Skip to content

Commit

Permalink
Guard against negative dataLength while reading a page (#763)
Browse files Browse the repository at this point in the history
* Added guard code

Signed-off-by: Joe Elliott <[email protected]>

* changelog

Signed-off-by: Joe Elliott <[email protected]>

* test

Signed-off-by: Joe Elliott <[email protected]>
  • Loading branch information
joe-elliott committed Jun 14, 2021
1 parent b924053 commit b2c8e1c
Show file tree
Hide file tree
Showing 4 changed files with 34 additions and 2 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
## main / unreleased

* [FEATURE] Added the ability to hedge requests with all backends [#750](https://github.com/grafana/tempo/pull/750) (@joe-elliott)
* [BUGFIX] Azure Backend - Fix an issue with the append method on the Azure backend. [#736](https://github.com/grafana/tempo/pull/736)
* [BUGFIX] Guard against negative dataLength [#763](https://github.com/grafana/tempo/pull/763) (@joe-elliott)

## v1.0.0-rc.0

Expand Down
5 changes: 4 additions & 1 deletion integration/microservices/docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ services:
ingester-0:
image: tempo:latest
command: "-target=ingester -config.file=/etc/tempo.yaml"
restart: always
volumes:
- ./tempo.yaml:/etc/tempo.yaml
ports:
Expand All @@ -28,6 +29,7 @@ services:
ingester-1:
image: tempo:latest
command: "-target=ingester -config.file=/etc/tempo.yaml"
restart: always
volumes:
- ./tempo.yaml:/etc/tempo.yaml
ports:
Expand All @@ -40,6 +42,7 @@ services:
ingester-2:
image: tempo:latest
command: "-target=ingester -config.file=/etc/tempo.yaml"
restart: always
volumes:
- ./tempo.yaml:/etc/tempo.yaml
ports:
Expand All @@ -50,7 +53,7 @@ services:
- distributor # inverted relationship here to add delay for minio

minio:
image: minio/minio:RELEASE.2021-05-26T00-22-46Z
image: minio/minio:RELEASE.2021-06-14T01-29-23Z
environment:
- MINIO_ACCESS_KEY=tempo
- MINIO_SECRET_KEY=supersecret
Expand Down
4 changes: 4 additions & 0 deletions tempodb/encoding/v2/page.go
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,10 @@ func unmarshalPageFromReader(r io.Reader, header pageHeader, buffer []byte) (*pa
}
dataLength := int(totalLength) - totalHeaderSize

if dataLength < 0 {
return nil, fmt.Errorf("unexpected negative dataLength unmarshalling page: %d", dataLength)
}

if cap(buffer) < dataLength {
buffer = make([]byte, dataLength)
} else {
Expand Down
25 changes: 24 additions & 1 deletion tempodb/encoding/v2/page_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ type testHeader struct {

func (h *testHeader) unmarshalHeader(b []byte) error {
if len(b) != int(uint32Size) {
return errors.New("err")
return errors.New("testheader err")
}

h.field = binary.LittleEndian.Uint32(b[:uint32Size])
Expand Down Expand Up @@ -108,3 +108,26 @@ func TestPageMarshalToBuffer(t *testing.T) {
assert.Equal(t, tc.field, page.header.(*testHeader).field)
}
}

func TestCorruptHeader(t *testing.T) {
data := []byte{0x01, 0x02, 0x03}
buff := &bytes.Buffer{}

bytesWritten, err := marshalPageToWriter(data, buff, constDataHeader)
require.NoError(t, err)
assert.Equal(t, len(data)+constDataHeader.headerLength()+int(baseHeaderSize), bytesWritten)

buffBytes := buff.Bytes()

// overwrite the base header with 0s
zeroHeader := bytes.Repeat([]byte{0x00}, baseHeaderSize)
copy(buffBytes, zeroHeader)

page, err := unmarshalPageFromBytes(buffBytes, constDataHeader)
assert.Nil(t, page)
assert.EqualError(t, err, "expected data len -6 does not match actual 3")

page, err = unmarshalPageFromReader(bytes.NewReader(buffBytes), constDataHeader, nil)
assert.Nil(t, page)
assert.EqualError(t, err, "unexpected negative dataLength unmarshalling page: -6")
}

0 comments on commit b2c8e1c

Please sign in to comment.