RepoMirrors
/
alertmanager
mirror of https://github.com/prometheus/alertmanager
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1316 from simonpasquier/fix-decode-state 

Fix potential panic in decodeState()
This commit is contained in:
Max Inden 2018-04-10 18:51:57 +02:00 committed by GitHub
parent a9b7026bc2 2d68b4d318
commit 510e67ef18
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nflog/nflog.go
View File

@ -37,6 +37,9 @@ import (
// ErrNotFound is returned for empty query results. // ErrNotFound is returned for empty query results.
var ErrNotFound = errors.New("not found") var ErrNotFound = errors.New("not found")
// ErrInvalidState is returned if the state isn't valid.
var ErrInvalidState = fmt.Errorf("invalid state")
// query currently allows filtering by and/or receiver group key. // query currently allows filtering by and/or receiver group key.
// It is configured via QueryParameter functions. // It is configured via QueryParameter functions.
// //
@ -239,6 +242,9 @@ func decodeState(r io.Reader) (state, error) {
var e pb.MeshEntry var e pb.MeshEntry
_, err := pbutil.ReadDelimited(r, &e) _, err := pbutil.ReadDelimited(r, &e)
if err == nil { if err == nil {
if e.Entry == nil || e.Entry.Receiver == nil {
return nil, ErrInvalidState
}
st[stateKey(string(e.Entry.GroupKey), e.Entry.Receiver)] = &e st[stateKey(string(e.Entry.GroupKey), e.Entry.Receiver)] = &e
continue continue
} }

11
nflog/nflog_test.go
View File

@ -296,3 +296,14 @@ func TestQuery(t *testing.T) {
require.EqualValues(t, firingAlerts, entry.FiringAlerts) require.EqualValues(t, firingAlerts, entry.FiringAlerts)
require.EqualValues(t, resolvedAlerts, entry.ResolvedAlerts) require.EqualValues(t, resolvedAlerts, entry.ResolvedAlerts)
} }
func TestStateDecodingError(t *testing.T) {
// Check whether decoding copes with erroneous data.
s := state{"": &pb.MeshEntry{}}
msg, err := s.MarshalBinary()
require.NoError(t, err)
_, err = decodeState(bytes.NewReader(msg))
require.Equal(t, ErrInvalidState, err)
}

6
silence/silence.go
View File

@ -40,6 +40,9 @@ import (
// ErrNotFound is returned if a silence was not found. // ErrNotFound is returned if a silence was not found.
var ErrNotFound = fmt.Errorf("not found") var ErrNotFound = fmt.Errorf("not found")
// ErrInvalidState is returned if the state isn't valid.
var ErrInvalidState = fmt.Errorf("invalid state")
func utcNow() time.Time { func utcNow() time.Time {
return time.Now().UTC() return time.Now().UTC()
} }
@ -758,6 +761,9 @@ func decodeState(r io.Reader) (state, error) {
var s pb.MeshSilence var s pb.MeshSilence
_, err := pbutil.ReadDelimited(r, &s) _, err := pbutil.ReadDelimited(r, &s)
if err == nil { if err == nil {
if s.Silence == nil {
return nil, ErrInvalidState
}
st[s.Silence.Id] = &s st[s.Silence.Id] = &s
continue continue
} }

11
silence/silence_test.go
View File

@ -1080,3 +1080,14 @@ func TestStateCoding(t *testing.T) {
require.Equal(t, in, out, "decoded data doesn't match encoded data") require.Equal(t, in, out, "decoded data doesn't match encoded data")
} }
} }
func TestStateDecodingError(t *testing.T) {
// Check whether decoding copes with erroneous data.
s := state{"": &pb.MeshSilence{}}
msg, err := s.MarshalBinary()
require.NoError(t, err)
_, err = decodeState(bytes.NewReader(msg))
require.Equal(t, ErrInvalidState, err)
}