mirror of
https://github.com/prometheus/prometheus.git
synced 2026-04-24 23:58:56 -04:00
c9dd34ac6b
Two cases in compactBuckets caused a panic when fed malformed histogram data (e.g. via a crafted protobuf message): 1. All spans have zero length: after the zero-length span removal pass, spans becomes empty. The subsequent loop called emptyBucketsHere(), which accessed spans[0] and panicked with index out of range. Fixed by the early return added in the previous commit (already on this branch via the roidelapluie/histogram-compact-zero-spans fix). 2. More buckets than spans describe: iSpan can reach len(spans) before all buckets are consumed, causing emptyBucketsHere() to access spans[iSpan] out of bounds. Fixed by adding iSpan < len(spans) to the loop guard. Both fixes in compactBuckets are defensive layers. The primary fix is in the protobuf parser: checkNativeHistogramConsistency now validates that span total length matches bucket count before calling Compact(), returning a proper error for malformed input instead of panicking. Found by FuzzParseProtobuf. Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| testdata | ||
| benchmark_test.go | ||
| interface.go | ||
| interface_test.go | ||
| nhcbparse.go | ||
| nhcbparse_test.go | ||
| openmetricslex.l | ||
| openmetricslex.l.go | ||
| openmetricsparse.go | ||
| openmetricsparse_test.go | ||
| promlex.l | ||
| promlex.l.go | ||
| promparse.go | ||
| promparse_test.go | ||
| protobufparse.go | ||
| protobufparse_test.go | ||
| README.md | ||
Making changes to textparse lexers
In the rare case that you need to update the textparse lexers, edit promlex.l or openmetricslex.l and then run the following command:
golex -o=promlex.l.go promlex.l
Note that you need golex installed:
go get -u modernc.org/golex