Skip to content

[fuzz] fix minor fuzz bugs #14593

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jan 10, 2021
Merged

[fuzz] fix minor fuzz bugs #14593

merged 2 commits into from
Jan 10, 2021

Conversation

asraa
Copy link
Contributor

@asraa asraa commented Jan 7, 2021
edited
Loading

Signed-off-by: Asra Ali asraa@google.com

Commit Message: Fixes minor fuzz bugs.

  • Add runtime loader
  • Add listenerMetadata() to context for WASM filter
  • Fix divide by zero bug caused by a runtime percent < 1 in admission control filter

Risk Level: Low
Testing: Added unit test for admission control fix
Fixes
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28401
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28696
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29233

@asraa
fix bugs
60c918e 
Signed-off-by: Asra Ali <asraa@google.com>
@asraa asraa requested a review from mattklein123 as a code owner January 7, 2021 15:45
jmarantz
jmarantz reviewed Jan 8, 2021
View reviewed changes
Copy link
Contributor

@jmarantz jmarantz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just a couple of nits/clarifications

test/extensions/filters/http/admission_control/config_test.cc Outdated
NiceMock<Server::Configuration::MockFactoryContext> factory_context;
EXPECT_THROW_WITH_MESSAGE(admission_control_filter_factory.createFilterFactoryFromProtoTyped(
proto, "whatever", factory_context),
EnvoyException, "Success Rate Threshold cannot be less than one.");
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah I see here that we are just worried about it being a small positive float. OK, then I'd write "less than 1.0".

Copy link
Contributor Author

@asraa asraa Jan 8, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep! A small positive float can eventually round down to a division by zero.

envoy/source/extensions/filters/http/admission_control/admission_control.cc

Line 145 in 846f27c

double probability = total_requests - successful_requests / config_->successRateThreshold();

The alternative is to round up in this division but I don't want to change behavior for reasonable values (above 1) OR take the max of 1 and this value.

envoy/source/extensions/filters/http/admission_control/admission_control.cc

Line 56 in 846f27c

return std::min<double>(pct, 100.0) / 100.0;

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just looping @tonya11en @mattklein123
The bounds for threshold described here say [0, 1]. https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/admission_control_filter
Should it actually be (0, 1] to avoid undefined behavior -- and in practice should it be [0.01, 1.0] (which is what this fix provides, blocking success rate threshold below 1.0%?)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I think this is reasonable. 👍

@asraa
address comments
e9e3ee1 
Signed-off-by: Asra Ali <asraa@google.com>
@mattklein123 mattklein123 merged commit 8a4b701 into envoyproxy:master Jan 10, 2021
mpuncel added a commit to mpuncel/envoy that referenced this pull request Jan 12, 2021
@mpuncel
Merge branch 'master' into mpuncel/http2-hc-goaway
64cc217 
* master:
  http: support creating filters with match tree (envoyproxy#14430)
  [tls] Expose ServerContextImpl::selectTlsContext (envoyproxy#14592)
  docs: update ext_proc docs to reflect implementation status (envoyproxy#14636)
  filter manager: drop assert (envoyproxy#14633)
  kick off v1.18.0 (envoyproxy#14637)
  1.17.0 release (envoyproxy#14624)
  Implement request header processing in ext_proc (envoyproxy#14385)
  http: expose encoded headers/trailers via callbacks (envoyproxy#14544)
  [fuzz] fix minor fuzz bugs (envoyproxy#14593)
  rate limit: add computed descriptors (envoyproxy#14448)
  tools: fill in the required args for Api::Impl (envoyproxy#14554)
  Bump envoy-build to current images (envoyproxy#14608)

Signed-off-by: Michael Puncel <mpuncel@squareup.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jmarantz jmarantz jmarantz approved these changes

@mattklein123 mattklein123 Awaiting requested review from mattklein123

Assignees

@jmarantz jmarantz

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@asraa @jmarantz @mattklein123