Skip to content

Commit

Permalink
fuzz: add bounds to statsh flush interval (envoyproxy#8043)
Browse files Browse the repository at this point in the history
Add PGV bounds to the stats flush interval (greater than 1ms and less than 5000ms) to prevent Envoy from hanging from too small of a flush time.

Risk Level: Low
Testing: Corpus Entry added
Fixes OSS-Fuzz issue
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16300

Signed-off-by: Asra Ali <asraa@google.com>
  • Loading branch information
asraa authored and htuch committed Aug 27, 2019
1 parent 1fc6c6e commit 0a3fc6a
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 1 deletion.
9 changes: 8 additions & 1 deletion api/envoy/config/bootstrap/v2/bootstrap.proto
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,14 @@ message Bootstrap {
// performance reasons Envoy latches counters and only flushes counters and
// gauges at a periodic interval. If not specified the default is 5000ms (5
// seconds).
google.protobuf.Duration stats_flush_interval = 7 [(gogoproto.stdduration) = true];
// Duration must be at least 1ms and at most 5 min.
google.protobuf.Duration stats_flush_interval = 7 [
(validate.rules).duration = {
lt: {seconds: 300},
gte: {nanos: 1000000}
},
(gogoproto.stdduration) = true
];

// Optional watchdog configuration.
Watchdog watchdog = 8;
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
static_resources {
clusters {
name: "@"
connect_timeout {
nanos: 250000000
}
common_lb_config {
zone_aware_lb_config {
min_cluster_size {
value: 38
}
}
}
}
}
stats_flush_interval {
nanos: 32256
}
2 changes: 2 additions & 0 deletions test/server/server_fuzz_test.cc
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
#include <fstream>

#include "envoy/config/bootstrap/v2/bootstrap.pb.validate.h"

#include "common/network/address_impl.h"
#include "common/thread_local/thread_local_impl.h"

Expand Down

0 comments on commit 0a3fc6a

Please sign in to comment.