ocket8888 opened a new issue #5012:
URL: https://github.com/apache/trafficcontrol/issues/5012
## I'm submitting a ...
- bug report
## Traffic Control components affected ...
- Traffic Ops
## Current behavior:
When passing a request that's missing the `deliveryservice` property to
`/deliveryservice_request`'s POST handler, the request's goroutine will
segfault and panic.
## Expected / new behavior:
Invalid requests should not be capable of causing a server-side segfault.
## Minimal reproduction of the problem with instructions:
POST to `/deliveryservice_request` with a request body not containing a
`deliveryservice` property (probably `"deliveryservice": null` works too, but I
haven't checked). Simplest body to reproduce the error is just `{}`.
## Anything else:
<details>
<summary>Full HTTP stack</summary>
```http
POST /api/2.0/deliveryservice_requests HTTP/1.1
User-Agent: python-requests/2.22.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
Cookie:
mojolicious=eyJhdXRoX2RhdGEiOiJhZG1pbiIsImV4cGlyZXMiOjE1OTkxODIwNjQsImJ5IjoidHJhZmZpY2NvbnRyb2wtZ28tdG9jb29raWUifQ--fd12037b48601a4f29a16fd06a9881c19be9456b
Content-Length: 2
{}
```
```http
HTTP/1.1 500 Internal Server Error
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type,
Accept, Set-Cookie, Cookie
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/json
Set-Cookie:
mojolicious=eyJhdXRoX2RhdGEiOiJhZG1pbiIsImV4cGlyZXMiOjE1OTkxNjQwNjQsImJ5IjoidHJhZmZpY2NvbnRyb2wtZ28tdG9jb29raWUifQ--de133c58fd1afe4b253fe6d920be7002dfdb4513;
Path=/; Expires=Thu, 03 Sep 2020 20:14:24 GMT; Max-Age=3600; HttpOnly
Vary: Accept-Encoding
Whole-Content-Sha512:
/HT8WHLIsAIPgTPjZAa4GmpUwYtwph3fcU1//Cr7W4rkL1lKRW3kUEDTIz1DoA3/zUm3oa0elunc5VHcism6Qg==
X-Server-Name: traffic_ops_golang/
Date: Thu, 03 Sep 2020 19:14:24 GMT
Content-Length: 83
{
"alerts": [
{
"text": "Internal Server Error",
"level": "error"
}
]
}
```
</details>
<details>
<summary>Traffic Ops Logs</summary>
```
trafficops_1 | INFO: routing.go:249: 2020-09-03T19:05:31.140864324Z:
POST /api/2.0/deliveryservice_requests? handling (reqid 2750)
trafficops_1 | DEBUG: plugin.go:190: 2020-09-03T19:05:31.140914016Z:
DEBUG plugins.OnRequest calling 0 plugins
trafficops_1 | ERROR: api.go:222: 2020-09-03T19:05:31.151730185Z:
192.168.176.1:41492 panic: (err: runtime error: invalid memory address or nil
pointer dereference) stacktrace:
trafficops_1 | goroutine 21149 [running]:
trafficops_1 |
github.com/apache/trafficcontrol/lib/go-util.Stacktrace(0xc000fed398, 0xce4900,
0x15d8b00)
trafficops_1 |
/tmp/go/src/github.com/apache/trafficcontrol/lib/go-util/util.go:32 +0x9d
trafficops_1 |
github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/routing/middleware.WrapPanicRecover.func1.1(0xf74760,
0xc0016a17d0, 0xc001368400)
trafficops_1 |
/tmp/go/src/github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go:152
+0x54
trafficops_1 | panic(0xce4900, 0x15d8b00)
trafficops_1 | /usr/local/go/src/runtime/panic.go:969 +0x166
trafficops_1 |
github.com/apache/trafficcontrol/lib/go-tc.(*DeliveryServiceNullable).Validate(0x0,
0xc000f98100, 0x3, 0x4)
trafficops_1 |
/tmp/go/src/github.com/apache/trafficcontrol/lib/go-tc/deliveryservices.go:543
+0x263
trafficops_1 |
github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/deliveryservice/request.(*TODeliveryServiceRequest).Validate(0xc000eda000,
0xda2260, 0xc000eda000)
trafficops_1 |
/tmp/go/src/github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/deliveryservice/request/validate.go:63
+0x43e
trafficops_1 |
github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/api.decodeAndValidateRequestBody(0xc001368400,
0x7f9b62f5e2b8, 0xc000eda000, 0x0, 0x0)
trafficops_1 |
/tmp/go/src/github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/api/shared_handlers.go:115
+0x13d
trafficops_1 |
github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/api.CreateHandler.func1(0xf74760,
0xc0016a17d0, 0xc001368400)
trafficops_1 |
/tmp/go/src/github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/api/shared_handlers.go:615
+0x10da
trafficops_1 |
github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/routing/middleware.AuthBase.GetWrapper.func1.1(0xf74760,
0xc0016a17d0, 0xc001368400)
trafficops_1 |
/tmp/go/src/github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go:107
+0x276
trafficops_1 |
github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/routing/middleware.WrapPanicRecover.func1(0xf74760,
0xc0016a17d0, 0xc001368400)
trafficops_1 |
/tmp/go/src/github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go:156
+0x79
trafficops_1 |
github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/routing/middleware.WrapHeaders.func1(0xf775e0,
0xc00333c420, 0xc001368400)
trafficops_1 |
/tmp/go/src/github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/routing/middleware/wrappers.go:136
+0x643
trafficops_1 | net/http.HandlerFunc.ServeHTTP(0xc00047e9b0, 0xf775e0,
0xc00333c420, 0xc001368400)
trafficops_1 | /usr/local/go/src/net/http/server.go:2012 +0x44
trafficops_1 |
net/http.(*timeoutHandler).ServeHTTP.func1(0xc00333c540, 0xc000191c40,
0xc00333c420, 0xc001368400, 0xc000114360)
trafficops_1 | /usr/local/go/src/net/http/server.go:3238 +0x7f
trafficops_1 | created by net/http.(*timeoutHandler).ServeHTTP
trafficops_1 | /usr/local/go/src/net/http/server.go:3232 +0x226
```
</details>
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
