Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(src): avoid possible infinite loop in LoadAll(). #1319

Merged
merged 3 commits into from
Oct 30, 2024
Merged

fix(src): avoid possible infinite loop in LoadAll(). #1319

merged 3 commits into from
Oct 30, 2024

Conversation

FedeDP
Copy link
Contributor

@FedeDP FedeDP commented Sep 12, 2024
edited
Loading

Leave at first empty root.

This avoids an infinite loop in case of HandleNextDocument returning true even if the document has errors, basically because no token.type gets matched in SingleDocParser::HandleNode, leading to eventHandler.OnNull(mark, anchor); being called indefinitely at each iteration, pushing a null node to documents vector.

Another solution would be to add a m_scanner.pop(); in the default switch case in SingleDocParser::HandleNode to make sure we always consume the current token.

The behavior causes this issue: falcosecurity/falco#3281

Easily reproducible with a simple c++ example:

#include <yaml-cpp/yaml.h>

int main() {
    static const std::string yml = R"(
,
    )";
    YAML::LoadAll(yml);
    return 0;
}

@FedeDP FedeDP mentioned this pull request Sep 12, 2024
Closed
jbeder
jbeder requested changes Sep 12, 2024
View reviewed changes
Copy link
Owner

@jbeder jbeder left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add a test (e.g., the code in the PR description)? Something that infinite-loops before this PR but doesn't after.

@FedeDP
Copy link
Contributor Author

FedeDP commented Sep 13, 2024
edited
Loading

Added the test; please note that if #1318 is merged first, i'll need to rebase this PR on master and fix up the test (that will then throw a ParserException obviously).
Or if this is merged first, i will need to rebase the other ;)

@jbeder
Copy link
Owner

jbeder commented Sep 13, 2024

Merged the other one. Go ahead and rebase this and then ping me.

@FedeDP FedeDP force-pushed the fix/avoid_infinite_loop_loadall branch from 7e0c9e0 to 3d96ac1 Compare September 13, 2024 08:24
@FedeDP
Copy link
Contributor Author

FedeDP commented Sep 13, 2024

@jbeder done!
Thanks for the quick response!

@FedeDP
Copy link
Contributor Author

FedeDP commented Oct 10, 2024

Sorry for the ping @jbeder , any news on this one? :)
Thanks!

jbeder
jbeder requested changes Oct 10, 2024
View reviewed changes
Copy link
Owner

@jbeder jbeder left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry for the delay. It looks like I forgot to hit "send" on the review itself - github's UI is terrible :(

test/integration/node_spec_test.cpp Outdated
@@ -941,6 +941,13 @@ TEST(NodeSpecTest, Ex7_24_FlowNodes) {
EXPECT_EQ("", doc[4].as<std::string>());
}

TEST(NodeSpecTest, Ex7_25_InfiniteLoopNodes) {
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test file is just for the spec tests, ie, examples literally in the spec.

Can you add it to node_test?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done :)
Thanks for the feedback! (and agree about github's UI :/ )

Copy link
Contributor Author

@FedeDP FedeDP Oct 14, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see 2 CI failures that don't seem to be caused by my commits:

/usr/include/gtest/internal/gtest-port.h:279:2: error: #error C++ versions less than C++14 are not supported.
279 | #error C++ versions less than C++14 are not supported.

I think they bumped gtest version and it now requires c++14, therefore all jobs that use deps from system and building against c++11 will fail.

@FedeDP FedeDP force-pushed the fix/avoid_infinite_loop_loadall branch from 03d7a90 to 91b45cb Compare October 14, 2024 07:26
@leogr
Copy link

leogr commented Oct 29, 2024

Hey @jbeder

Any update on this?

@jbeder jbeder merged commit c2bec4c into jbeder:master Oct 30, 2024
31 of 33 checks passed
@FedeDP FedeDP deleted the fix/avoid_infinite_loop_loadall branch October 30, 2024 07:18
@FedeDP FedeDP mentioned this pull request Oct 30, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jbeder jbeder jbeder approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@FedeDP @jbeder @leogr