API server crash on malformed PATCH request #40218

mikkeloscar · 2017-01-20T14:42:58Z

Is this a BUG REPORT

Kubernetes version (use kubectl version):

kubectl version
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.1", GitCommit:"82450d03cb057bab0950214ef122b67c83fb11df", GitTreeState:"clean", BuildDate:"2016-12-14T00:57:05Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"", Minor:"", GitVersion:"v1.6.0-alpha.0", GitCommit:"42fe4ab0270e44c750d77c682e2fcab394aeb392", GitTreeState:"dirty", BuildDate:"1970-01-01T00:00:00Z", GoVersion:"go1.7", Compiler:"gc", Platform:"linux/amd64"}

Environment:

Cloud provider or hardware configuration: minikube (also happens in clusters on AWS running 1.5.2).
OS (e.g. from /etc/os-release):
Kernel (e.g. uname -a):
Install tools:
Others:

What happened:

API server panics on malformed PATCH request.

Observed a panic: "slice bounds out of range" (runtime error: slice bounds out of range)
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/util/runtime/runtime.go:70
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/util/runtime/runtime.go:63
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/util/runtime/runtime.go:49
/usr/local/go/src/runtime/asm_amd64.s:479
/usr/local/go/src/runtime/panic.go:458
/usr/local/go/src/runtime/panic.go:34
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/github.com/evanphx/json-patch/patch.go:265
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/github.com/evanphx/json-patch/patch.go:415
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/github.com/evanphx/json-patch/patch.go:556
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/github.com/evanphx/json-patch/patch.go:537
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/apiserver/resthandler.go:1089
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/apiserver/resthandler.go:566
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/api/rest/update.go:177
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/registry/generic/registry/store.go:365
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/storage/etcd/etcd_helper.go:465
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/storage/cacher.go:475
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/registry/generic/registry/store.go:441
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/apiserver/resthandler.go:645
/usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/apiserver/resthandler.go:960
/usr/local/go/src/runtime/asm_amd64.s:2086
E0120 14:35:19.924157    1882 apiserver.go:201] recover from panic situation: - runtime error: slice bounds out of range
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/github.com/emicklei/go-restful/container.go:206
    /usr/local/go/src/runtime/asm_amd64.s:479
    /usr/local/go/src/runtime/panic.go:458
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/apiserver/resthandler.go:976
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/apiserver/resthandler.go:651
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/apiserver/resthandler.go:503
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/apiserver/metrics/metrics.go:101
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/github.com/emicklei/go-restful/container.go:272
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/github.com/emicklei/go-restful/container.go:120
    /usr/local/go/src/net/http/server.go:1726
    /usr/local/go/src/net/http/server.go:2022
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/apiserver/filters/authorization.go:44
    /usr/local/go/src/net/http/server.go:1726
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/apiserver/filters/impersonation.go:44
    /usr/local/go/src/net/http/server.go:1726
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/auth/handlers/handlers.go:73
    /usr/local/go/src/net/http/server.go:1726
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/api/requestcontext.go:107
    /usr/local/go/src/net/http/server.go:1726
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/genericapiserver/filters/panics.go:75
    /usr/local/go/src/net/http/server.go:1726
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/apiserver/filters/requestinfo.go:45
    /usr/local/go/src/net/http/server.go:1726
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/api/requestcontext.go:107
    /usr/local/go/src/net/http/server.go:1726
    /usr/local/google/home/mrick/go/src/k8s.io/minikube/_gopath/src/k8s.io/minikube/vendor/k8s.io/kubernetes/pkg/genericapiserver/filters/timeout.go:78
    /usr/local/go/src/runtime/asm_amd64.s:2086

What you expected to happen:

It should respond with 400 instead of panicking.

How to reproduce it (as minimally and precisely as possible):

# create minikube cluster
$ minikube start --kubernetes-version v1.6.0-alpha.0
# create a pod
kubectl run hello-minikube --image=gcr.io/google_containers/echoserver:1.4 --port=8080
# get the pod name and make a malformed PATCH request.
$ curl -X PATCH -H "Content-Type: application/json-patch+json" \
  https://192.168.99.100:8443/api/v1/namespaces/default/pods/hello-minikube-3015430129-rexoi \
  -d '[{"op":"add","pointer":"/metadata/labels/foo","value":"hi"}]' -k

Anything else do we need to know:

The text was updated successfully, but these errors were encountered:

This prevents a `slice bound out of range` panic when parsing an invalid json patch where the path key is missing or the path value is empty string or doesn't include `/`. Fix kubernetes/kubernetes#40218

Updates github.com/evanphx/json-patch dependency to a version that doesn't crash when handling an invalid json patch. Includes fix from evanphx/json-patch#35 Fix kubernetes#40218

ethernetdan · 2017-03-13T22:58:42Z

@mikkeloscar @smarterclayton is this blocking for v1.6?

smarterclayton · 2017-03-13T23:32:00Z

Yes but I think we fixed it. @kubernetes/sig-api-machinery-misc

liggitt · 2017-03-13T23:46:31Z

Looks like a PR went in to fix but no test was added.

liggitt · 2017-03-14T04:30:46Z

actually, #40387 is still open

mikkeloscar · 2017-03-14T08:30:58Z

@liggitt tests were added to the upstream package along with the fix.

#40387 is still open because godep-verify.sh doesn't pass, and I don't understand what I'm doing wrong. I'll have a crack at it later today and see if I can make it work.

liggitt · 2017-03-14T15:34:25Z

I more meant tests to make sure the apiserver doesn't crash if a bad patch is submitted

Updates github.com/evanphx/json-patch dependency to a version that doesn't crash when handling an invalid json patch. Includes fix from evanphx/json-patch#35 Fix kubernetes#40218

Automatic merge from submit-queue vendor: Update github.com/evanphx/json-patch Regenerated files for kubernetes#40387 Fixes kubernetes#40218

mikkeloscar mentioned this issue Jan 22, 2017

Prevent slice out of bound panic on invalid patch evanphx/json-patch#35

Merged

mikkeloscar mentioned this issue Jan 24, 2017

vendor: Update github.com/evanphx/json-patch #40387

Closed

smarterclayton added this to the v1.6 milestone Feb 28, 2017

smarterclayton added area/reliability area/security sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. labels Feb 28, 2017

ethernetdan added the kind/bug Categorizes issue or PR as related to a bug. label Mar 13, 2017

deads2k mentioned this issue Mar 14, 2017

vendor: Update github.com/evanphx/json-patch #43096

Merged

k8s-github-robot closed this as completed in #43096 Mar 15, 2017

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

API server crash on malformed PATCH request #40218

API server crash on malformed PATCH request #40218

mikkeloscar commented Jan 20, 2017

ethernetdan commented Mar 13, 2017

smarterclayton commented Mar 13, 2017

liggitt commented Mar 13, 2017

liggitt commented Mar 14, 2017

mikkeloscar commented Mar 14, 2017

liggitt commented Mar 14, 2017

API server crash on malformed PATCH request #40218

API server crash on malformed PATCH request #40218

Comments

mikkeloscar commented Jan 20, 2017

ethernetdan commented Mar 13, 2017

smarterclayton commented Mar 13, 2017

liggitt commented Mar 13, 2017

liggitt commented Mar 14, 2017

mikkeloscar commented Mar 14, 2017

liggitt commented Mar 14, 2017