async ttrpc: Fix the bug caused by oversized packets

Fix #198

Signed-off-by: Tim Zhang <[email protected]>

Author: Tim-Zhang

src/asynchronous/client.rs

@@ -17,8 +17,8 @@ use tokio::{self, sync::mpsc, task};
 use crate::common::client_connect;
 use crate::error::{Error, Result};
 use crate::proto::{
-    Code, Codec, GenMessage, Message, Request, Response, FLAG_REMOTE_CLOSED, FLAG_REMOTE_OPEN,
-    MESSAGE_TYPE_DATA, MESSAGE_TYPE_RESPONSE,
+    Code, Codec, GenMessage, Message, MessageHeader, Request, Response, FLAG_REMOTE_CLOSED,
+    FLAG_REMOTE_OPEN, MESSAGE_TYPE_DATA, MESSAGE_TYPE_RESPONSE,
 };
 use crate::r#async::connection::*;
 use crate::r#async::shutdown;
@@ -97,6 +97,7 @@ impl Client {
         };
 
         let msg = result?;
+
         let res = Response::decode(msg.payload)
             .map_err(err_to_others_err!(e, "Unpack response error "))?;
 
@@ -223,6 +224,58 @@ impl WriterDelegate for ClientWriter {
     }
 }
 
+async fn get_resp_tx(
+    req_map: Arc<Mutex<HashMap<u32, ResultSender>>>,
+    header: &MessageHeader,
+) -> Option<ResultSender> {
+    let resp_tx = match header.type_ {
+        MESSAGE_TYPE_RESPONSE => match req_map.lock().unwrap().remove(&header.stream_id) {
+            Some(tx) => tx,
+            None => {
+                debug!("Receiver got unknown response packet {:?}", header);
+                return None;
+            }
+        },
+        MESSAGE_TYPE_DATA => {
+            if (header.flags & FLAG_REMOTE_CLOSED) == FLAG_REMOTE_CLOSED {
+                match req_map.lock().unwrap().remove(&header.stream_id) {
+                    Some(tx) => tx,
+                    None => {
+                        debug!("Receiver got unknown data packet {:?}", header);
+                        return None;
+                    }
+                }
+            } else {
+                match req_map.lock().unwrap().get(&header.stream_id) {
+                    Some(tx) => tx.clone(),
+                    None => {
+                        debug!("Receiver got unknown data packet {:?}", header);
+                        return None;
+                    }
+                }
+            }
+        }
+        _ => {
+            let resp_tx = match req_map.lock().unwrap().remove(&header.stream_id) {
+                Some(tx) => tx,
+                None => {
+                    debug!("Receiver got unknown packet {:?}", header);
+                    return None;
+                }
+            };
+            resp_tx
+                .send(Err(Error::Others(format!(
+                    "Receiver got malformed packet {header:?}"
+                ))))
+                .await
+                .unwrap_or_else(|_e| error!("The request has returned"));
+            return None;
+        }
+    };
+
+    Some(resp_tx)
+}
+
 struct ClientReader {
     streams: Arc<Mutex<HashMap<u32, ResultSender>>>,
     shutdown_waiter: shutdown::Waiter,
@@ -252,59 +305,27 @@ impl ReaderDelegate for ClientReader {
 
     async fn exit(&self) {}
 
+    async fn handle_err(&self, header: MessageHeader, e: Error) {
+        let req_map = self.streams.clone();
+        tokio::spawn(async move {
+            if let Some(resp_tx) = get_resp_tx(req_map, &header).await {
+                resp_tx
+                    .send(Err(e))
+                    .await
+                    .unwrap_or_else(|_e| error!("The request has returned"));
+            }
+        });
+    }
+
     async fn handle_msg(&self, msg: GenMessage) {
         let req_map = self.streams.clone();
         tokio::spawn(async move {
-            let resp_tx = match msg.header.type_ {
-                MESSAGE_TYPE_RESPONSE => {
-                    match req_map.lock().unwrap().remove(&msg.header.stream_id) {
-                        Some(tx) => tx,
-                        None => {
-                            debug!("Receiver got unknown response packet {:?}", msg);
-                            return;
-                        }
-                    }
-                }
-                MESSAGE_TYPE_DATA => {
-                    if (msg.header.flags & FLAG_REMOTE_CLOSED) == FLAG_REMOTE_CLOSED {
-                        match req_map.lock().unwrap().remove(&msg.header.stream_id) {
-                            Some(tx) => tx.clone(),
-                            None => {
-                                debug!("Receiver got unknown data packet {:?}", msg);
-                                return;
-                            }
-                        }
-                    } else {
-                        match req_map.lock().unwrap().get(&msg.header.stream_id) {
-                            Some(tx) => tx.clone(),
-                            None => {
-                                debug!("Receiver got unknown data packet {:?}", msg);
-                                return;
-                            }
-                        }
-                    }
-                }
-                _ => {
-                    let resp_tx = match req_map.lock().unwrap().remove(&msg.header.stream_id) {
-                        Some(tx) => tx,
-                        None => {
-                            debug!("Receiver got unknown packet {:?}", msg);
-                            return;
-                        }
-                    };
-                    resp_tx
-                        .send(Err(Error::Others(format!(
-                            "Receiver got malformed packet {msg:?}"
-                        ))))
-                        .await
-                        .unwrap_or_else(|_e| error!("The request has returned"));
-                    return;
-                }
-            };
-            resp_tx
-                .send(Ok(msg))
-                .await
-                .unwrap_or_else(|_e| error!("The request has returned"));
+            if let Some(resp_tx) = get_resp_tx(req_map, &msg.header).await {
+                resp_tx
+                    .send(Ok(msg))
+                    .await
+                    .unwrap_or_else(|_e| error!("The request has returned"));
+            }
         });
     }
 }

src/asynchronous/connection.rs

@@ -14,7 +14,7 @@ use tokio::{
 };
 
 use crate::error::Error;
-use crate::proto::GenMessage;
+use crate::proto::{GenMessage, GenMessageError, MessageHeader};
 
 pub trait Builder {
     type Reader;
@@ -36,6 +36,7 @@ pub trait ReaderDelegate {
     async fn disconnect(&self, e: Error, task: &mut task::JoinHandle<()>);
     async fn exit(&self);
     async fn handle_msg(&self, msg: GenMessage);
+    async fn handle_err(&self, header: MessageHeader, e: Error);
 }
 
 pub struct Connection<S, B: Builder> {
@@ -89,7 +90,12 @@ where
                             trace!("Got Message {:?}", msg);
                             reader_delegate.handle_msg(msg).await;
                         }
-                        Err(e) => {
+                        Err(GenMessageError::ReturnError(header, e)) => {
+                            trace!("Read msg err (can be return): {:?}", e);
+                            reader_delegate.handle_err(header, e).await;
+                        }
+
+                        Err(GenMessageError::InternalError(e)) => {
                             trace!("Read msg err: {:?}", e);
                             reader_delegate.disconnect(e, &mut writer_task).await;
                             break;

src/asynchronous/server.rs

@@ -386,6 +386,10 @@ impl ReaderDelegate for ServerReader {
             }
         });
     }
+
+    async fn handle_err(&self, header: MessageHeader, e: Error) {
+        self.context().handle_err(header, e).await
+    }
 }
 
 impl ServerReader {
@@ -410,6 +414,14 @@ struct HandlerContext {
 }
 
 impl HandlerContext {
+    async fn handle_err(&self, header: MessageHeader, e: Error) {
+        Self::respond(self.tx.clone(), header.stream_id, e.into())
+            .await
+            .map_err(|e| {
+                error!("respond error got error {:?}", e);
+            })
+            .ok();
+    }
     async fn handle_msg(&self, msg: GenMessage) {
         let stream_id = msg.header.stream_id;
 

src/proto.rs

@@ -45,6 +45,27 @@ pub(crate) fn check_oversize(len: usize, return_rpc_error: bool) -> TtResult<()>
     Ok(())
 }
 
+// Discard the unwanted message body
+#[cfg(feature = "async")]
+async fn discard_message_body(
+    mut reader: impl tokio::io::AsyncReadExt + Unpin,
+    header: &MessageHeader,
+) -> TtResult<()> {
+    let mut need_discard = header.length as usize;
+
+    while need_discard > 0 {
+        let once_discard = std::cmp::min(DEFAULT_PAGE_SIZE, need_discard);
+        let mut content = vec![0; once_discard];
+        reader
+            .read_exact(&mut content)
+            .await
+            .map_err(|e| Error::Socket(e.to_string()))?;
+        need_discard -= once_discard;
+    }
+
+    Ok(())
+}
+
 /// Message header of ttrpc.
 #[derive(Default, Debug, Clone, Copy, PartialEq, Eq)]
 pub struct MessageHeader {
@@ -174,6 +195,18 @@ pub struct GenMessage {
     pub payload: Vec<u8>,
 }
 
+#[derive(Debug, PartialEq)]
+pub enum GenMessageError {
+    InternalError(Error),
+    ReturnError(MessageHeader, Error),
+}
+
+impl From<Error> for GenMessageError {
+    fn from(e: Error) -> Self {
+        Self::InternalError(e)
+    }
+}
+
 #[cfg(feature = "async")]
 impl GenMessage {
     /// Encodes a MessageHeader to writer.
@@ -193,19 +226,16 @@ impl GenMessage {
     }
 
     /// Decodes a MessageHeader from reader.
-    pub async fn read_from(mut reader: impl tokio::io::AsyncReadExt + Unpin) -> TtResult<Self> {
+    pub async fn read_from(
+        mut reader: impl tokio::io::AsyncReadExt + Unpin,
+    ) -> std::result::Result<Self, GenMessageError> {
         let header = MessageHeader::read_from(&mut reader)
             .await
             .map_err(|e| Error::Socket(e.to_string()))?;
 
-        if header.length > MESSAGE_LENGTH_MAX as u32 {
-            return Err(get_rpc_status(
-                Code::INVALID_ARGUMENT,
-                format!(
-                    "message length {} exceed maximum message size of {}",
-                    header.length, MESSAGE_LENGTH_MAX
-                ),
-            ));
+        if let Err(e) = check_oversize(header.length as usize, true) {
+            discard_message_body(reader, &header).await?;
+            return Err(GenMessageError::ReturnError(header, e));
         }
 
         let mut content = vec![0; header.length as usize];
@@ -328,14 +358,12 @@ where
             .await
             .map_err(|e| Error::Socket(e.to_string()))?;
 
-        if header.length > MESSAGE_LENGTH_MAX as u32 {
-            return Err(get_rpc_status(
-                Code::INVALID_ARGUMENT,
-                format!(
-                    "message length {} exceed maximum message size of {}",
-                    header.length, MESSAGE_LENGTH_MAX
-                ),
-            ));
+        if check_oversize(header.length as usize, true).is_err() {
+            discard_message_body(reader, &header).await?;
+            return Ok(Self {
+                header,
+                payload: C::decode("").map_err(err_to_others_err!(e, "Decode payload failed."))?,
+            });
         }
 
         let mut content = vec![0; header.length as usize];
@@ -447,11 +475,21 @@ mod tests {
     #[cfg(feature = "async")]
     #[tokio::test]
     async fn async_gen_message() {
+        // Test packet which exceeds maximum message size
         let mut buf = Vec::from(MESSAGE_HEADER);
-        buf.extend_from_slice(&PROTOBUF_REQUEST);
-        let res = GenMessage::read_from(&*buf).await;
-        // exceed maximum message size
-        assert!(matches!(res, Err(Error::RpcStatus(_))));
+        let header = MessageHeader::read_from(&*buf).await.expect("read header");
+        buf.append(&mut vec![0x0; header.length as usize]);
+
+        match GenMessage::read_from(&*buf).await {
+            Err(GenMessageError::ReturnError(h, Error::RpcStatus(s))) => {
+                if h != header || s.code() != crate::proto::Code::INVALID_ARGUMENT {
+                    panic!("got invalid error when the size exceeds limit");
+                }
+            }
+            _ => {
+                panic!("got invalid error when the size exceeds limit");
+            }
+        }
 
         let mut buf = Vec::from(PROTOBUF_MESSAGE_HEADER);
         buf.extend_from_slice(&PROTOBUF_REQUEST);
@@ -477,11 +515,17 @@ mod tests {
     #[cfg(feature = "async")]
     #[tokio::test]
     async fn async_message() {
+        // Test packet which exceeds maximum message size
         let mut buf = Vec::from(MESSAGE_HEADER);
-        buf.extend_from_slice(&PROTOBUF_REQUEST);
-        let res = Message::<Request>::read_from(&*buf).await;
-        // exceed maximum message size
-        assert!(matches!(res, Err(Error::RpcStatus(_))));
+        let header = MessageHeader::read_from(&*buf).await.expect("read header");
+        buf.append(&mut vec![0x0; header.length as usize]);
+
+        let gen = Message::<Request>::read_from(&*buf)
+            .await
+            .expect("read message");
+
+        assert_eq!(gen.header, header);
+        assert_eq!(protobuf::Message::compute_size(&gen.payload), 0);
 
         let mut buf = Vec::from(PROTOBUF_MESSAGE_HEADER);
         buf.extend_from_slice(&PROTOBUF_REQUEST);

src/sync/client.rs

@@ -24,9 +24,10 @@ use std::sync::{Arc, Mutex};
 use std::thread;
 use std::time::Duration;
 
-use crate::common::check_oversize;
 use crate::error::{Error, Result};
-use crate::proto::{Code, Codec, MessageHeader, Request, Response, MESSAGE_TYPE_RESPONSE};
+use crate::proto::{
+    check_oversize, Code, Codec, MessageHeader, Request, Response, MESSAGE_TYPE_RESPONSE,
+};
 use crate::sync::channel::{read_message, write_message};
 use crate::sync::sys::ClientConnection;
 

src/sync/utils.rs

@@ -3,9 +3,10 @@
 // SPDX-License-Identifier: Apache-2.0
 //
 
-use crate::common::check_oversize;
 use crate::error::{Error, Result};
-use crate::proto::{Codec, MessageHeader, Request, Response, MESSAGE_TYPE_RESPONSE};
+use crate::proto::{
+    check_oversize, Codec, MessageHeader, Request, Response, MESSAGE_TYPE_RESPONSE,
+};
 use std::collections::HashMap;
 
 /// Response message through a channel.