Chiebot-Mirror
/
data-plane-api
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

upstream: fix abort in ring hash lb's config parsing (#6054)

Browse Source 
Fixes oss-fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13327

For ring hash lb, move all configuration parsing from Ring's ctor to the LB's ctor, where it's safe to throw exceptions from. Also, re-add proto field constraints to guard against extreme inputs from clusterfuzz and other actors of questionable intent.

Risk Level: Low
Testing: Added clusterfuzz testcase; existing tests still pass.

Signed-off-by: Dan Rosen <mergeconflict@google.com>

Mirrored from https://github.com/envoyproxy/envoy @ 99696cda3336af26fe0b048d91e0d6eb279bb81c
pull/620/head
data-plane-api(CircleCI) 6 years ago
parent 7c2ff02cec
commit 5ec9f1ed5e
1 changed files with 5 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      envoy/api/v2/cds.proto

10
envoy/api/v2/cds.proto
Unescape View File

@ -402,9 +402,9 @@ message Cluster {
message RingHashLbConfig { message RingHashLbConfig {
// Minimum hash ring size. The larger the ring is (that is, the more hashes there are for each // Minimum hash ring size. The larger the ring is (that is, the more hashes there are for each
// provided host) the better the request distribution will reflect the desired weights. Defaults // provided host) the better the request distribution will reflect the desired weights. Defaults
// to 1024 entries. See also // to 1024 entries, and limited to 8M entries. See also
// :ref:`maximum_ring_size<envoy_api_field_Cluster.RingHashLbConfig.maximum_ring_size>`. // :ref:`maximum_ring_size<envoy_api_field_Cluster.RingHashLbConfig.maximum_ring_size>`.
google.protobuf.UInt64Value minimum_ring_size = 1; google.protobuf.UInt64Value minimum_ring_size = 1 [(validate.rules).uint64.lte = 8388608];
// [#not-implemented-hide:] Hide from docs. // [#not-implemented-hide:] Hide from docs.
message DeprecatedV1 { message DeprecatedV1 {
@ -431,10 +431,10 @@ message Cluster {
// :ref:`XX_HASH<envoy_api_enum_value_Cluster.RingHashLbConfig.HashFunction.XX_HASH>`. // :ref:`XX_HASH<envoy_api_enum_value_Cluster.RingHashLbConfig.HashFunction.XX_HASH>`.
HashFunction hash_function = 3 [(validate.rules).enum.defined_only = true]; HashFunction hash_function = 3 [(validate.rules).enum.defined_only = true];
// Maximum hash ring size. Defaults to 8M entries, but can be lowered to further constrain // Maximum hash ring size. Defaults to 8M entries, and limited to 8M entries, but can be lowered
// resource use. See also // to further constrain resource use. See also
// :ref:`minimum_ring_size<envoy_api_field_Cluster.RingHashLbConfig.minimum_ring_size>`. // :ref:`minimum_ring_size<envoy_api_field_Cluster.RingHashLbConfig.minimum_ring_size>`.
google.protobuf.UInt64Value maximum_ring_size = 4; google.protobuf.UInt64Value maximum_ring_size = 4 [(validate.rules).uint64.lte = 8388608];
} }
// Specific configuration for the // Specific configuration for the

Write Preview
Loading…
Cancel
Save