Skip to content

config_validation: fix heap-use-after-free. #5847

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 8, 2019
Merged

config_validation: fix heap-use-after-free. #5847

merged 1 commit into from
Feb 8, 2019

Conversation

htuch
Copy link
Member

@htuch htuch commented Feb 5, 2019

Same issue as in #4940, but on the config_validation side.

Risk level: Low
Testing: corpus entry added.

Signed-off-by: Harvey Tuch htuch@google.com

@htuch
config_validation: fix heap-use-after-free.
2b12a78 
Same issue as in envoyproxy#4940, but on the config_validation side.

Risk level: Low
Testing: corpus entry added.

Signed-off-by: Harvey Tuch <htuch@google.com>
@htuch htuch requested a review from junr03 February 5, 2019 19:55
junr03
junr03 approved these changes Feb 8, 2019
View reviewed changes
Copy link
Member

@junr03 junr03 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the ping on slack! Sorry for the delay, I forgot to update the maintainers calendar, I am ooo through the end of the week.

Up in the 🏔️🎿

@htuch htuch merged commit f679d8a into envoyproxy:master Feb 8, 2019
@htuch htuch deleted the sds-heap-use-after-free branch February 8, 2019 04:32
@htuch
Copy link
Member Author

htuch commented Feb 8, 2019

@junr03 thanks, enjoy the skiing. Will not LB any reviews your way this week :)

htuch added a commit to htuch/envoy that referenced this pull request Feb 21, 2019
@htuch
config_validation/server: fix initialization order redux.
028da2f 
Another heap-user-after-free, this time we were missing a fix that had been applied to server.h but
not config_validation/server.h (envoyproxy#4940). While working on this, attempted to make fully consistent and as
simple/clear as possible the constraints on member ordering.

This PR is in the tradition (!) of envoyproxy#5847, envoyproxy#4940, envoyproxy#4937. I think long-term we might want to think of
more dynamic and explicit declaration of ordering constraints, it's evidently pretty fragile. Also,
the lack of single-source-of-truth and duplication across prod and config server code bites again.

Fixes oss-fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13228.

Risk level: Low
Testing: Corpus entry added.

Signed-off-by: Harvey Tuch <htuch@google.com>
@htuch htuch mentioned this pull request Feb 21, 2019
Merged
htuch added a commit that referenced this pull request Feb 21, 2019
@htuch
config_validation/server: fix initialization order redux. (#6023)
6ff8603 
Another heap-user-after-free, this time we were missing a fix that had been applied to server.h but
not config_validation/server.h (#4940). While working on this, attempted to make fully consistent and as
simple/clear as possible the constraints on member ordering.

This PR is in the tradition (!) of #5847, #4940, #4937. I think long-term we might want to think of
more dynamic and explicit declaration of ordering constraints, it's evidently pretty fragile. Also,
the lack of single-source-of-truth and duplication across prod and config server code bites again.

Fixes oss-fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13228.

Risk level: Low
Testing: Corpus entry added.

Signed-off-by: Harvey Tuch <htuch@google.com>
fredlas pushed a commit to fredlas/envoy that referenced this pull request Mar 5, 2019
@htuch @fredlas
config_validation: fix heap-use-after-free. (envoyproxy#5847)
b767534 
Same issue as in envoyproxy#4940, but on the config_validation side.

Risk level: Low
Testing: corpus entry added.

Signed-off-by: Harvey Tuch <htuch@google.com>
Signed-off-by: Fred Douglas <fredlas@google.com>
fredlas pushed a commit to fredlas/envoy that referenced this pull request Mar 5, 2019
@htuch @fredlas
config_validation/server: fix initialization order redux. (envoyproxy…
c23489c 
…#6023)

Another heap-user-after-free, this time we were missing a fix that had been applied to server.h but
not config_validation/server.h (envoyproxy#4940). While working on this, attempted to make fully consistent and as
simple/clear as possible the constraints on member ordering.

This PR is in the tradition (!) of envoyproxy#5847, envoyproxy#4940, envoyproxy#4937. I think long-term we might want to think of
more dynamic and explicit declaration of ordering constraints, it's evidently pretty fragile. Also,
the lack of single-source-of-truth and duplication across prod and config server code bites again.

Fixes oss-fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13228.

Risk level: Low
Testing: Corpus entry added.

Signed-off-by: Harvey Tuch <htuch@google.com>
Signed-off-by: Fred Douglas <fredlas@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
1 more reviewer

@junr03 junr03 junr03 approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees

@junr03 junr03

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@htuch @junr03