Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(w3c): fix traceparent validation #4791

Merged
merged 15 commits into from
Dec 19, 2022
Merged
Show file tree
Hide file tree
Changes from 6 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
46 changes: 20 additions & 26 deletions ddtrace/propagation/http.py
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,10 @@ def _possible_header(header):
_POSSIBLE_HTTP_HEADER_TRACESTATE = _possible_header(_HTTP_HEADER_TRACESTATE)


# https://www.w3.org/TR/trace-context/#traceparent-header-field-values
_TRACEPARENT_HEX_REGEX = "^[a-f0-9]{2}-[a-f0-9]{32}-[a-f0-9]{16}-[a-f0-9]{2}$"
mabdinur marked this conversation as resolved.
Show resolved Hide resolved


def _extract_header_value(possible_header_names, headers, default=None):
# type: (FrozenSet[str], Dict[str, str], Optional[str]) -> Optional[str]
for header in possible_header_names:
Expand Down Expand Up @@ -550,35 +554,29 @@ def _get_traceparent_values(tp):
Otherwise we extract the trace-id, span-id, and sampling priority from the
traceparent header.
"""
tp = tp.strip()
if not re.match(_TRACEPARENT_HEX_REGEX, tp) or tp.startswith("ff"):
mabdinur marked this conversation as resolved.
Show resolved Hide resolved
mabdinur marked this conversation as resolved.
Show resolved Hide resolved
# ff is an invalid traceparent version: https://www.w3.org/TR/trace-context/#version
raise ValueError("W3C traceparent hex is invalid: %s" % tp)
mabdinur marked this conversation as resolved.
Show resolved Hide resolved

version, trace_id_hex, span_id_hex, trace_flags_hex = tp.strip().split("-")
# check version is a valid hexadecimal, if not it's invalid we will move on to the next prop method
int(version, 16)
# https://www.w3.org/TR/trace-context/#version
if version == "ff":
raise ValueError("'ff' is an invalid traceparent version")
# currently 00 is the only version format, but if future versions come up we may need to add changes
if version != "00":
mabdinur marked this conversation as resolved.
Show resolved Hide resolved
log.warning("unsupported traceparent version:%r, still attempting to parse", version)

if len(trace_id_hex) == 32 and len(span_id_hex) == 16 and len(trace_flags_hex) >= 2:
trace_id = _hex_id_to_dd_id(trace_id_hex)
span_id = _hex_id_to_dd_id(span_id_hex)
trace_id = _hex_id_to_dd_id(trace_id_hex)
span_id = _hex_id_to_dd_id(span_id_hex)

# All 0s are invalid values
if trace_id == 0:
raise ValueError("0 value for trace_id is invalid")
if span_id == 0:
raise ValueError("0 value for span_id is invalid")
# All 0s are invalid values
if trace_id == 0:
raise ValueError("0 value for trace_id is invalid")
if span_id == 0:
raise ValueError("0 value for span_id is invalid")

trace_flags = _hex_id_to_dd_id(trace_flags_hex)
# there's currently only one trace flag, which denotes sampling priority
# was set to keep "01" or drop "00"
# trace flags is a bit field: https://www.w3.org/TR/trace-context/#trace-flags
sampling_priority = trace_flags & 0x1

else:
raise ValueError("W3C traceparent hex length incorrect: %s" % tp)
trace_flags = _hex_id_to_dd_id(trace_flags_hex)
# there's currently only one trace flag, which denotes sampling priority
# was set to keep "01" or drop "00"
# trace flags is a bit field: https://www.w3.org/TR/trace-context/#trace-flags
sampling_priority = trace_flags & 0x1

return trace_id, span_id, sampling_priority

Expand Down Expand Up @@ -644,10 +642,6 @@ def _extract(headers):
if tp is None:
log.debug("no traceparent header")
return None
# uppercase char in tp makes it invalid:
# https://www.w3.org/TR/trace-context/#traceparent-header-field-values
if not tp.islower():
raise ValueError("uppercase characters are not allowed in traceparent")
trace_id, span_id, sampling_priority = _TraceContext._get_traceparent_values(tp)
except (ValueError, AssertionError):
log.exception("received invalid w3c traceparent: %s ", tp)
Expand Down
24 changes: 15 additions & 9 deletions tests/tracer/test_propagation.py
Original file line number Diff line number Diff line change
Expand Up @@ -448,17 +448,21 @@ def test_tracecontext_get_sampling_priority(sampling_priority_tp, sampling_prior
"0-4bf92f3577b34da6a3ce929d0e0e4736-00f067aa0ba902b7-01",
# tp, trace_id, span_id, sampling_priority
(11803532876627986230, 67667974448284343, 1),
["unsupported traceparent version:'0', still attempting to parse"],
None,
[],
ValueError,
),
(
"ff-4bf92f3577b34da6a3ce929d0e0e4736-00f067aa0ba902b7-01",
mabdinur marked this conversation as resolved.
Show resolved Hide resolved
# tp, trace_id, span_id, sampling_priority
(11803532876627986230, 67667974448284343, 1),
mabdinur marked this conversation as resolved.
Show resolved Hide resolved
[],
ValueError,
),
(
"00-f92f3577b34da6a3ce929d0e0e4736-00f067aa0ba902b7-01",
# tp, trace_id, span_id, sampling_priority
None,
[
"received invalid w3c traceparent: 00-f92f3577b34da6a3ce929d0e0e4736-00f067aa0ba902b7-01.",
"W3C traceparent hex length incorrect: 00-f92f3577b34da6a3ce929d0e0e4736-00f067aa0ba902b7-01",
],
[],
ValueError,
),
( # we still parse the trace flag and analyze the it as a bit field
Expand All @@ -476,6 +480,7 @@ def test_tracecontext_get_sampling_priority(sampling_priority_tp, sampling_prior
"traceflag_00",
"unsupported_version",
"short_version",
"invalid_version",
"short_trace_id",
"unknown_trace_flag",
],
Expand All @@ -489,9 +494,10 @@ def test_extract_traceparent(caplog, headers, expected_tuple, expected_logging,
else:
traceparent_values = _TraceContext._get_traceparent_values(headers)
assert traceparent_values == expected_tuple
if caplog.text or expected_logging:
for expected_log in expected_logging:
assert expected_log in caplog.text

if caplog.text or expected_logging:
for expected_log in expected_logging:
assert expected_log in caplog.text


@pytest.mark.parametrize(
Expand Down