Skip to content

Commit f2244cd

Browse files
edsiperedsiper
committed
opentelemetry: traces: strict check when decoding IDs
Signed-off-by: Eduardo Silva <[email protected]>
1 parent c576b1e commit f2244cd

File tree

1 file changed

+38
-13
lines changed

1 file changed

+38
-13
lines changed

src/opentelemetry/flb_opentelemetry_traces.c

Lines changed: 38 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -465,8 +465,13 @@ static int process_links(struct ctrace *ctr,
465465
}
466466

467467
/* decode the hex string (16 bytes) */
468-
flb_otel_utils_hex_to_id((char *) trace_id->via.str.ptr, trace_id->via.str.size,
469-
(unsigned char *) trace_id_bin, 16);
468+
if (flb_otel_utils_hex_to_id((char *) trace_id->via.str.ptr, trace_id->via.str.size,
469+
(unsigned char *) trace_id_bin, 16) != 0) {
470+
if (error_status) {
471+
*error_status = FLB_OTEL_TRACES_ERR_INVALID_LINK_TRACE_ID;
472+
}
473+
return -1;
474+
}
470475
}
471476

472477
if (!trace_id) {
@@ -497,8 +502,13 @@ static int process_links(struct ctrace *ctr,
497502

498503
/* decode the hex string (8 bytes) */
499504
memset(tmp, '\0', sizeof(tmp));
500-
flb_otel_utils_hex_to_id((char *) span_id->via.str.ptr, span_id->via.str.size,
501-
(unsigned char *) span_id_bin, 8);
505+
if (flb_otel_utils_hex_to_id((char *) span_id->via.str.ptr, span_id->via.str.size,
506+
(unsigned char *) span_id_bin, 8) != 0) {
507+
if (error_status) {
508+
*error_status = FLB_OTEL_TRACES_ERR_INVALID_LINK_SPAN_ID;
509+
}
510+
return -1;
511+
}
502512
}
503513

504514
if (!span_id) {
@@ -708,9 +718,14 @@ static int process_spans(struct ctrace *ctr,
708718

709719
/* decode the hex string (16 bytes) */
710720
memset(tmp, '\0', sizeof(tmp));
711-
flb_otel_utils_hex_to_id((char *) span.via.map.ptr[ret].val.via.str.ptr,
712-
span.via.map.ptr[ret].val.via.str.size,
713-
(unsigned char *) tmp, 16);
721+
if (flb_otel_utils_hex_to_id((char *) span.via.map.ptr[ret].val.via.str.ptr,
722+
span.via.map.ptr[ret].val.via.str.size,
723+
(unsigned char *) tmp, 16) != 0) {
724+
if (error_status) {
725+
*error_status = FLB_OTEL_TRACES_ERR_INVALID_TRACE_ID;
726+
}
727+
return -1;
728+
}
714729
ctr_span_set_trace_id(ctr_span, tmp, 16);
715730
}
716731

@@ -733,9 +748,14 @@ static int process_spans(struct ctrace *ctr,
733748

734749
/* decode the hex string (8 bytes) */
735750
memset(tmp, '\0', sizeof(tmp));
736-
flb_otel_utils_hex_to_id((char *) span.via.map.ptr[ret].val.via.str.ptr,
737-
span.via.map.ptr[ret].val.via.str.size,
738-
(unsigned char *) tmp, 8);
751+
if (flb_otel_utils_hex_to_id((char *) span.via.map.ptr[ret].val.via.str.ptr,
752+
span.via.map.ptr[ret].val.via.str.size,
753+
(unsigned char *) tmp, 8) != 0) {
754+
if (error_status) {
755+
*error_status = FLB_OTEL_TRACES_ERR_INVALID_SPAN_ID;
756+
}
757+
return -1;
758+
}
739759
ctr_span_set_span_id(ctr_span, tmp, 8);
740760
}
741761

@@ -776,9 +796,14 @@ static int process_spans(struct ctrace *ctr,
776796

777797
/* decode the hex string (8 bytes) */
778798
memset(tmp, '\0', sizeof(tmp));
779-
flb_otel_utils_hex_to_id((char *) span.via.map.ptr[ret].val.via.str.ptr,
780-
span.via.map.ptr[ret].val.via.str.size,
781-
(unsigned char *) tmp, 8);
799+
if (flb_otel_utils_hex_to_id((char *) span.via.map.ptr[ret].val.via.str.ptr,
800+
span.via.map.ptr[ret].val.via.str.size,
801+
(unsigned char *) tmp, 8) != 0) {
802+
if (error_status) {
803+
*error_status = FLB_OTEL_TRACES_ERR_INVALID_PARENT_SPAN_ID;
804+
}
805+
return -1;
806+
}
782807
ctr_span_set_parent_span_id(ctr_span, tmp, 8);
783808
}
784809

0 commit comments

Comments
 (0)