Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

filebeat/input/udp - Fix panic in linux input metrics #35068

Merged
merged 1 commit into from
Apr 12, 2023
Merged

filebeat/input/udp - Fix panic in linux input metrics #35068

merged 1 commit into from
Apr 12, 2023

Conversation

andrewkroh
Copy link
Member

@andrewkroh andrewkroh commented Apr 12, 2023
edited
Loading

What does this PR do?

A panic occurred while parsing /proc/net/udp and reaching the final empty line. This occurred on Linux when the desired socket was not found in the list.

Fixes #35064

Why is it important?

The panic causes Filebeat to exit.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Related issues

@andrewkroh
filebeat/input/udp - Fix panic in linux input metrics
1f59ee3 
A panic occurred while parsing /proc/net/udp and reaching the final empty line.
This occurred on Linux when the desired socket was not found in the list.

Fixes elastic#35064
@andrewkroh andrewkroh requested a review from a team as a code owner April 12, 2023 15:26
@andrewkroh andrewkroh requested review from belimawr and leehinman and removed request for a team April 12, 2023 15:26
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Apr 12, 2023
@elasticmachine
Copy link
Collaborator

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Apr 12, 2023
@andrewkroh andrewkroh mentioned this pull request Apr 12, 2023
Closed
@andrewkroh andrewkroh requested a review from a team April 12, 2023 15:28
P1llus
P1llus approved these changes Apr 12, 2023
View reviewed changes
Copy link
Member

@P1llus P1llus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Link in the Changelog is the wrong issue, except that LGTM! :)

@elasticmachine
Copy link
Collaborator

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2023-04-12T15:26:52.083+0000

  • Duration: 70 min 23 sec

Test stats 🧪

Test Results
Failed 0
Passed 7615
Skipped 753
Total 8368

💚 Flaky test report

Tests succeeded.

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages and run the E2E tests.

  • /beats-tester : Run the installation tests with beats-tester.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@andrewkroh andrewkroh merged commit ce8216a into elastic:main Apr 12, 2023
leehinman
leehinman approved these changes Apr 12, 2023
View reviewed changes
Copy link
Contributor

@leehinman leehinman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code LGTM

just a suggestion on documenting why 12 fields and making the error message consistent with inputs.

filebeat/input/udp/input.go
@@ -268,7 +268,7 @@ func procNetUDP(addr []string) (rx, drops int64, err error) {
}
for _, l := range lines[1:] {
f := bytes.Fields(l)
if contains(f[1], addr) {
if len(f) > 12 && contains(f[1], addr) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

12 is a little "magical", how about at least a link to kernel docs for why there should be this many fields?
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/net/ipv4/udp.c?h=v4.14.312#n2764

also fmt.Errorf above should probably use the path variable instead of "/proc/net/udp" now.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The reason I checked for 12 is because it is highest field indexed (e.g. f[12]) by this section of code.

fmt.Errorf above should probably use the path

Yeah, that thought crossed my mind. I didn't do it because it was parameterized only for testing purposes. But if you had the thought too then I will change it.

@mergify mergify bot mentioned this pull request Apr 12, 2023
Merged
andrewkroh added a commit that referenced this pull request Apr 12, 2023
@andrewkroh
filebeat/input/udp - Fix panic in linux input metrics (#35068)
3534cca 
A panic occurred while parsing /proc/net/udp and reaching the final empty line.
This occurred on Linux when the desired socket was not found in the list.

Fixes #35064

(cherry picked from commit ce8216a)
andrewkroh added a commit that referenced this pull request Apr 12, 2023
@mergify @andrewkroh
filebeat/input/udp - Fix panic in linux input metrics (#35068) (#35069)
d79fe8a 
A panic occurred while parsing /proc/net/udp and reaching the final empty line.
This occurred on Linux when the desired socket was not found in the list.

Fixes #35064

(cherry picked from commit ce8216a)

Co-authored-by: Andrew Kroh <andrew.kroh@elastic.co>
andrewkroh added a commit to andrewkroh/beats that referenced this pull request Apr 12, 2023
@andrewkroh
filebeat/input/tcp - Fix panic in linux input metrics (elastic#35068)
d24433f 
A panic occurred while parsing /proc/net/tcp and reaching the final empty line.
This occurred on Linux when the desired socket was not found in the list.

Fixes elastic#35064
@andrewkroh andrewkroh mentioned this pull request Apr 12, 2023
Merged
6 tasks
andrewkroh added a commit that referenced this pull request Apr 12, 2023
@andrewkroh
filebeat/input/tcp - Fix panic in linux input metrics (#35068) (#35074)
a550cf8 
A panic occurred while parsing /proc/net/tcp and reaching the final empty line.
This occurred on Linux when the desired socket was not found in the list.

Fixes #35064
andrewkroh added a commit that referenced this pull request Apr 12, 2023
@andrewkroh
filebeat/input/tcp - Fix panic in linux input metrics (#35068) (#35074)
73b95a1 
A panic occurred while parsing /proc/net/tcp and reaching the final empty line.
This occurred on Linux when the desired socket was not found in the list.

Fixes #35064

(cherry picked from commit a550cf8)
andrewkroh added a commit that referenced this pull request Apr 13, 2023
@mergify @andrewkroh
filebeat/input/tcp - Fix panic in linux input metrics (#35068) (#35074)…
c00c30f 
… (#35076)

A panic occurred while parsing /proc/net/tcp and reaching the final empty line.
This occurred on Linux when the desired socket was not found in the list.

Fixes #35064

(cherry picked from commit a550cf8)

Co-authored-by: Andrew Kroh <andrew.kroh@elastic.co>
@efd6 efd6 mentioned this pull request May 26, 2023
Merged
4 tasks
chrisberkhout pushed a commit that referenced this pull request Jun 1, 2023
@andrewkroh @chrisberkhout
filebeat/input/udp - Fix panic in linux input metrics (#35068)
094076d 
A panic occurred while parsing /proc/net/udp and reaching the final empty line.
This occurred on Linux when the desired socket was not found in the list.

Fixes #35064
chrisberkhout pushed a commit that referenced this pull request Jun 1, 2023
@andrewkroh @chrisberkhout
filebeat/input/tcp - Fix panic in linux input metrics (#35068) (#35074)
1bcb342 
A panic occurred while parsing /proc/net/tcp and reaching the final empty line.
This occurred on Linux when the desired socket was not found in the list.

Fixes #35064
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@leehinman leehinman leehinman approved these changes

@P1llus P1llus P1llus approved these changes

@belimawr belimawr belimawr approved these changes

Assignees

@andrewkroh andrewkroh

Labels
backport-v8.7.0 Automated backport with mergify bug Filebeat Filebeat
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Filebeat] TCP/UDP input cause a panic on Linux under certain conditions
5 participants
@andrewkroh @elasticmachine @belimawr @P1llus @leehinman