Skip to content

Commit

Permalink
[ASM] Log FormatException from get_Uri as debug (#6489)
Browse files Browse the repository at this point in the history 
## Summary of changes

Add catch blocks for the `FormatException` in all aspect where the `Uri`
is get from the instance.

## Reason for change

[Error identified on Error
Tracking](https://app.datadoghq.com/error-tracking?query=service%3Ainstrumentation-telemetry-data%20%2Aiast%2A%20%40lib_language%3Adotnet%20-%2ASystem.OutOfMemoryException%2A%20-%2ASystem.Threading.ThreadAbortException%2A&et-side=data&fromUser=true&issueId=0374ce80-0ddb-11ef-bfb2-da7ad0900002&refresh_mode=sliding&source=all&from_ts=1734966392184&to_ts=1735571192184&live=true).

The instrumentation fails because of an invalid string during the
creation of the `Uri`. The tainting would not happen because it requires
the `OriginalString` from the `Uri` to keep tracks of its usage.

## Implementation details

From the [Microsoft
Docs](https://learn.microsoft.com/en-us/dotnet/api/System.UriBuilder.Uri?view=net-6.0):
>
[UriFormatException](https://learn.microsoft.com/en-us/dotnet/api/system.uriformatexception?view=net-6.0)
The URI constructed by the
[UriBuilder](https://learn.microsoft.com/en-us/dotnet/api/system.uribuilder?view=net-6.0)
properties is invalid.

I did choose FormatException because from the
[docs](https://learn.microsoft.com/en-us/dotnet/api/System.UriBuilder.Uri?view=net-6.0#exceptions),
they say:
Note: In .NET for Windows Store apps or the Portable Class Library,
catch the base class exception,
[FormatException](https://learn.microsoft.com/en-us/dotnet/api/system.formatexception?view=net-6.0),
instead.
  • Loading branch information
@e-n-0
e-n-0 authored Jan 2, 2025
1 parent 1720e01 commit 205881b
Showing 1 changed file with 52 additions and 0 deletions.
52 changes: 52 additions & 0 deletions tracer/src/Datadog.Trace/Iast/Aspects/System/UriBuilderAspect.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,10 @@ public static UriBuilder Init(string uriText)
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(result.Uri.OriginalString, uriText);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(Init)}");
Expand All @@ -51,6 +55,10 @@ public static UriBuilder Init(Uri uri)
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(result.Uri.OriginalString, uri.OriginalString);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(Init)}");
Expand All @@ -73,6 +81,10 @@ public static UriBuilder Init(string scheme, string host)
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(result.Uri.OriginalString, host);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(Init)}");
Expand All @@ -96,6 +108,10 @@ public static UriBuilder Init(string scheme, string host, int port)
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(result.Uri.OriginalString, host);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(Init)}");
Expand All @@ -120,6 +136,10 @@ public static UriBuilder Init(string scheme, string host, int port, string path)
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(result.Uri.OriginalString, host, path);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(Init)}");
Expand All @@ -145,6 +165,10 @@ public static UriBuilder Init(string scheme, string host, int port, string path,
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(result.Uri.OriginalString, host, path, extra);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(Init)}");
Expand All @@ -166,6 +190,10 @@ public static void SetHost(UriBuilder instance, string parameter)
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(instance.Uri.OriginalString, parameter);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(Init)}");
Expand All @@ -185,6 +213,10 @@ public static void SetQuery(UriBuilder instance, string parameter)
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(instance.Uri.OriginalString, parameter);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
Expand All @@ -204,6 +236,10 @@ public static void SetPath(UriBuilder instance, string parameter)
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(instance.Uri.OriginalString, parameter);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetPath)}");
Expand All @@ -223,6 +259,10 @@ public static string GetHost(UriBuilder instance)
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(result, instance.Uri.OriginalString);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(GetHost)}");
Expand All @@ -244,6 +284,10 @@ public static string GetQuery(UriBuilder instance)
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(result, instance.Uri.OriginalString);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(GetQuery)}");
Expand All @@ -265,6 +309,10 @@ public static string GetPath(UriBuilder instance)
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(result, instance.Uri.OriginalString);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(GetPath)}");
Expand All @@ -287,6 +335,10 @@ public static string GetPath(UriBuilder instance)
{
PropagationModuleImpl.PropagateWholeResultWhenInputTainted(result, (instance as UriBuilder)?.Uri?.OriginalString);
}
catch (FormatException ex)
{
IastModule.Log.Debug(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(SetQuery)}");
}
catch (Exception ex)
{
IastModule.Log.Error(ex, $"Error invoking {nameof(UriBuilderAspect)}.{nameof(ToString)}");
Expand Down

0 comments on commit 205881b

Please sign in to comment.