Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

upstream: fix oss-fuzz issue #11095. #6220

Merged
merged 5 commits into from
Mar 12, 2019
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 13 additions & 5 deletions source/common/upstream/upstream_impl.h
Original file line number Diff line number Diff line change
@@ -69,17 +69,25 @@ class HostDescriptionImpl : virtual public HostDescription {
const envoy::api::v2::endpoint::Endpoint::HealthCheckConfig& health_check_config,
uint32_t priority)
: cluster_(cluster), hostname_(hostname), address_(dest_address),
health_check_address_(health_check_config.port_value() == 0
? dest_address
: Network::Utility::getAddressWithPort(
*dest_address, health_check_config.port_value())),
canary_(Config::Metadata::metadataValue(metadata, Config::MetadataFilters::get().ENVOY_LB,
Config::MetadataEnvoyLbKeys::get().CANARY)
.bool_value()),
metadata_(std::make_shared<envoy::api::v2::core::Metadata>(metadata)),
locality_(locality), stats_{ALL_HOST_STATS(POOL_COUNTER(stats_store_),
POOL_GAUGE(stats_store_))},
priority_(priority) {}
priority_(priority) {
if (health_check_config.port_value() != 0 &&
dest_address->type() != Network::Address::Type::Ip) {
// Setting the health check port to non-0 only works for IP-type addresses. Setting the port
// for a pipe address is a misconfiguration. Throw an exception.
throw EnvoyException(
fmt::format("Invalid host configuration: non-zero port for non-IP address"));
}
health_check_address_ =
health_check_config.port_value() == 0
? dest_address
: Network::Utility::getAddressWithPort(*dest_address, health_check_config.port_value());
}

// Upstream::HostDescription
bool canary() const override { return canary_; }
17 changes: 17 additions & 0 deletions test/common/upstream/upstream_impl_test.cc
Original file line number Diff line number Diff line change
@@ -866,6 +866,23 @@ TEST(HostImplTest, HealthFlags) {
EXPECT_EQ(Host::Health::Unhealthy, host->health());
}

// Test that it's not possible to do a HostDescriptionImpl with a unix
// domain socket host and a health check config with non-zero port.
// This is a regression test for oss-fuzz issue
// https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11095
TEST(HostImplTest, HealthPipeAddress) {
EXPECT_THROW_WITH_MESSAGE(
{
std::shared_ptr<MockClusterInfo> info{new NiceMock<MockClusterInfo>()};
envoy::api::v2::endpoint::Endpoint::HealthCheckConfig config;
config.set_port_value(8000);
HostDescriptionImpl descr(info, "", Network::Utility::resolveUrl("unix://foo"),
envoy::api::v2::core::Metadata::default_instance(),
envoy::api::v2::core::Locality().default_instance(), config, 1);
},
EnvoyException, "Invalid host configuration: non-zero port for non-IP address");
}

class StaticClusterImplTest : public testing::Test, public UpstreamImplTestBase {};

TEST_F(StaticClusterImplTest, InitialHosts) {
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
static_resources { clusters { name: " " connect_timeout { nanos: 4 } load_assignment { cluster_name: " " endpoints { lb_endpoints { endpoint { address { pipe { path: " " } } health_check_config { port_value: 2 } } } } } } }
1 change: 1 addition & 0 deletions tools/spelling_dictionary.txt
Original file line number Diff line number Diff line change
@@ -522,6 +522,7 @@ mem
memcpy
midp
milli
misconfiguration
misconfigured
mixin
mkdir