Skip to content

Intrigus/fix/ss http resolve archive misc #7535

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
intrigus-lgtm wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Intrigus/fix/ss http resolve archive misc #7535

intrigus-lgtm wants to merge 3 commits into from

Conversation

@intrigus-lgtm
Copy link
Contributor

@intrigus-lgtm intrigus-lgtm commented Dec 3, 2025

No description provided.

@intrigus-lgtm
ss(http|resolve): reject header prefixes
0cdbf7c
@intrigus-lgtm
ssresolve: do not crash on missing location header
6a6736d 
`location` would otherwise be passed as NULL to fd_memcpy.
@intrigus-lgtm
ssarchive: reject suffixes
8997d39 
tar.zstfoobar was previously accepted, but shouldn't.
@intrigus-lgtm intrigus-lgtm force-pushed the intrigus/fix/ss-http-resolve-archive-misc branch from 9648996 to 8997d39 Compare December 3, 2025 15:56
ripatel-fd
ripatel-fd requested changes Dec 3, 2025
View reviewed changes
Copy link
Contributor

@ripatel-fd ripatel-fd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you very much for the fixes, these look great. Would you mind adding unit tests reproducing the bugs you've fixed though? If you don't have time to do this, I'm happy to take it over. Just blocking for now to keep myself honest because if I merge this, I'll just forget to add tests later.

@amass-jump amass-jump self-requested a review December 3, 2025 15:59
@github-actions
Copy link

github-actions bot commented Dec 3, 2025

Performance Measurements ⏳

Suite Baseline New Change
backtest mainnet-368528500-perf per slot 0.062978 s 0.063589 s 0.970%
backtest mainnet-368528500-perf snapshot load 2.352 s 2.298 s -2.296%
backtest mainnet-368528500-perf total elapsed 62.978149 s 63.589483 s 0.971%
firedancer mem usage with mainnet.toml 1014.23 GiB 1014.23 GiB 0.000%

ripatel-fd
ripatel-fd reviewed Dec 3, 2025
View reviewed changes
src/discof/restore/utils/fd_ssresolve.c
}
}

if( FD_UNLIKELY( !location ) ) {
Copy link
Contributor

@ripatel-fd ripatel-fd Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if( FD_UNLIKELY( !location ) ) {
if( FD_UNLIKELY( !location_len ) ) {

Copy link
Contributor Author

@intrigus-lgtm intrigus-lgtm Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a specific reason you prefer this?
When location is not NULL, location_len >= 1 should be guaranteed by line 264.
But of course happy to change this.

Copy link
Contributor

@ripatel-fd ripatel-fd Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We typically always do "slice empty?" type checks on the length field. It's a more complete solution because often slices with an invalid (but not NULL) base pointer and a zero size length are considered valid

Copy link
Contributor Author

@intrigus-lgtm intrigus-lgtm Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense!
Should I align

firedancer/src/discof/restore/utils/fd_sshttp.c

Lines 451 to 455 in 8997d39

if( FD_UNLIKELY( !location ) ) {
FD_LOG_WARNING(( "no location header in redirect response" ));
fd_sshttp_cancel( http );
return FD_SSHTTP_ADVANCE_ERROR;
}
to this pattern as well?

Copy link
Contributor

@ripatel-fd ripatel-fd Dec 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes please

@intrigus-lgtm
Copy link
Contributor Author

intrigus-lgtm commented Dec 3, 2025

Thank you very much for the fixes, these look great. Would you mind adding unit tests reproducing the bugs you've fixed though? If you don't have time to do this, I'm happy to take it over. Just blocking for now to keep myself honest because if I merge this, I'll just forget to add tests later.

A few of those functions are in static functions.
How should I test those?
I could either make them non-static or test them indirectly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ripatel-fd ripatel-fd ripatel-fd requested changes

@amass-jump amass-jump Awaiting requested review from amass-jump

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@intrigus-lgtm @ripatel-fd