Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

HPCC-19959 ESDL Port should be validated before adding ESDL binding #11335

Merged
merged 1 commit into from Jun 25, 2018

Conversation

@mayx
Copy link
Member

commented Jun 21, 2018

  • Add call to .str() when passing the value
  • Add sanity check on the port value

Signed-off-by: mayx yanrui.ma@lexisnexisrisk.com

Type of change:

  • This change is a bug fix (non-breaking change which fixes an issue).
  • This change is a new feature (non-breaking change which adds functionality).
  • This change improves the code (refactor or other change that does not change the functionality)
  • This change fixes warnings (the fix does not alter the functionality or the generated code)
  • This change is a breaking change (fix or feature that will cause existing behavior to change).
  • This change alters the query API (existing queries will have to be recompiled)

Checklist:

  • My code follows the code style of this project.
    • My code does not create any new warnings from compiler, build system, or lint.
  • The commit message is properly formatted and free of typos.
    • The commit message title makes sense in a changelog, by itself.
    • The commit is signed.
  • My change requires a change to the documentation.
    • I have updated the documentation accordingly, or...
    • I have created a JIRA ticket to update the documentation.
    • Any new interfaces or exported functions are appropriately commented.
  • I have read the CONTRIBUTORS document.
  • The change has been fully tested:
    • I have added tests to cover my changes.
    • All new and existing tests passed.
    • I have checked that this change does not introduce memory leaks.
    • I have used Valgrind or similar tools to check for potential issues.
  • I have given due consideration to all of the following potential concerns:
    • Scalability
    • Performance
    • Security
    • Thread-safety
    • Premature optimization
    • Existing deployed queries will not be broken
    • This change fixes the problem, not just the symptom
    • The target branch of this pull request is appropriate for such a change.
  • There are no similar instances of the same problem that should be addressed
    • I have addressed them here
    • I have raised JIRA issues to address them separately
  • This is a user interface / front-end modification
    • I have tested my changes in multiple modern browsers
    • The component(s) render as expected

Testing:

@mayx mayx changed the title HPCC-19959 Port might not be properly null ended when adding ESDL bin… HPCC-19959 ESDL Port might not be properly null ended Jun 21, 2018
@mayx

This comment has been minimized.

Copy link
Member Author

commented Jun 21, 2018

@rpastrana please review.

Copy link
Member

left a comment

@mayx looks reasonable. We might want to also restrict the ports to valid port range.
Quick google search result:
"You can create a server on ports 1 through 65535. Port numbers less than 256 are reserved for well-known services (like HTTP on port 80) and port numbers less than 1024 require root access on UNIX systems. Specifying a port of 0 in the ServerSocket constructor results in the server listening on a random, unused port, usually >= 1024."

@mayx mayx force-pushed the mayx:HPCC-19959-GarbledData branch from 5836eb2 to 6307dd3 Jun 21, 2018
@mayx

This comment has been minimized.

Copy link
Member Author

commented Jun 21, 2018

@rpastrana added check to limit port to be between 1 and 65535. Please review again. Decided to do this centrally only in esdlstore. Also don't want to limit the port any further because the user may have needs to bind to any possible valid port...

Copy link
Member

left a comment

@mayx looks reasonable

@HPCCSmoketest

This comment has been minimized.

Copy link
Contributor

commented Jun 21, 2018

Automated Smoketest:
OS: centos 7.2.1511 (Linux 3.10.0-327.28.3.el7.x86_64)
Sha: 6307dd3
Build: success
Install hpccsystems-platform-community_7.0.0-trunk0.el7.x86_64.rpm
HPCC Start: OK

Unit tests result:

Test total passed failed errors timeout
unittest 89 89 0 0 0
wutoolTest(Dali) 19 19 0 0 0
wutoolTest(Cassandra) 19 19 0 0 0

Regression test result:

phase total pass fail
setup (hthor) 11 11 0
setup (thor) 11 11 0
setup (roxie) 11 11 0
test (hthor) 787 787 0
test (thor) 718 718 0
test (roxie) 831 831 0

HPCC Stop: OK
HPCC Uninstall: OK
Time stats:

Prep time Build time Package time Install time Start time Test time Stop time Summary
11 sec (00:00:11) 171 sec (00:02:51) 61 sec (00:01:01) 9 sec (00:00:09) 30 sec (00:00:30) 1199 sec (00:19:59) 19 sec (00:00:19) 1500 sec (00:25:00)
@@ -468,7 +468,7 @@ bool CWsESDLConfigEx::onPublishESDLBinding(IEspContext &context, IEspPublishESDL
resp.updateStatus().setCode(m_esdlStore->bindService(espBindingName.str(),
methodstree.get(),
espProcName.str(),
espPort,
espPort.str(),

This comment has been minimized.

Copy link
@richardkchapman

richardkchapman Jun 22, 2018

Member

I don't believe this change will have any impact - the operator char*() function is the same as calling str().

What symptom had been observed that you thought this would fix?

This comment has been minimized.

Copy link
@mayx

mayx Jun 22, 2018

Author Member

@richardkchapman the symptom is that we saw one binding that has seemingly garbled data as the port field. We now believe the garbled port likely came from the caller of the web service, intentionally or due to un-initialized buffer. The newly added port validation will prevent the binding from being added with an invalid port, so this is still a valid fix.

@hpcc-jirabot

This comment has been minimized.

Copy link

commented Jun 22, 2018

- Add sanity check on the port value

Signed-off-by: mayx <yanrui.ma@lexisnexisrisk.com>
@mayx mayx force-pushed the mayx:HPCC-19959-GarbledData branch from 6307dd3 to bffc5c3 Jun 22, 2018
@mayx mayx changed the title HPCC-19959 ESDL Port might not be properly null ended HPCC-19959 ESDL Port should be validated before adding ESDL binding Jun 22, 2018
@mayx

This comment has been minimized.

Copy link
Member Author

commented Jun 22, 2018

@rpastrana added 2 lines to skip leading 0's in the port, please review again...

@HPCCSmoketest

This comment has been minimized.

Copy link
Contributor

commented Jun 22, 2018

Automated Smoketest:
OS: centos 7.2.1511 (Linux 3.10.0-327.28.3.el7.x86_64)
Sha: bffc5c3
Build: success
Install hpccsystems-platform-community_7.0.0-trunk0.el7.x86_64.rpm
HPCC Start: OK

Unit tests result:

Test total passed failed errors timeout
unittest 89 89 0 0 0
wutoolTest(Dali) 19 19 0 0 0
wutoolTest(Cassandra) 19 19 0 0 0

Regression test result:

phase total pass fail
setup (hthor) 11 11 0
setup (thor) 11 11 0
setup (roxie) 11 11 0
test (hthor) 787 787 0
test (thor) 718 718 0
test (roxie) 831 831 0

HPCC Stop: OK
HPCC Uninstall: OK
Time stats:

Prep time Build time Package time Install time Start time Test time Stop time Summary
37 sec (00:00:37) 173 sec (00:02:53) 60 sec (00:01:00) 9 sec (00:00:09) 30 sec (00:00:30) 1390 sec (00:23:10) 17 sec (00:00:17) 1716 sec (00:28:36)
@richardkchapman richardkchapman merged commit 6b7c01a into hpcc-systems:master Jun 25, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.