armeria icon indicating copy to clipboard operation
armeria copied to clipboard
verified publisher icon line

Fix to reject any unintended parameters in multipart request.

Open Bue-von-hon opened this issue 1 year ago • 19 comments

Motivation: this resolves #5549

Modifications:

  • Fix(AnnotatedServiceMultipartTest): Add test for upload multipart file with unexpected parameters in AnnotatedServiceMultipartTest.
  • Fix(AnnotatedService): Fix to include a list of intended parameters in the ServiceRequestContext.
  • Fix(FileAggregatedMultipart): Fix to check if any variables are passed in the list of intended parameters and throw an acceptance if not.

Result: Multipart requests with unintended parameters will no longer create files.

Bue-von-hon avatar Apr 05 '24 07:04 Bue-von-hon

I'm concerned that the behavior of pulling values from ServiceRequestContext is not clean. Moreover, since the graphql service doesn't take parameters, I realized that I should have allowed all cases where the value is not set in the ServiceRequestContext.

Bue-von-hon avatar Apr 05 '24 08:04 Bue-von-hon

🔍 Build Scan® (commit: 70bcdadac6b36c354e32f656731f2a6cdd7b9ef7)

Job name Status Build Scan®
build-ubicloud-standard-8-jdk-8 https://ge.armeria.dev/s/2jje3vw3fmdgy
build-ubicloud-standard-8-jdk-21-snapshot-blockhound https://ge.armeria.dev/s/vgvwe7jw3hrl2
build-ubicloud-standard-8-jdk-17-min-java-17-coverage https://ge.armeria.dev/s/xw2tyvv44bdt6
build-ubicloud-standard-8-jdk-17-min-java-11 https://ge.armeria.dev/s/pkkiocrxogndw
build-ubicloud-standard-8-jdk-17-leak https://ge.armeria.dev/s/sjsy3jzzslzx2
build-ubicloud-standard-8-jdk-11 https://ge.armeria.dev/s/w4y3pwvhy5doe
build-macos-12-jdk-21 https://ge.armeria.dev/s/e7lcjyjyqu3qu

github-actions[bot] avatar Apr 05 '24 22:04 github-actions[bot]

Resolved all comments PTAL @trustin

Bue-von-hon avatar May 17 '24 08:05 Bue-von-hon

Fixed missing GPG signature. But now I have a duplicate commit. I'll fix it soon. 🥲

Bue-von-hon avatar May 17 '24 09:05 Bue-von-hon

Fixed missing GPG signature. But now I have a duplicate commit. I'll fix it soon. 🥲

Fixed it all. 🙂

Bue-von-hon avatar May 20 '24 01:05 Bue-von-hon

Resolves all! PTAL

Bue-von-hon avatar Jun 19 '24 11:06 Bue-von-hon

``I've resolved code review. @trustin @minwoox @jrhee17 @ikhoon I hold off on renaming the filterBodyParts method of the Multipart interface. The method named filter exists in the StreamMessage interface because the DefaultMultipart class uses the StreamMessage interface and the Multipart interface. If we change the name of the method, it will cause a conflict, so it's better to have different names to distinguish them. Another option is to use composition. Implementations are always open to change, so feel free to comment if there is a better way.

by the way, multipartSingleFile and multipartFileList test broken in my local. (java/com/linecorp/armeria/graphql/GraphqlTest.java) I think the changes I added might have had an impact, but I'm not sure. I checked the configure method of that class, expecting to find something related to operations, but there isn't.

GraphqlTest > multipartFileList() FAILED
    org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: "'operations' form field is missing"
        at app//org.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:103)
        at app//org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:183)
        at app//org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:137)
        at app//org.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63)
        at app//org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:942)
        at app//org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:891)
        at app//org.springframework.web.client.RestTemplate.execute(RestTemplate.java:830)
        at app//org.springframework.web.client.RestTemplate.postForEntity(RestTemplate.java:556)
        at app//com.linecorp.armeria.graphql.GraphqlTest.multipartFileList(GraphqlTest.java:135)

GraphqlTest > multipartSingleFile() FAILED
    org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: "'operations' form field is missing"
        at app//org.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:103)
        at app//org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:183)
        at app//org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:137)
        at app//org.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63)
        at app//org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:942)
        at app//org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:891)
        at app//org.springframework.web.client.RestTemplate.execute(RestTemplate.java:830)
        at app//org.springframework.web.client.RestTemplate.postForEntity(RestTemplate.java:556)
        at app//com.linecorp.armeria.graphql.GraphqlTest.multipartSingleFile(GraphqlTest.java:116)

Bue-von-hon avatar Jul 15 '24 06:07 Bue-von-hon

Since the graphql api had no parameters, the tests were failing. To fix this, I modified it to not consider the parameter if it is empty. PTAL @trustin @minwoox @jrhee17 @ikhoon

Bue-von-hon avatar Aug 02 '24 04:08 Bue-von-hon

The file is deleted as soon as the request is processed, so the test was always succeeding. This is now fixed by using the response value to validate. PTAL @jrhee17 @minwoox @trustin @ikhoon

Bue-von-hon avatar Sep 17 '24 12:09 Bue-von-hon