elastic
[metricbeat/prometheus] Add panic recovery for Prometheus textparser
Proposed commit message
This PR hardens the Prometheus metrics parser against panics caused by malformed input data. The underlying Prometheus textparse library can panic on certain malformed inputs when calling parser.Labels() or parser.Exemplar(). These panics can crash Metricbeat when scraping endpoints that return unexpected data.
- Panic recovery: Added
safeLabelsandsafeExemplarwrapper functions that usedefer recover()to catch panics from the Prometheus parser library - Nil pointer fix: Fixed
MetricFamily.GetUnit()to check for nilUnitbefore dereferencing
Checklist
- [x] My code follows the style guidelines of this project
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [ ] I have made corresponding change to the default configuration files
- [x] I have added tests that prove my fix is effective or that my feature works. Where relevant, I have used the
stresstest.shscript to run them under stress conditions and race detector to verify their stability. - [x] I have added an entry in
./changelog/fragmentsusing the changelog tool.
Author's Checklist
- Safeguard against panics when encountered unexpected data
- Added
TestParseMetricFamiliesMalformedInputwith known crash-inducing inputs - Added fuzz test
FuzzParseMetricFamiliesto discover future crash inputs - Added unit tests for struct getter methods to increase coverage
:robot: GitHub comments
Just comment with:
rundocs-build: Re-trigger the docs validation. (use unformatted text in the comment!)
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This pull request does not have a backport label. If this is a bug or security fix, could you label this PR @shmsr? 🙏. For such, you'll need to label your PR with:
- The upcoming major version of the Elastic Stack
- The upcoming minor version of the Elastic Stack (if you're not pushing a breaking change)
To fixup this pull request, you need to add the backport labels for the needed branches, such as:
backport-8./dis the label to automatically backport to the8./dbranch./dis the digitbackport-active-allis the label that automatically backports to all active branches.backport-active-8is the label that automatically backports to all active minor branches for the 8 major.backport-active-9is the label that automatically backports to all active minor branches for the 9 major.
![mergify[bot] avatar](https://avatars.githubusercontent.com/in/10562?v=4 "Published by a pub.dev verified publisher"){kind=small}
Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane)
backport 8.19 9.1 9.2 9.3
❌ No backport have been created
- #48124 [8.19](backport #47914) [metricbeat/prometheus] Add panic recovery for Prometheus textparser has been created for branch
8.19 - #48125 [9.1](backport #47914) [metricbeat/prometheus] Add panic recovery for Prometheus textparser has been created for branch
9.1 - #48126 [9.2](backport #47914) [metricbeat/prometheus] Add panic recovery for Prometheus textparser has been created for branch
9.2 - Backport to branch
9.3failed
GitHub error: Branch not found