ext_proc filter config and response timeout Duration PGVs to avoid ext_proc filter fuzzer crash due to duration config out-of-bounds. Signed-off-by: Yanjun Xiang <yanjunxiang@google.com> Signed-off-by: Ryan Eskin <ryan.eskin89@protonmail.com>
Properly handle dataplane exception when received response timeout Duration is too large.
Also adding PGVs for ext_proc filter config.
Commit Message:
Additional Description:
Risk Level:
Testing:
Docs Changes:
Release Notes:
Platform Specific Features:
[Optional Runtime guard:]
[Optional Fixes #Issue]
[Optional Fixes commit #PR or SHA]
[Optional Deprecated:]
[Optional API Considerations:]