sql/pgwire/hba: add fuzzer#43805
Merged
craig[bot] merged 1 commit intocockroachdb:masterfrom Jan 8, 2020
madelynnblue:hba-fuzz
Merged
sql/pgwire/hba: add fuzzer#43805craig[bot] merged 1 commit intocockroachdb:masterfrom madelynnblue:hba-fuzz
craig[bot] merged 1 commit intocockroachdb:masterfrom
madelynnblue:hba-fuzz
Conversation
Member
|
This change is |
Contributor
Author
|
This immediately found lots of bugs. Run it yourself with |
Contributor
|
Woah this is absolutely fantastic 💖 I felt both humbled and very excited at the same time. This made my day! |
Contributor
|
I found this easier to troubleshoot: func FuzzParseAndNormalize(data []byte) int {
conf, err := ParseAndNormalize(string(data))
if err != nil {
return 0
}
s := conf.String()
conf2, err := ParseAndNormalize(s)
if err != nil {
panic(fmt.Errorf(`-- original:
%s
-- parsed:
%# v
-- new:
%s
-- error:
%v`,
string(data),
pretty.Formatter(conf),
s,
err))
}
s2 := conf2.String()
if s != s2 {
panic(fmt.Errorf(`reparse mismatch:
-- original:
%s
-- new:
%# v
-- printed:
%s`,
s,
pretty.Formatter(conf2),
s2))
}
return 1
} |
Contributor
|
All the errors so far stem from two limitations (I would not call them bugs):
The first one is easy to deal with, the second one I will deal with by rejecting control characters in the input altogether. |
Release note: None
Contributor
Author
|
bors r+ |
Contributor
Build succeeded |
craig bot
pushed a commit
that referenced
this pull request
Jan 8, 2020
43792: batcheval: clean up remaning variable names of `{Reader,ReadWriter}` types r=irfansharif a=irfansharif
Ignore first commit, reviewed in #43764.
We should be using {reader,readWriter} for
{Reader,ReadWriter} respectively instead. I'd skipped everything under
batcheval when working on #43265, back when I thought it'd be a good
idea to plumb in an engine.Batch throughout replica read codepaths. Due
to perf penalty as seen on #43388, I'm no longer going to be doing that.
This is the remaining work.
Release note: None
43811: hba: stricter parsing and better pretty-printing r=knz a=knz
The following defects were found by @mjibson using
`go-fuzz` (#43805) and are fixed by this patch:
- the code would parse then fail to pretty-print an empty connection
type and auth method.
- the code would parse then pretty-print incorrectly a connection
type or auth method containing commas or other special characters.
- the code would accept an empty string as address.
- the code would accept then fail to pretty-print columns containing
special (control) characters.
Note that the code previously supported tabs (\t) and carriage
returns (\r) inside quoted strings, and this is now rejected. For most
fields, this does not matter, as these special characters were not
valid semantically anyway.
However, for the method options in the last column it is theoretically
possible for a method to wish to use such special characters. This is
not currently the case for the CCL `gss` method already implemented,
so this change is not introducing a regression. A comment is left in
the code to indicate what needs to be changed if a future method needs
this support.
Release note (security): CockroachDB now properly rejects control
characters in the value of the cluster setting
`server.host_based_authentication.configuration`. These characters
were previously accepted and would silently yield rules matching
differently from intended. Deployments careful to strip control
characters from their HBA configuration are not affected.
Co-authored-by: irfan sharif <irfanmahmoudsharif@gmail.com>
Co-authored-by: Raphael 'kena' Poss <knz@thaumogen.net>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Release note: None