Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(host_metrics source): add defensive check to prevent panics #22604

Merged
merged 5 commits into from
Mar 7, 2025
Merged

fix(host_metrics source): add defensive check to prevent panics #22604

merged 5 commits into from
Mar 7, 2025

Conversation

pront
Copy link
Member

@pront pront commented Mar 6, 2025
edited
Loading

Summary

Check the input to NativeEndian::read_u32 since the latter can panic.

Change Type

  • Bug fix
  • New feature
  • Non-functional (chore, refactoring, docs)
  • Performance

Is this a breaking change?

  • Yes
  • No

How did you test this PR?

On an ubuntu 24.04 instance with:

api:
  enabled: true

sources:
  my_source_id:
    type: host_metrics
    scrape_interval_secs: 30

sinks:
  console:
    inputs: [ "my_source_id" ]
    type: console
    encoding:
      codec: json
      json:
        pretty: true

Does this PR include user facing changes?

  • Yes. Please add a changelog fragment based on our guidelines.
  • No. A maintainer will apply the "no-changelog" label to this PR.

Checklist

  • Please read our Vector contributor resources.
    • make check-all is a good command to run locally. This check is
      defined here. Some of these
      checks might not be relevant to your PR. For Rust changes, at the very least you should run:
      • cargo fmt --all
      • cargo clippy --workspace --all-targets -- -D warnings
      • cargo nextest run --workspace (alternatively, you can run cargo test --all)
  • If this PR introduces changes Vector dependencies (modifies Cargo.lock), please
    run dd-rust-license-tool write to regenerate the license inventory and commit the changes (if any). More details here.

References

Ref #22057

@github-actions github-actions bot added the domain: sources Anything related to the Vector's sources label Mar 6, 2025
@pront pront changed the title Pront/host metrics tcp avoid panic fix(host_metrics source): avoid panic when reading from buffer Mar 6, 2025
@pront pront force-pushed the pront/host-metrics-tcp-avoid-panic branch from 0820d86 to dc0c335 Compare March 6, 2025 17:41
@pront pront force-pushed the pront/host-metrics-tcp-avoid-panic branch 5 times, most recently from eb3b531 to 325073d Compare March 6, 2025 21:38
@pront pront force-pushed the pront/host-metrics-tcp-avoid-panic branch from 325073d to 6c84d8b Compare March 7, 2025 14:21
pront
pront commented Mar 7, 2025
View reviewed changes
src/sources/host_metrics/tcp.rs

while offset < buffer.len() {
let remaining_bytes = &buffer[offset..];
if remaining_bytes.len() < 4 {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the fix.

@pront pront marked this pull request as ready for review March 7, 2025 15:41
@pront pront requested a review from a team as a code owner March 7, 2025 15:41
pront
pront commented Mar 7, 2025
View reviewed changes
src/sources/host_metrics/tcp.rs
let mut inet_resp_hdrs: Vec<InetResponseHeader> = Vec::new();
'outer: while let Ok(()) = socket.recv(&mut &mut receive_buffer[..]).await {
let mut offset = 0;
'inner: loop {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moved this to a helper function

@pront pront enabled auto-merge March 7, 2025 15:44
@datadog-vectordotdev
Copy link

Datadog Report

Branch report: pront/host-metrics-tcp-avoid-panic
Commit report: 62d5ab0
Test service: vector

✅ 0 Failed, 7 Passed, 0 Skipped, 25.47s Total Time

@pront pront changed the title fix(host_metrics source): avoid panic when reading from buffer fix(host_metrics source): add defensive check to prevent panics Mar 7, 2025
@pront pront added this pull request to the merge queue Mar 7, 2025
Merged via the queue into master with commit d17c099 Mar 7, 2025
90 checks passed
@pront pront deleted the pront/host-metrics-tcp-avoid-panic branch March 7, 2025 19:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bfung bfung bfung approved these changes

Assignees
No one assigned
Labels
domain: sources Anything related to the Vector's sources
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pront @bfung