Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SET_CLIENT_ID accepts *ANYTHING* #394

Open
SpamapS opened this issue Jun 20, 2024 · 7 comments
Open

SET_CLIENT_ID accepts *ANYTHING* #394

SpamapS opened this issue Jun 20, 2024 · 7 comments
Labels
core enhancement help wanted

Comments

@SpamapS
Copy link
Member

SpamapS commented Jun 20, 2024

I am messing around with Rustygear's SET_CLIENT_ID and workers admin protocol implementation and I noticed that you can send anything. \0 and \n are particularly problematic.

  1. DEBUG Logs that are being emitted with \n as the delimiter, get messed up. I don't consider DEBUG critical, but it's still annoying and will break any log parsers.
  2. The workers command gets corrupted if you put \n in the client ID, as this is the delimiter for the command.
  3. gearmand uses %s on the client ID while emitting the workers command, so it never prints anything after any nulls.

I think the right thing to do is make a protocol refinement which will suggest that the content of client ID has to be UTF-8, and then update gearmand to reject non-UTF-8 content with an ERROR packet.
@esabol
Copy link
Member

esabol commented Jun 21, 2024
edited
Loading

Well, those are good reasons to not allow \n and \0, certainly. I'm not sure about the "has to be UTF-8" part though. The impact of that is not clear to me. Can you elaborate on why you feel that is needed, @SpamapS ?

@SpamapS
Copy link
Member Author

SpamapS commented Aug 25, 2024

Well, those are good reasons to not allow \n and \0, certainly. I'm not sure about the "has to be UTF-8" part though. The impact of that is not clear to me. Can you elaborate on why you feel that is needed, @SpamapS ?

It's the standard way to encode text in 2024, and it will allow wide characters making it more accessible to more languages.

@esabol
Copy link
Member

esabol commented Aug 25, 2024
edited
Loading

I guess. But what's the impact on gearmand if we start allowing (or requiring?) strings to be UTF-8?

@esabol
Copy link
Member

esabol commented Sep 20, 2024

I guess what I'm asking is whether we need to change any of the the string functions in gearmand to support UTF-8?

@SpamapS
Copy link
Member Author

SpamapS commented Sep 20, 2024 via email

@esabol
Copy link
Member

esabol commented Sep 20, 2024
edited
Loading

Well, if you want to implement those things to support UTF-8 client IDs, that sounds fine to me. I don't have a whole lot of experience working with non-ASCII character sets, tbh, in case that wasn't obvious from my questions.

@SpamapS
Copy link
Member Author

SpamapS commented Sep 23, 2024

Yeah maybe we can just disallow \n and \0 just to make it better now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
core enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SpamapS @esabol