Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(libsinsp): check ipvXnet size before comparing #1992

Merged
merged 2 commits into from
Aug 6, 2024
Merged

fix(libsinsp): check ipvXnet size before comparing #1992

merged 2 commits into from
Aug 6, 2024

Conversation

LucaGuerra
Copy link
Contributor

@LucaGuerra LucaGuerra commented Aug 5, 2024
edited
Loading

What type of PR is this?

Uncomment one (or more) /kind <> lines:

/kind bug

Any specific area of the project related to this PR?

Uncomment one (or more) /area <> lines:

/area libsinsp

Does this PR require a change in the driver versions?

No

What this PR does / why we need it:

Very similar to #1953 but in the "fd.net" part of the filterchecks. In this case we could get a type confusion for the parameter value, leading to an incorrect comparison (ipv4 vs ipv6).

We still need tests for these cases because they are very tricky.

cc @jasondellaluce , can you think of other places where this may happen?

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

fix(libsinsp): check ipv4/ipv6 size on fd.*net comparisons

@LucaGuerra
fix(libsinsp): check ipvXnet size before comparing
faccdc0 
Signed-off-by: Luca Guerra <luca@guerra.sh>
@LucaGuerra
Copy link
Contributor Author

/milestone 0.17.3

@poiana poiana added this to the 0.17.3 milestone Aug 5, 2024
@LucaGuerra LucaGuerra mentioned this pull request Aug 5, 2024
Closed
27 tasks
jasondellaluce
jasondellaluce previously approved these changes Aug 5, 2024
View reviewed changes
@poiana poiana added the lgtm label Aug 5, 2024
@poiana
Copy link
Contributor

poiana commented Aug 5, 2024

LGTM label has been added.

Git tree hash: bc3d934d9b12751561ff925717a6eece4204dc14

@jasondellaluce
Copy link
Contributor

can you think of other places where this may happen?

Good catch! I think this is the last instance of this, and also a friendly reminder that we'll need to stop having edge-cases for comparisons.

@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 5, 2024

Perf diff from master - unit tests

     5.67%     +1.39%  [.] sinsp::next
    10.35%     +1.29%  [.] sinsp_parser::reset
     2.28%     -1.11%  [.] scap_event_decode_params
     4.37%     -0.87%  [.] sinsp_evt::load_params
     4.15%     -0.76%  [.] gzfile_read
     0.51%     +0.67%  [.] sinsp_evt::get_direction
     0.79%     +0.64%  [.] 0x00000000000e8380
     1.14%     +0.56%  [.] sinsp::fetch_next_event
     3.01%     +0.55%  [.] sinsp_thread_manager::find_thread
     0.90%     -0.52%  [.] sinsp_split[abi:cxx11]

Perf diff from master - scap file

    18.76%     -7.03%  [.] sinsp_evt_formatter::tostring_withformat
     3.66%     +3.63%  [.] sinsp_filter_check::get_field_info
     7.54%     -2.51%  [.] sinsp_evt::get_param_as_str
     3.79%     +1.84%  [.] main
     7.35%     +1.49%  [.] sinsp_filter_check::get_transformed_field_info
     3.29%     +1.22%  [.] std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char*>
     7.33%     +1.22%  [.] sinsp_filter_check_event::extract_single
     7.47%     +1.17%  [.] sinsp_filter_check::tostring
    18.79%     -1.11%  [.] sinsp_filter_check::extract_nocache
     3.77%     -0.38%  [.] sinsp_filter_check::rawval_to_string

Heap diff from master - unit tests

peak heap memory consumption: 0B
peak RSS (including heaptrack overhead): 0B
total memory leaked: 0B

Heap diff from master - scap file

peak heap memory consumption: 0B
peak RSS (including heaptrack overhead): 0B
total memory leaked: 0B

@codecov Codecov
Copy link

codecov bot commented Aug 5, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 48.48485% with 34 lines in your changes missing coverage. Please review.

Project coverage is 51.21%. Comparing base (9bda461) to head (952cf8a).
Report is 2 commits behind head on master.

Files Patch % Lines
...erspace/libsinsp/test/filter_op_net_compare.ut.cpp 48.27% 0 Missing and 30 partials ⚠️
userspace/libsinsp/sinsp_filtercheck_fd.cpp 50.00% 4 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #1992      +/-   ##
==========================================
+ Coverage   50.99%   51.21%   +0.21%     
==========================================
  Files         310      311       +1     
  Lines       39607    39670      +63     
  Branches    17666    17554     -112     
==========================================
+ Hits        20198    20316     +118     
+ Misses      14340    14239     -101     
- Partials     5069     5115      +46

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Andreagit97
Andreagit97 reviewed Aug 6, 2024
View reviewed changes
Copy link
Member

@Andreagit97 Andreagit97 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add some tests for these cases? Maybe we will figure out other issues :/

@Molter73 Molter73 mentioned this pull request Aug 6, 2024
Closed
@poiana poiana removed the lgtm label Aug 6, 2024
@poiana poiana added size/L and removed size/S labels Aug 6, 2024
@LucaGuerra LucaGuerra force-pushed the fix/filtercheck_fd_check-ipvxnet-size branch from 729f534 to 3e90cf9 Compare August 6, 2024 15:12
@LucaGuerra
new(libsinsp/test): add tests for net compare
952cf8a 
Signed-off-by: Luca Guerra <luca@guerra.sh>
@LucaGuerra LucaGuerra force-pushed the fix/filtercheck_fd_check-ipvxnet-size branch from 3e90cf9 to 952cf8a Compare August 6, 2024 15:16
@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 6, 2024

Perf diff from master - unit tests

     1.90%     -1.47%  [.] scap_next
     6.12%     +0.91%  [.] sinsp::next
     0.33%     +0.74%  [.] sinsp_split[abi:cxx11]
    11.71%     -0.72%  [.] sinsp_parser::reset
     3.19%     -0.62%  [.] sinsp_thread_manager::find_thread
     2.94%     +0.51%  [.] sinsp_thread_manager::get_thread_ref
     5.47%     -0.50%  [.] next
     0.45%     +0.49%  [.] scap_event_has_large_payload
     0.55%     -0.47%  [.] std::__detail::_Hashtable_alloc<std::allocator<std::__detail::_Hash_node<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const, libsinsp::state::dynamic_struct::field_info>, true> > >::_M_allocate_node<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const, libsinsp::state::dynamic_struct::field_info> >
     4.19%     -0.46%  [.] sinsp_evt::load_params

Perf diff from master - scap file

     8.14%     +9.06%  [.] sinsp_evt_formatter::tostring_withformat
     4.32%     +7.70%  [.] sinsp_filter_check_event::extract_single
    17.77%     -3.78%  [.] sinsp_filter_check::tostring
     9.82%     -3.17%  [.] sinsp_filter_check_thread::extract_single
     9.05%     -2.82%  [.] sinsp_thread_manager::find_thread
     3.89%     +1.39%  [.] 0x00000000000a7694
     3.97%     +1.34%  [.] sinsp_evt::get_param_as_str
     4.00%     +1.27%  [.] std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char*>
     4.09%     -0.47%  [.] sinsp_filter_check::parse_field_name
     3.82%     -0.46%  [.] libsinsp::container_engine::libvirt_lxc::match

Heap diff from master - unit tests

peak heap memory consumption: -818B
peak RSS (including heaptrack overhead): 0B
total memory leaked: 0B

Heap diff from master - scap file

peak heap memory consumption: 0B
peak RSS (including heaptrack overhead): 0B
total memory leaked: 0B

@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 6, 2024

Perf diff from master - unit tests

    11.84%     -1.45%  [.] sinsp_parser::reset
     1.92%     -1.37%  [.] scap_next
     1.02%     +0.98%  [.] sinsp::fetch_next_event
     2.25%     -0.98%  [.] std::_Hashtable<long, std::pair<long const, std::shared_ptr<sinsp_threadinfo> >, std::allocator<std::pair<long const, std::shared_ptr<sinsp_threadinfo> > >, std::__detail::_Select1st, std::equal_to<long>, std::hash<long>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<false, false, true> >::_M_find_before_node
     4.23%     -0.73%  [.] sinsp_evt::load_params
     1.04%     +0.60%  [.] libsinsp::sinsp_suppress::process_event
     1.29%     -0.60%  [.] sinsp_parser::event_cleanup
     0.45%     +0.54%  [.] scap_event_has_large_payload
     0.45%     +0.49%  [.] thread_group_info::get_first_thread
     0.62%     -0.47%  [.] sinsp_container_manager::resolve_container

Perf diff from master - scap file

     4.04%     +8.14%  [.] sinsp_filter_check::extract_nocache
    10.35%     +5.10%  [.] sinsp_filter_check_thread::extract_single
     4.10%     +4.18%  [.] 0x00000000000a7694
    18.72%     -2.77%  [.] sinsp_filter_check::tostring
     4.15%     +2.09%  [.] next
     4.55%     +1.87%  [.] sinsp_filter_check_event::extract_single
     8.23%     -1.79%  [.] sinsp_filter_check::apply_transformers
     8.20%     -1.78%  [.] sinsp_filter_check::rawval_to_string
     4.07%     +0.16%  [.] sinsp_evt::get_param_info
     4.06%     +0.16%  [.] sinsp_parser::process_event

Heap diff from master - unit tests

peak heap memory consumption: -818B
peak RSS (including heaptrack overhead): 0B
total memory leaked: 0B

Heap diff from master - scap file

peak heap memory consumption: 0B
peak RSS (including heaptrack overhead): 0B
total memory leaked: 0B

Andreagit97
Andreagit97 approved these changes Aug 6, 2024
View reviewed changes
Copy link
Member

@Andreagit97 Andreagit97 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@poiana poiana added the lgtm label Aug 6, 2024
@poiana
Copy link
Contributor

poiana commented Aug 6, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Andreagit97, LucaGuerra

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [Andreagit97,LucaGuerra]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@poiana
Copy link
Contributor

poiana commented Aug 6, 2024

LGTM label has been added.

Git tree hash: 64816d120ef8561947035c59bf0266f9b6b97820

@poiana poiana merged commit 8615f0b into falcosecurity:master Aug 6, 2024
44 of 46 checks passed
@LucaGuerra LucaGuerra deleted the fix/filtercheck_fd_check-ipvxnet-size branch August 6, 2024 16:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasondellaluce jasondellaluce jasondellaluce approved these changes

@Andreagit97 Andreagit97 Andreagit97 approved these changes

@hbrueckner hbrueckner Awaiting requested review from hbrueckner

@mstemm mstemm Awaiting requested review from mstemm

Assignees

@jasondellaluce jasondellaluce

@Andreagit97 Andreagit97

Labels
approved area/libsinsp dco-signoff: yes kind/bug Something isn't working lgtm release-note size/L
Projects
None yet
Milestone
0.17.3
Development

Successfully merging this pull request may close these issues.
4 participants
@LucaGuerra @poiana @jasondellaluce @Andreagit97