mirror of
https://github.com/VictoriaMetrics/VictoriaMetrics.git
synced 2024-11-23 20:37:12 +01:00
lib/flagutil: prevent from integer overflow when parsing duration
This commit is contained in:
parent
38d7e96602
commit
2e30202dc7
2
go.mod
2
go.mod
@ -9,7 +9,7 @@ require (
|
||||
// like https://github.com/valyala/fasthttp/commit/996610f021ff45fdc98c2ce7884d5fa4e7f9199b
|
||||
github.com/VictoriaMetrics/fasthttp v1.0.12
|
||||
github.com/VictoriaMetrics/metrics v1.13.1
|
||||
github.com/VictoriaMetrics/metricsql v0.10.0
|
||||
github.com/VictoriaMetrics/metricsql v0.10.1
|
||||
github.com/aws/aws-sdk-go v1.37.7
|
||||
github.com/cespare/xxhash/v2 v2.1.1
|
||||
github.com/cheggaaa/pb/v3 v3.0.5
|
||||
|
4
go.sum
4
go.sum
@ -87,8 +87,8 @@ github.com/VictoriaMetrics/fasthttp v1.0.12/go.mod h1:3SeUL4zwB/p/a9aEeRc6gdlbrt
|
||||
github.com/VictoriaMetrics/metrics v1.12.2/go.mod h1:Z1tSfPfngDn12bTfZSCqArT3OPY3u88J12hSoOhuiRE=
|
||||
github.com/VictoriaMetrics/metrics v1.13.1 h1:1S9QrbXLPrcDBYLiDNIqWk9AC/lk5Ptk8eIjDIFFDsQ=
|
||||
github.com/VictoriaMetrics/metrics v1.13.1/go.mod h1:Z1tSfPfngDn12bTfZSCqArT3OPY3u88J12hSoOhuiRE=
|
||||
github.com/VictoriaMetrics/metricsql v0.10.0 h1:45BARAP2shaL/5p67Hvz+YrWUbr0X0VCy9t+gvdIm8o=
|
||||
github.com/VictoriaMetrics/metricsql v0.10.0/go.mod h1:ylO7YITho/Iw6P71oEaGyHbO94bGoGtzWfLGqFhMIg8=
|
||||
github.com/VictoriaMetrics/metricsql v0.10.1 h1:wLl/YbMmBGFPyLKMfqNLC333iygibosSM5iSvlH2B4A=
|
||||
github.com/VictoriaMetrics/metricsql v0.10.1/go.mod h1:ylO7YITho/Iw6P71oEaGyHbO94bGoGtzWfLGqFhMIg8=
|
||||
github.com/VividCortex/ewma v1.1.1 h1:MnEK4VOv6n0RSY4vtRe3h11qjxL3+t0B8yOL8iMXdcM=
|
||||
github.com/VividCortex/ewma v1.1.1/go.mod h1:2Tkkvm3sRDVXaiyucHiACn4cqf7DpdyLvmxzcbUokwA=
|
||||
github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g=
|
||||
|
@ -23,6 +23,9 @@ func TestDurationSetFailure(t *testing.T) {
|
||||
// Too big value in months
|
||||
f("12345")
|
||||
|
||||
// Too big duration
|
||||
f("100000000000y")
|
||||
|
||||
// Negative duration
|
||||
f("-1")
|
||||
f("-34h")
|
||||
|
12
vendor/github.com/VictoriaMetrics/metricsql/lexer.go
generated
vendored
12
vendor/github.com/VictoriaMetrics/metricsql/lexer.go
generated
vendored
@ -2,6 +2,7 @@ package metricsql
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math"
|
||||
"strconv"
|
||||
"strings"
|
||||
"unicode"
|
||||
@ -444,7 +445,7 @@ func DurationValue(s string, step int64) (int64, error) {
|
||||
if len(s) == 0 {
|
||||
return 0, fmt.Errorf("duration cannot be empty")
|
||||
}
|
||||
var d int64
|
||||
var d float64
|
||||
isMinus := false
|
||||
for len(s) > 0 {
|
||||
n := scanSingleDuration(s, true)
|
||||
@ -465,10 +466,13 @@ func DurationValue(s string, step int64) (int64, error) {
|
||||
isMinus = true
|
||||
}
|
||||
}
|
||||
return d, nil
|
||||
if math.Abs(d) > 1<<63-1 {
|
||||
return 0, fmt.Errorf("too big duration %.0fms", d)
|
||||
}
|
||||
return int64(d), nil
|
||||
}
|
||||
|
||||
func parseSingleDuration(s string, step int64) (int64, error) {
|
||||
func parseSingleDuration(s string, step int64) (float64, error) {
|
||||
numPart := s[:len(s)-1]
|
||||
if strings.HasSuffix(numPart, "m") {
|
||||
// Duration in ms
|
||||
@ -499,7 +503,7 @@ func parseSingleDuration(s string, step int64) (int64, error) {
|
||||
default:
|
||||
return 0, fmt.Errorf("invalid duration suffix in %q", s)
|
||||
}
|
||||
return int64(mp * f * 1e3), nil
|
||||
return mp * f * 1e3, nil
|
||||
}
|
||||
|
||||
// scanDuration scans duration, which must start with positive num.
|
||||
|
2
vendor/modules.txt
vendored
2
vendor/modules.txt
vendored
@ -16,7 +16,7 @@ github.com/VictoriaMetrics/fasthttp/fasthttputil
|
||||
github.com/VictoriaMetrics/fasthttp/stackless
|
||||
# github.com/VictoriaMetrics/metrics v1.13.1
|
||||
github.com/VictoriaMetrics/metrics
|
||||
# github.com/VictoriaMetrics/metricsql v0.10.0
|
||||
# github.com/VictoriaMetrics/metricsql v0.10.1
|
||||
github.com/VictoriaMetrics/metricsql
|
||||
github.com/VictoriaMetrics/metricsql/binaryop
|
||||
# github.com/VividCortex/ewma v1.1.1
|
||||
|
Loading…
Reference in New Issue
Block a user