From 1e09b5586047f70a7368cc944904ba95c78cc956 Mon Sep 17 00:00:00 2001 From: "data-plane-api(CircleCI)" Date: Thu, 2 Jan 2020 20:05:02 +0000 Subject: [PATCH] [fuzz] fix server test fuzz bugs (#9486) Fixes server_fuzz_test fuzz bugs: * QUIC upstream not implemented in prod, so the fuzzer removes the HTTP3 codec types for http health checks * PGV validate throws a not yet implemented error on URIs. I removed this check for now and replaced with a TODO. If I catch the std::exception that is thrown and bypass it with a warning statement in the logs, we skip over other validations, which means that any fuzz test or user using this uri field will be in danger of failing because of other invalid fields @JimmyCYJ. PGV issue tracked: envoyproxy/protoc-gen-validate#303 Fixes OSS-Fuzz Issues: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19614 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19689 Signed-off-by: Asra Ali Mirrored from https://github.com/envoyproxy/envoy @ b7dcf083876f5d34d0dde5df535989a81dfa8023 --- envoy/api/v2/core/grpc_service.proto | 4 +++- envoy/api/v3alpha/core/grpc_service.proto | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/envoy/api/v2/core/grpc_service.proto b/envoy/api/v2/core/grpc_service.proto index 02fb63ff..562d999b 100644 --- a/envoy/api/v2/core/grpc_service.proto +++ b/envoy/api/v2/core/grpc_service.proto @@ -93,7 +93,9 @@ message GrpcService { // [#next-free-field: 10] message StsService { // URI of the token exchange service that handles token exchange requests. - string token_exchange_service_uri = 1 [(validate.rules).string = {uri: true}]; + // [#comment:TODO(asraa): Add URI validation when implemented. Tracked by + // https://github.com/envoyproxy/protoc-gen-validate/issues/303] + string token_exchange_service_uri = 1; // Location of the target service or resource where the client // intends to use the requested security token. diff --git a/envoy/api/v3alpha/core/grpc_service.proto b/envoy/api/v3alpha/core/grpc_service.proto index 68aac395..1b1426a0 100644 --- a/envoy/api/v3alpha/core/grpc_service.proto +++ b/envoy/api/v3alpha/core/grpc_service.proto @@ -130,7 +130,9 @@ message GrpcService { "envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.StsService"; // URI of the token exchange service that handles token exchange requests. - string token_exchange_service_uri = 1 [(validate.rules).string = {uri: true}]; + // [#comment:TODO(asraa): Add URI validation when implemented. Tracked by + // https://github.com/envoyproxy/protoc-gen-validate/issues/303] + string token_exchange_service_uri = 1; // Location of the target service or resource where the client // intends to use the requested security token.