Merge pull request #111 from jplevyak/release-1.3-use-after-free #113
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Apply fix for use-after-free in Envoy ThreadLocal Slot. Signed-off-by: John Plevyak <jplevyak@gmail.com>
rlenglet
reviewed
Oct 11, 2019
lambdai
approved these changes
Oct 11, 2019
| @@ -280,8 +280,12 @@ class MutableConfigProviderImplBase : public ConfigProvider { | |||
| * @param config supplies the newly instantiated config. | |||
| */ | |||
| void onConfigUpdate(const ConfigConstSharedPtr& config) { | |||
There was a problem hiding this comment.
I see a if (getConfig() == config) { return; } in 1.2
Add to 1.1. as well ?
rlenglet
approved these changes
Oct 11, 2019
|
The code it was replacing didn't do that check in this version. Do you
want me to add it?
…On Fri, Oct 11, 2019, 11:54 AM Yuchen Dai ***@***.***> wrote:
***@***.**** approved this pull request.
LGTM as it's almost equivalent to the 1.2 PR
------------------------------
In source/common/config/config_provider_impl.h
<#113 (comment)>:
> @@ -280,8 +280,12 @@ class MutableConfigProviderImplBase : public ConfigProvider {
* @param config supplies the newly instantiated config.
*/
void onConfigUpdate(const ConfigConstSharedPtr& config) {
I see a if (getConfig() == config) { return; } in 1.2
Add to 1.1. as well ?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#113?email_source=notifications&email_token=AACEXIAWPGQ5KKEMKFNIYL3QODDX7A5CNFSM4I7VRL42YY3PNVWWK3TUL52HS4DFWFIHK3DMKJSXC5LFON2FEZLWNFSXPKTDN5WW2ZLOORPWSZGOCHXORSA#pullrequestreview-300869832>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AACEXIADEOWYURHSVFWNUKTQODDX7ANCNFSM4I7VRL4Q>
.
|
|
Both are ok. I won't be worry about it |
howardjohn
pushed a commit
that referenced
this pull request
Mar 3, 2020
This is similar to the http2 frame protection, but rather than try to guard [header block || last body bytes || last chunk in chunk encoding || trailer block] depending on end stream, which just gets messy, I opted to just add an empty reference counted fragment after the body was serialized, which appears to work just as well with a small theoretical overhead. If folks think the complexity is warranted I can of course do that instead. Risk Level: Medium Testing: new unit tests, integration test Docs Changes: stats documented Release Notes: added Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: Lizan Zhou <lizan@tetrate.io> Signed-off-by: Jianfei Hu <jianfeih@google.com>
istio-testing
pushed a commit
that referenced
this pull request
Mar 4, 2020
This is similar to the http2 frame protection, but rather than try to guard [header block || last body bytes || last chunk in chunk encoding || trailer block] depending on end stream, which just gets messy, I opted to just add an empty reference counted fragment after the body was serialized, which appears to work just as well with a small theoretical overhead. If folks think the complexity is warranted I can of course do that instead. Risk Level: Medium Testing: new unit tests, integration test Docs Changes: stats documented Release Notes: added Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Co-authored-by: Lizan Zhou <lizan@tetrate.io>
fpesce
pushed a commit
that referenced
this pull request
Jun 30, 2020
This is similar to the http2 frame protection, but rather than try to guard [header block || last body bytes || last chunk in chunk encoding || trailer block] depending on end stream, which just gets messy, I opted to just add an empty reference counted fragment after the body was serialized, which appears to work just as well with a small theoretical overhead. If folks think the complexity is warranted I can of course do that instead. Risk Level: Medium Testing: new unit tests, integration test Docs Changes: stats documented Release Notes: added Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
brian-avery
pushed a commit
that referenced
this pull request
Jun 30, 2020
This is similar to the http2 frame protection, but rather than try to guard [header block || last body bytes || last chunk in chunk encoding || trailer block] depending on end stream, which just gets messy, I opted to just add an empty reference counted fragment after the body was serialized, which appears to work just as well with a small theoretical overhead. If folks think the complexity is warranted I can of course do that instead. Risk Level: Medium Testing: new unit tests, integration test Docs Changes: stats documented Release Notes: added Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: Lizan Zhou <lizan@tetrate.io> Signed-off-by: Jianfei Hu <jianfeih@google.com>
Miss-you
pushed a commit
to Miss-you/envoy
that referenced
this pull request
Nov 17, 2020
zh translation intro\arch_overview\listeners\listeners_toc.rst.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Apply fix for use-after-free in Envoy ThreadLocal Slot.
Signed-off-by: John Plevyak jplevyak@gmail.com