fix: Fix http PathAndQuery Uri Parsing#2122
Conversation
|
jkosh44-datadog
changed the title
Clippy Allow Annotation ReportComparing clippy allow annotations between branches:
Summary by Rule
Annotation Counts by File
Annotation Stats by Crate
About This ReportThis report tracks Clippy allow annotations for specific rules, showing how they've changed in this PR. Decreasing the number of these annotations generally improves code quality. |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 79271436c9
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
Artifact Size Benchmark Reportaarch64-alpine-linux-musl
aarch64-unknown-linux-gnu
libdatadog-x64-windows
libdatadog-x86-windows
x86_64-alpine-linux-musl
x86_64-unknown-linux-gnu
|
`http` version 1.4.1 became stricter in `PathAndQuery` input parsing to reject all inputs that do not start with `/`, including empty inputs. Previously, this library passed in an empty input in multiple places when constructing a `PathAndQuery`. Users are not able to upgrade `http` past 1.4.0 without this library breaking. This commit fixes the issue by replacing the empty inputs with `"/"`.
jkosh44-datadog
force-pushed
the
joe/http-path-and-query-fix
branch
from
7927143 to
fdc623d
Compare
| .scheme("windows") | ||
| .authority(path) | ||
| .path_and_query("") | ||
| .path_and_query("/") |
There was a problem hiding this comment.
is this correct for windows?
There was a problem hiding this comment.
I think so. If you look at the code, it's explicitly expecting the first byte to be b'/', and I don't see any cfg flags based on OS.
https://docs.rs/http/latest/src/http/uri/path.rs.html#427-429
Here's the full path of path_and_query():
path_and_query()calls intoPathAndQuery::try_into: https://docs.rs/http/latest/src/http/uri/builder.rs.html#93-103TryFrom<&str>calls intoTryFrom<&[u8]>: https://docs.rs/http/latest/src/http/uri/builder.rs.html#93-103TryFrom<&[u8]>calls intoPathAndQuery::from_shared: https://docs.rs/http/latest/src/http/uri/path.rs.html#223-229from_sharedcallsscan_path_and_query: https://docs.rs/http/latest/src/http/uri/path.rs.html#21-39scan_path_and_queryreturns an error if the bytes are empty: https://docs.rs/http/latest/src/http/uri/path.rs.html#415-417scan_path_and_queryreturns an error if the first byte isn't one of/,?,#: https://docs.rs/http/latest/src/http/uri/path.rs.html#427-429
I see that there's two tests at the bottom of this file that call this function, are they run on Windows? If so, is that sufficient to gain confidence that it's correct on Windows? If not, is there any additional test we can add?
I'm not super familiar with this code base or with windows so it's hard for me to say with a high level of certainty if it's correct or not.
morrisonlevi
left a comment
morrisonlevi
left a comment
There was a problem hiding this comment.
Have you manually tested unix domain sockets at all? I think that this probably is fine but it's one of those things I think is worth testing end-to-end. If you want help, I can show you how to do this for dd-trace-php.
@morrisonlevi I have not manually tested it, and yes I would appreciate if you could show me how. I have not done any manual testing and have been leaning on CI fully for validation. |
@morrisonlevi bump, how can I test the unix domain sockets end-to-end? |
paullegranddc
left a comment
paullegranddc
left a comment
There was a problem hiding this comment.
For the data-pipeline crates, this looks correct to me.
The authority get's decoded all the same for unix socket/windows piped and the path_and_query part of the URL is replaced to talk to specific endpoints
gh-worker-dd-devflow-36fce6
Bot
added
mergequeue-status: queued
mergequeue-status: in_progress
and removed
mergequeue-status: queued
labels
We do have integration tests using UDS in the trace exporter https://github.com/DataDog/libdatadog/blob/main/libdd-data-pipeline/tests/test_trace_exporter.rs#L345C14-L345C31 |
gh-worker-dd-mergequeue-cf854d
Bot
merged commit e746d26
into
main
gh-worker-dd-mergequeue-cf854d
Bot
deleted the
joe/http-path-and-query-fix
branch
# Release proposal for libdd-remote-config and its dependencies This PR contains version bumps based on public API changes and commits since last release. ## libdd-common **Next version:** `5.0.0` **Semver bump:** `major` **Tag:** `libdd-common-v5.0.0` ### Commits - chore(profiling): Use SECURITY_ANONYMOUS when connecting to named pipe server (#2134) - fix: Fix http PathAndQuery Uri Parsing (#2122) - chore(common)!: replace native-certs with platform-verifier (#2078) - feat(data-pipeline)!: CSS Trace Filters (#1985) - fix(libdd-common): Add fallback logic for resolving Azure Functions instance name [SVLS-8931] (#2077) - test: fix timeouts on heavily contended scenarios (#2093) ## libdd-remote-config **Next version:** `1.0.0` **Semver bump:** `major` **Tag:** `libdd-remote-config-v1.0.0` **Warning:** this is an initial release. Please verify that the version and commits included are correct. --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: iunanua <18325288+iunanua@users.noreply.github.com>
5 participants
What does this PR do?
httpversion 1.4.1 became stricter inPathAndQueryinput parsing to reject all inputs that do not start with/, including empty inputs. Previously, this library passed in an empty input in multiple places when constructing aPathAndQuery. Users are not able to upgradehttppast 1.4.0 without this library breaking. This commit fixes the issue by replacing the empty inputs with"/".Motivation
Fix this library for
httpversions >= 1.4.1.Additional Notes
See https://dd.slack.com/archives/C05M4JAM5BJ/p1781552060779329?thread_ts=1781534034.370109&cid=C05M4JAM5BJ
How to test the change?
Existing unit tests should be sufficient, assuming the modified functions have coverage.