From abe9502e0b7e6254250856603aa5baef0c7824af Mon Sep 17 00:00:00 2001 From: Anirudh M Date: Thu, 16 Aug 2018 20:11:47 +0000 Subject: [PATCH 1/4] fuzz: fixes oss-fuzz: 9895 Signed-off-by: Anirudh M --- source/common/router/header_formatter.cc | 5 ++++- ...fuzz-testcase-header_parser_fuzz_test-6195059702628352 | 8 ++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 test/common/router/header_parser_corpus/clusterfuzz-testcase-header_parser_fuzz_test-6195059702628352 diff --git a/source/common/router/header_formatter.cc b/source/common/router/header_formatter.cc index b76fd90f5bbe2..5ca15a242cf0f 100644 --- a/source/common/router/header_formatter.cc +++ b/source/common/router/header_formatter.cc @@ -143,7 +143,10 @@ RequestInfoHeaderFormatter::RequestInfoHeaderFormatter(absl::string_view field_n } field_extractor_ = [this, pattern](const Envoy::RequestInfo::RequestInfo& request_info) { const auto& formatters = start_time_formatters_.at(pattern); - ASSERT(formatters.size() == 1); + if (formatters.size() != 1) { + throw EnvoyException( + fmt::format("multiple start_time values found: {}", formatters.size())); + } Http::HeaderMapImpl empty_map; return formatters.at(0)->format(empty_map, empty_map, empty_map, request_info); }; diff --git a/test/common/router/header_parser_corpus/clusterfuzz-testcase-header_parser_fuzz_test-6195059702628352 b/test/common/router/header_parser_corpus/clusterfuzz-testcase-header_parser_fuzz_test-6195059702628352 new file mode 100644 index 0000000000000..b1d85a401670a --- /dev/null +++ b/test/common/router/header_parser_corpus/clusterfuzz-testcase-header_parser_fuzz_test-6195059702628352 @@ -0,0 +1,8 @@ +headers_to_add { + header { + value: "%START_TIMEY()%T %START_TIME(f, %�{{{{{_�����������85request_i: 1�227 f55555_n555555555555%85nfo 5#555.55f, %1f, %85/5_inf %8,,,,,,,,,,,,,,,,,,,,,,,,,55555 start_timefo 5#5555#555.55f, %1f, %85/55ime: 15227 f %1f, %8555555555 %85/5555Fme: 15227 f-5555_inf 965L5559f)%" + } +} +request_info { + start_time: 1522796769123 +} From 2d259da3abb74071d169a9cf744b39d3be38e169 Mon Sep 17 00:00:00 2001 From: Anirudh M Date: Sun, 19 Aug 2018 17:23:22 +0000 Subject: [PATCH 2/4] added support for multiple START_TIME patterns Signed-off-by: Anirudh M --- source/common/router/header_formatter.cc | 12 +++++++----- test/common/router/header_formatter_test.cc | 4 ++++ 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/source/common/router/header_formatter.cc b/source/common/router/header_formatter.cc index 5ca15a242cf0f..d171b82d25c76 100644 --- a/source/common/router/header_formatter.cc +++ b/source/common/router/header_formatter.cc @@ -11,6 +11,7 @@ #include "common/json/json_loader.h" #include "common/request_info/utility.h" +#include "absl/strings/str_cat.h" #include "absl/types/optional.h" namespace Envoy { @@ -143,12 +144,13 @@ RequestInfoHeaderFormatter::RequestInfoHeaderFormatter(absl::string_view field_n } field_extractor_ = [this, pattern](const Envoy::RequestInfo::RequestInfo& request_info) { const auto& formatters = start_time_formatters_.at(pattern); - if (formatters.size() != 1) { - throw EnvoyException( - fmt::format("multiple start_time values found: {}", formatters.size())); - } Http::HeaderMapImpl empty_map; - return formatters.at(0)->format(empty_map, empty_map, empty_map, request_info); + std::string formatted; + for (const auto& formatter : formatters) { + absl::StrAppend(&formatted, + formatter->format(empty_map, empty_map, empty_map, request_info)); + } + return formatted; }; } else if (field_name.find("UPSTREAM_METADATA") == 0) { field_extractor_ = diff --git a/test/common/router/header_formatter_test.cc b/test/common/router/header_formatter_test.cc index 000549573560e..dfc09ee4b056d 100644 --- a/test/common/router/header_formatter_test.cc +++ b/test/common/router/header_formatter_test.cc @@ -617,6 +617,10 @@ match: { prefix: "/new_endpoint" } key: "x-request-start" value: "%START_TIME(%s.%3f)%" append: true + - header: + key: "x-request-start" + value: "%START_TIME(%s.%3f)% %START_TIME% %START_TIME(%s)%" + append: true - header: key: "x-request-start-f" value: "%START_TIME(f)%" From b9ad19ef110537f3712a67afa2ddb65b768746bd Mon Sep 17 00:00:00 2001 From: Anirudh M Date: Sun, 19 Aug 2018 19:29:47 +0000 Subject: [PATCH 3/4] fixed failing test Signed-off-by: Anirudh M --- test/common/router/header_formatter_test.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/common/router/header_formatter_test.cc b/test/common/router/header_formatter_test.cc index dfc09ee4b056d..13dc480bd74b3 100644 --- a/test/common/router/header_formatter_test.cc +++ b/test/common/router/header_formatter_test.cc @@ -644,7 +644,7 @@ match: { prefix: "/new_endpoint" } // Initialize start_time as 2018-04-03T23:06:09.123Z in microseconds. const SystemTime start_time(std::chrono::microseconds(1522796769123456)); - EXPECT_CALL(request_info, startTime()).Times(4).WillRepeatedly(Return(start_time)); + EXPECT_CALL(request_info, startTime()).Times(7).WillRepeatedly(Return(start_time)); resp_header_parser->evaluateHeaders(headerMap, request_info); EXPECT_TRUE(headerMap.has("x-client-ip")); From df6c3640d17b15a5ff166cb3759bce1bf9a31445 Mon Sep 17 00:00:00 2001 From: Anirudh M Date: Mon, 20 Aug 2018 15:15:45 +0000 Subject: [PATCH 4/4] added expectations Signed-off-by: Anirudh M --- test/common/router/header_formatter_test.cc | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/test/common/router/header_formatter_test.cc b/test/common/router/header_formatter_test.cc index 13dc480bd74b3..ceaad6c6b4835 100644 --- a/test/common/router/header_formatter_test.cc +++ b/test/common/router/header_formatter_test.cc @@ -618,8 +618,8 @@ match: { prefix: "/new_endpoint" } value: "%START_TIME(%s.%3f)%" append: true - header: - key: "x-request-start" - value: "%START_TIME(%s.%3f)% %START_TIME% %START_TIME(%s)%" + key: "x-request-start-multiple" + value: "%START_TIME(%s.%3f)% %START_TIME% %START_TIME(%s)%" append: true - header: key: "x-request-start-f" @@ -648,10 +648,13 @@ match: { prefix: "/new_endpoint" } resp_header_parser->evaluateHeaders(headerMap, request_info); EXPECT_TRUE(headerMap.has("x-client-ip")); + EXPECT_TRUE(headerMap.has("x-request-start-multiple")); EXPECT_TRUE(headerMap.has("x-safe")); EXPECT_FALSE(headerMap.has("x-nope")); EXPECT_TRUE(headerMap.has("x-request-start")); EXPECT_EQ("1522796769.123", headerMap.get_("x-request-start")); + EXPECT_EQ("1522796769.123 2018-04-03T23:06:09.123Z 1522796769", + headerMap.get_("x-request-start-multiple")); EXPECT_TRUE(headerMap.has("x-request-start-f")); EXPECT_EQ("f", headerMap.get_("x-request-start-f")); EXPECT_TRUE(headerMap.has("x-request-start-default"));