patch obv: debuginfod metrics hygiene
Frank Ch. Eigler
fche@redhat.com
Thu Feb 25 19:09:26 GMT 2021
Hi -
Committed as obvious.
Author: Frank Ch. Eigler <fche@redhat.com>
Date: Thu Feb 25 14:04:20 2021 -0500
debuginfod: filter webapi for bad keywords early
Prevent some unnecessary processing of user data and
keep invalid request types out of metrics.
Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog
index a66ded383a9f..98089b2d97bc 100644
--- a/debuginfod/ChangeLog
+++ b/debuginfod/ChangeLog
@@ -1,3 +1,8 @@
+2021-02-25 Frank Ch. Eigler <fche@redhat.com>
+
+ * debuginfod.cxx (handler_cb): Filter webapi for bad
+ artifacttype keywords early for metric hygiene.
+
2021-02-14 Frank Ch. Eigler <fche@redhat.com>
* debuginfod.cxx (main -U): Use bsdtar unconditionally. Also map
diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
index 6fdaf60e6632..2aecc0494062 100644
--- a/debuginfod/debuginfod.cxx
+++ b/debuginfod/debuginfod.cxx
@@ -1587,6 +1587,8 @@ handle_buildid (MHD_Connection* conn,
else if (artifacttype == "source") atype_code = "S";
else throw reportable_exception("invalid artifacttype");
+ inc_metric("http_requests_total", "type", artifacttype);
+
if (atype_code == "S" && suffix == "")
throw reportable_exception("invalid source suffix");
@@ -1936,7 +1938,6 @@ handler_cb (void * /*cls*/,
suffix = url_copy.substr(slash3); // include the slash in the suffix
}
- inc_metric("http_requests_total", "type", artifacttype);
// get the resulting fd so we can report its size
int fd;
r = handle_buildid(connection, buildid, artifacttype, suffix, &fd);
diff --git a/tests/ChangeLog b/tests/ChangeLog
index 889f5066d537..9444712889a6 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,3 +1,7 @@
+2021-02-25 Frank Ch. Eigler <fche@redhat.com>
+
+ * run-debuginfod-find.sh: Add bad webapi artifacttype test.
+
2021-02-17 Frank Ch. Eigler <fche@redhat.com>
* run-debuginfod-find.sh: Tweak wait_ready() to also print -vvv log of
diff --git a/tests/run-debuginfod-find.sh b/tests/run-debuginfod-find.sh
index 1ae63e0ee79a..bcca61301b2b 100755
--- a/tests/run-debuginfod-find.sh
+++ b/tests/run-debuginfod-find.sh
@@ -493,6 +493,9 @@ curl -s http://127.0.0.1:$PORT1/metrics | grep 'scanned_bytes_total'
curl -s http://127.0.0.1:$PORT2/badapi > /dev/null || true
curl -s http://127.0.0.1:$PORT2/buildid/deadbeef/debuginfo > /dev/null || true
+# Confirm bad artifact types are rejected without leaving trace
+curl -s http://127.0.0.1:$PORT2/buildid/deadbeef/badtype > /dev/null || true
+(curl -s http://127.0.0.1:$PORT2/metrics | grep 'badtype') && false
########################################################################
# Corrupt the sqlite database and get debuginfod to trip across its errors
More information about the Elfutils-devel
mailing list