libxlio icon indicating copy to clipboard operation
libxlio copied to clipboard
verified publisher icon Mellanox

issue: 4583806 Inline configuration anomalies detection

Open OmriRitblat opened this issue 2 months ago • 7 comments

Description

Improves input validation for inline XLIO configuration parsing.

Enhancements include:

  • Rejecting whitespace within parameter values
  • Rejecting keys with multiple dots or a trailing dot
  • Extending existing gtests to cover these malformed input cases
What

Improves input validation in inline_loader

Why ?

bug [XLIO] Bug SW [#4583806]: [XLIO][Config] Inline configuration syntax anomalies

How ?

It is optional but for complex PRs please provide information about the design, architecture, approach, etc.

Change type

What kind of change does this PR introduce?

  • [x] Bugfix
  • [ ] Feature
  • [ ] Code style update
  • [ ] Refactoring (no functional changes, no api changes)
  • [ ] Build related changes
  • [ ] CI related changes
  • [ ] Documentation content changes
  • [x] Tests
  • [ ] Other

Check list

  • [ ] Code follows the style de facto guidelines of this project
  • [ ] Comments have been inserted in hard to understand places
  • [ ] Documentation has been updated (if necessary)
  • [ ] Test has been added (if possible)

OmriRitblat avatar Oct 29 '25 14:10 OmriRitblat

Can one of the admins verify this patch?

svc-nbu-swx-media avatar Oct 29 '25 14:10 svc-nbu-swx-media

@OmriRitblat - fill the Description here "Description Please provide a summary of the change.

What Subject: what this PR is doing in one line.

Why ? Justification for the PR. If there is existing issue/bug please reference.

How ? It is optional but for complex PRs please provide information about the design, architecture, approach, etc."

tomerdbz avatar Nov 02 '25 09:11 tomerdbz

bot:restart

OmriRitblat avatar Nov 12 '25 13:11 OmriRitblat

bot:retest

OmriRitblat avatar Nov 17 '25 08:11 OmriRitblat

Greptile Summary

  • Enhances inline configuration validation by rejecting whitespace in values and malformed key patterns (consecutive/trailing dots)
  • Adds comprehensive test coverage for various whitespace characters (tab, newline, carriage return, vertical tab, form feed) and malformed key formats
  • Missing validation for whitespace in keys allows malformed input like "core . log=5" to be silently normalized to "core.log=5"

Confidence Score: 2/5

  • This PR has a critical gap that allows malformed configuration keys to pass validation
  • The implementation successfully adds whitespace validation for values and dot validation for keys, but critically misses whitespace validation for keys themselves (line 92-99). This allows inputs like "core . log=5" to be silently normalized instead of rejected, contradicting the PR's stated goal to "reject whitespace within parameter values" and creating inconsistent validation behavior
  • src/core/config/loaders/inline_loader.cpp requires attention - add whitespace validation for keys before remove_spaces is called

Important Files Changed

Filename Overview
src/core/config/loaders/inline_loader.cpp Added whitespace detection for values and dot validation for keys, but missing critical whitespace validation for keys (allows malformed input like "core . log=5")

Sequence Diagram

sequenceDiagram
    participant User
    participant inline_loader
    participant Validators
    participant parse_value_strict
    
    User->>inline_loader: "load_all()"
    inline_loader->>inline_loader: "parse_inline_data()"
    inline_loader->>Validators: "validate_input_format(config)"
    Validators-->>inline_loader: "OK"
    inline_loader->>inline_loader: "split_strict(config, COMMA)"
    loop "For each pair"
        inline_loader->>Validators: "validate_key_value_pair(kv)"
        Validators-->>inline_loader: "OK"
        inline_loader->>inline_loader: "extract key and value"
        inline_loader->>Validators: "contains_quotes(key)"
        Validators-->>inline_loader: "false"
        inline_loader->>Validators: "contains_quotes(val)"
        Validators-->>inline_loader: "false"
        inline_loader->>Validators: "contains_whitespace(val)"
        Validators-->>inline_loader: "false"
        inline_loader->>Validators: "validate_value_characters(val)"
        Validators-->>inline_loader: "OK"
        inline_loader->>inline_loader: "remove_spaces(key and val)"
        inline_loader->>Validators: "validate_key_format(key)"
        Validators->>Validators: "check key characters"
        Validators->>Validators: "check trailing dot"
        Validators->>Validators: "check consecutive dots"
        Validators-->>inline_loader: "OK"
        inline_loader->>parse_value_strict: "parse_value_strict(val, key)"
        parse_value_strict-->>inline_loader: "parsed value"
        inline_loader->>inline_loader: "store in m_data"
    end
    inline_loader-->>User: "configuration map"

greptile-apps[bot] avatar Nov 19 '25 15:11 greptile-apps[bot]

bot:retest

OmriRitblat avatar Nov 19 '25 16:11 OmriRitblat

bot:retest

OmriRitblat avatar Nov 25 '25 07:11 OmriRitblat