Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[subscriptions] Fix for Validating URLs #239

Merged
merged 3 commits into from
Nov 9, 2023

Conversation

onelapahead
Copy link
Contributor

@onelapahead onelapahead commented Nov 9, 2023

We've observed a webhook subscription can be configured with URL which resolves an empty address (without throwing earlier errors):

panic: runtime error: index out of range [0] with length 0

goroutine 66 [running]:
github.com/hyperledger/firefly-ethconnect/internal/events.(*eventStream).isAddressUnsafe(0x11c4458, 0x1217e18)
	/kaleido-io/ethconnect/internal/events/eventstream.go:767 +0xd4

This is meant to treat this edge case then as an "unsafe address" so Ethconnect does not 1) panic and 2) the URL / hostname will be bubbled up as an error.

Signed-off-by: hfuss <hayden.fuss@kaleido.io>
@codecov-commenter
Copy link

codecov-commenter commented Nov 9, 2023

Codecov Report

Merging #239 (6c514c9) into main (111eb89) will increase coverage by 0.00%.
Report is 6 commits behind head on main.
The diff coverage is n/a.

❗ Current head 6c514c9 differs from pull request most recent head 2461f1e. Consider uploading reports for the commit 2461f1e to get more accurate results

@@           Coverage Diff           @@
##             main     #239   +/-   ##
=======================================
  Coverage   97.26%   97.26%           
=======================================
  Files          59       59           
  Lines        7521     7525    +4     
=======================================
+ Hits         7315     7319    +4     
  Misses        163      163           
  Partials       43       43           

see 2 files with indirect coverage changes

@onelapahead onelapahead marked this pull request as ready for review November 9, 2023 16:33
@onelapahead
Copy link
Contributor Author

We determined this occurs when if the url of a subscription does not contain the protocol i.e. http:// or https://. It feels like we should possibly have validation for that to prevent this from occurring.

Or bc we are parsing an invalid URL and ignoring the error: https://github.com/hyperledger/firefly-ethconnect/blob/main/internal/events/webhooks.go#L57

Signed-off-by: hfuss <hayden.fuss@kaleido.io>
@onelapahead
Copy link
Contributor Author

Or bc we are parsing an invalid URL and ignoring the error: https://github.com/hyperledger/firefly-ethconnect/blob/main/internal/events/webhooks.go#L57

I've opted for handling this error as I believe this shouldn't be so optimistic since the subscription API does not validate the URL on creation / updates. Will defer adding such API validation for another time. This PR should be ready for review @peterbroadhurst @nguyer

Signed-off-by: hfuss <hayden.fuss@kaleido.io>
@onelapahead onelapahead changed the title [dns] Fix for Invalid IP4 Address [subscriptions] Fix for Validating URLs Nov 9, 2023
@@ -764,7 +764,8 @@ func (a *eventStream) performActionWithRetry(batchNumber uint64, events []*event
func (a *eventStream) isAddressUnsafe(ip *net.IPAddr) bool {
ip4 := ip.IP.To4()
return !a.allowPrivateIPs &&
(ip4[0] == 0 ||
(len(ip4) < 1 ||
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Safeguard to prevent panics and instead treat an empty addr as unsafe

@@ -114,3 +108,20 @@ func (w *webhookAction) attemptBatch(batchNumber, attempt uint64, events []*even
}
return err
}

func (w *webhookAction) validateURL() (*url.URL, *net.IPAddr, error) {
u, err := url.Parse(w.spec.URL)
Copy link
Contributor Author

@onelapahead onelapahead Nov 9, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We now handle this error to late validate if what was provided on the subscription is in fact a URL and not something like a hostname or arbitrary string

@peterbroadhurst peterbroadhurst merged commit b7f33e9 into hyperledger:main Nov 9, 2023
2 checks passed
@peterbroadhurst peterbroadhurst deleted the ip4-unsafe-addr-fix branch November 9, 2023 21:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants