-
Notifications
You must be signed in to change notification settings - Fork 10.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't segfault on header replay #14191
Conversation
|
src/core/lib/surface/call.cc
Outdated
GPR_TIMER_BEGIN("publish_app_metadata", 0); | ||
grpc_metadata_array* dest; | ||
grpc_metadata* mdusr; | ||
dest = call->buffered_metadata[is_trailing]; | ||
if (dest == NULL) gpr_log(GPR_ERROR, "dest %p", dest); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is the point of this log line?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oops, good catch
@@ -0,0 +1,131 @@ | |||
/* | |||
* | |||
* Copyright 2017 gRPC authors. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
2018 :P
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
|
||
/* Verify that sending multiple headers doesn't segfault */ | ||
GRPC_RUN_BAD_CLIENT_TEST(verifier, nullptr, | ||
PFX_STR HEADER_STR HEADER_STR PAYLOAD_STR, 0); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we want to test other cases?
For example:
- PFX_STR HEADER_STR PAYLOAD_STR(no EOS) HEADER_STR
- Duplicate HEADERS does not contain reserved keys
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is also interesting to see 3 HEADERS will cause what... if that is not too much...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's not a bad idea.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also, if at all possible, it'd be nice to inject that into the fuzzer's corpus, so it can further try and discover bugs around this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've added the 3 leading headers to the test. I can add more variants into the fuzzer's corpus.
(FWIW, PFX_STR HEADER_STR PAYLOAD_STR(no EOS) HEADER_STR doesnt segfault, but cq->next returns an unsuccessful event)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That can be further investigated without blocking this fix.
|
I think you wanted to open that PR against 1.8, and not master. |
Right and I can't just change the base, it will otherwise try to bring all of master into 1.8. |
LGTM if the 3 headers case pass |
|
I've addressed comments and rebased to 1.8.x |
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the fix.
|
|
@@ -1101,6 +1101,7 @@ static grpc_stream_compression_algorithm decode_stream_compression( | |||
static void publish_app_metadata(grpc_call* call, grpc_metadata_batch* b, | |||
int is_trailing) { | |||
if (b->list.count == 0) return; | |||
if (is_trailing && call->buffered_metadata[1] == nullptr) return; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It'd be better to find a fix in chttp2: fixes at this layer are more likely to break with efforts to remove this layer entirely in the c++ stack.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right, this is a temporary bandaid. We want to actually return a 400 from within chttp2, but "stop the bleeding first".
Once approved will backport fix to 1.8/1.9
Fixes #14175