Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

harden pgsql parser #825

Merged
merged 2 commits into from
Jan 25, 2016
Merged

harden pgsql parser #825

merged 2 commits into from
Jan 25, 2016

Conversation

urso
Copy link

@urso urso commented Jan 22, 2016

Resolves #565

  • Split parser loop in more fine-grained parser functions
  • check pgsql strings really end with \0
  • check pgsql message type
  • limit data row/column/fields parsing buffer regarding to length field
  • check row/column/fields parser consumed exactly length bytes
  • do not skip some parsing errors, but report to kill stream

@urso
Copy link
Author

urso commented Jan 22, 2016

also fix off-by one error in comparison leading up to panic when accessing buffer

@urso urso mentioned this pull request Jan 22, 2016
Closed
@monicasarbu
Copy link
Contributor

LGTM

@urso urso added the review label Jan 25, 2016
andrewkroh
andrewkroh reviewed Jan 25, 2016
View reviewed changes
packetbeat/protos/pgsql/parse.go
logp.Critical("Pgsql invalid parser state")
}

detailedf("parseMessage return: ok=%v, complete=%v, off=%v",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did you intend for parseMessage to be pgsqlMessageParser?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually no. it was for wrapping the switch statements, but I see what you mean. Will update the output.

@andrewkroh
Copy link
Member

LGTM

urso added 2 commits January 25, 2016 19:14
Refactor pgsql parser
fd42478 
Split parser loop in more fine-grained parser functions
- Update changelog
b5e25ad 
- Harden pgsql parser
  - check pgsql strings really end with \0
  - check pgsql message type
  - limit data row/column/fields parsing buffer regarding to length field
  - check row/column/fields parser consumed exactly `length` bytes
  - do not skip some parsing errors, but report to kill stream
@urso urso force-pushed the bug/565-pgsql-parser branch from 4ef40c4 to b5e25ad Compare January 25, 2016 18:15
andrewkroh added a commit that referenced this pull request Jan 25, 2016
@andrewkroh
Merge pull request #825 from urso/bug/565-pgsql-parser
93f5368 
harden pgsql parser
@andrewkroh andrewkroh merged commit 93f5368 into elastic:master Jan 25, 2016
@urso urso deleted the bug/565-pgsql-parser branch January 27, 2016 12:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug Packetbeat review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@urso @monicasarbu @andrewkroh