Description
Credit to @pleshakov , the telemetry collection of SnippetsFilters added in this PR has a few edge cases which lead to incorrect behavior. The issue comes up when parsing nginx directives and values. This is the current implementation of parsing Snippet values
func parseSnippetValueIntoDirectives(snippetValue string) []string {
separatedDirectives := strings.Split(snippetValue, ";")
directives := make([]string, 0, len(separatedDirectives))
for _, directive := range separatedDirectives {
// the strings.TrimSpace is needed in the case of multi-line NGINX Snippet values
directive = strings.Split(strings.TrimSpace(directive), " ")[0]
// splitting on the delimiting character can result in a directive being empty or a space/newline character,
// so we check here to ensure it's not
if directive != "" {
directives = append(directives, directive)
}
}
return directives
}
This current implementation is too lax on using the ; character as a separator for directives and leaves room for many edge cases to incorrectly get parsed.
Below are some examples:
Use of the map directive, which not only doesn't have the ; character at the end of the directive, but can have nested ; characters which are not directives.
input:
{Namespace: "test", Name: "sf-1"}: {
Snippets: map[ngfAPI.NginxContext]string{
ngfAPI.NginxContextMain: "worker_priority 0;",
ngfAPI.NginxContextHTTP: "aio on; map $http_x $x {default 0; 'abc' 1;}",
ngfAPI.NginxContextHTTPServer: "auth_delay 10s;",
ngfAPI.NginxContextHTTPServerLocation: "keepalive_time 10s;",
},
output:
SnippetsFiltersDirectives: [
"auth_delay-server",
"aio-http",
"keepalive_time-location",
"worker_priority-main",
"'abc'-http",
"client_body_timeout-http",
"map-http",
"}-http",
"allow-location",
"worker_rlimit_core-main",
"worker_rlimit_nofile-main",
"ignore_invalid_headers-server",
],
Any example with ; included in the value.
proxy_set_header hello "myvalue;abc";
Comments in general, AND if ; is inside a comment
# this is a nasty; comment
Metadata
Metadata
Assignees
Labels
Type
Projects
Status