add profile validation

Author: s1gr1d

dev-packages/browser-integration-tests/package.json

@@ -16,7 +16,7 @@
     "postinstall": "yarn install-browsers",
     "pretest": "yarn clean && yarn type-check",
     "test": "yarn test:all --project='chromium'",
-    "test:all": "npx playwright test -c playwright.browser.config.ts",
+    "test:all": "npx playwright test -c playwright.browser.config.ts -g 'trace mode'",
     "test:bundle": "PW_BUNDLE=bundle yarn test",
     "test:bundle:min": "PW_BUNDLE=bundle_min yarn test",
     "test:bundle:replay": "PW_BUNDLE=bundle_replay yarn test",

packages/browser/src/profiling/lifecycleMode/traceLifecycleProfiler.ts

@@ -12,7 +12,7 @@ import {
 } from '@sentry/core';
 import { DEBUG_BUILD } from '../../debug-build';
 import type { JSSelfProfiler } from '../jsSelfProfiling';
-import { createProfileChunkPayload, startJSSelfProfile } from '../utils';
+import { createProfileChunkPayload, startJSSelfProfile, validateProfileChunk } from '../utils';
 
 const CHUNK_INTERVAL_MS = 60_000;
 
@@ -269,10 +269,18 @@ export class BrowserTraceLifecycleProfiler {
       // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
       const chunk = createProfileChunkPayload(profile, this._client!, this._profilerId);
 
+      // Validate chunk before sending
+      const { valid, reason } = validateProfileChunk(chunk);
+      if (!valid) {
+        DEBUG_BUILD &&
+          debug.log('[Profiling] Discarding invalid profile chunk (this is probably a bug in the SDK):', reason);
+        return;
+      }
+
       this._sendProfileChunk(chunk);
       DEBUG_BUILD && debug.log('[Profiling] Collected browser profile chunk.');
     } catch (e) {
-      DEBUG_BUILD && debug.log('[Profiling] Error while stopping JS self profiler for chunk:', e);
+      DEBUG_BUILD && debug.log('[Profiling] Error while stopping JS Profiler for chunk:', e);
     }
   }
 

packages/browser/src/profiling/utils.ts

@@ -248,6 +248,67 @@ export function createProfileChunkPayload(
   };
 }
 
+/**
+ * Validate a profile chunk against the Sample Format V2 requirements.
+ * https://develop.sentry.dev/sdk/telemetry/profiles/sample-format-v2/
+ * - Presence of samples, stacks, frames
+ * - Required metadata fields
+ */
+export function validateProfileChunk(chunk: ProfileChunk): { valid: boolean; reason?: string } {
+  try {
+    // Required metadata
+    if (!chunk || typeof chunk !== 'object') {
+      return { valid: false, reason: 'chunk is not an object' };
+    }
+
+    // profiler_id and chunk_id must be 32 lowercase hex chars
+    const isHex32 = (val: unknown): boolean => typeof val === 'string' && /^[a-f0-9]{32}$/.test(val);
+    if (!isHex32(chunk.profiler_id)) {
+      return { valid: false, reason: 'missing or invalid profiler_id' };
+    }
+    if (!isHex32(chunk.chunk_id)) {
+      return { valid: false, reason: 'missing or invalid chunk_id' };
+    }
+
+    // client_sdk name/version are required
+    if (
+      !chunk.client_sdk ||
+      typeof chunk.client_sdk.name !== 'string' ||
+      typeof chunk.client_sdk.version !== 'string'
+    ) {
+      return { valid: false, reason: 'missing client_sdk metadata' };
+    }
+
+    if (typeof chunk.platform !== 'string') {
+      return { valid: false, reason: 'missing platform' };
+    }
+
+    if (typeof chunk.release !== 'string') {
+      return { valid: false, reason: 'missing release' };
+    }
+
+    // Profile data must have frames, stacks, samples
+    const profile = chunk.profile as { frames?: unknown[]; stacks?: unknown[]; samples?: unknown[] } | undefined;
+    if (!profile) {
+      return { valid: false, reason: 'missing profile data' };
+    }
+
+    if (!Array.isArray(profile.frames) || profile.frames.length === 0) {
+      return { valid: false, reason: 'profile has no frames' };
+    }
+    if (!Array.isArray(profile.stacks) || profile.stacks.length === 0) {
+      return { valid: false, reason: 'profile has no stacks' };
+    }
+    if (!Array.isArray(profile.samples) || profile.samples.length === 0) {
+      return { valid: false, reason: 'profile has no samples' };
+    }
+
+    return { valid: true };
+  } catch (e) {
+    return { valid: false, reason: `unknown validation error: ${e}` };
+  }
+}
+
 /**
  * Convert from JSSelfProfile format to ContinuousThreadCpuProfile format.
  */