Skip to content

fix(parsing): Prometheus timestamp parse int overflow handle #23077

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

fix(parsing): Prometheus timestamp parse int overflow handle #23077

wants to merge 3 commits into from

Conversation

wooffie
Copy link
Contributor

@wooffie wooffie commented May 20, 2025

Summary

Change logic on nom parser in prometheus-parser crate. Now PosOverflow/NegOverflow don't result in panic.

Change Type

  • Bug fix
  • New feature
  • Non-functional (chore, refactoring, docs)
  • Performance

Is this a breaking change?

  • Yes
  • No

How did you test this PR?

I added testcases, If delete changes you will see panic outer i64 range.

  ---- line::test::test_parse_timestamp stdout ----

thread 'line::test::test_parse_timestamp' panicked at lib/prometheus-parser/src/line.rs:155:23:
called `Result::unwrap()` on an `Err` value: ParseIntError { kind: PosOverflow }
stack backtrace:
   0: rust_begin_unwind
             at /rustc/4eb161250e340c8f48f66e2b929ef4a5bed7c181/library/std/src/panicking.rs:692:5
   1: core::panicking::panic_fmt
             at /rustc/4eb161250e340c8f48f66e2b929ef4a5bed7c181/library/core/src/panicking.rs:75:14
   2: core::result::unwrap_failed
             at /rustc/4eb161250e340c8f48f66e2b929ef4a5bed7c181/library/core/src/result.rs:1704:5
   3: core::result::Result<T,E>::unwrap
             at /home/wooffie/.rustup/toolchains/1.85-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/result.rs:1109:23
   4: prometheus_parser::line::Metric::parse_timestamp::{{closure}}
             at ./src/line.rs:155:13
   5: nom::combinator::map::{{closure}}
             at /home/wooffie/.cargo/registry/src/index.crates.io-1949cf8c6b5b557f/nom-7.1.3/src/combinator/mod.rs:80:16
   6: <F as nom::internal::Parser<I,O,E>>::parse
             at /home/wooffie/.cargo/registry/src/index.crates.io-1949cf8c6b5b557f/nom-7.1.3/src/internal.rs:325:5
   7: nom::combinator::opt::{{closure}}
             at /home/wooffie/.cargo/registry/src/index.crates.io-1949cf8c6b5b557f/nom-7.1.3/src/combinator/mod.rs:245:11
   8: prometheus_parser::line::Metric::parse_timestamp
             at ./src/line.rs:154:9
   9: prometheus_parser::line::test::test_parse_timestamp
             at ./src/line.rs:674:20
  10: prometheus_parser::line::test::test_parse_timestamp::{{closure}}
             at ./src/line.rs:666:30
  11: core::ops::function::FnOnce::call_once
             at /home/wooffie/.rustup/toolchains/1.85-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ops/function.rs:250:5
  12: core::ops::function::FnOnce::call_once
             at /rustc/4eb161250e340c8f48f66e2b929ef4a5bed7c181/library/core/src/ops/function.rs:250:5
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.


failures:
    line::test::test_parse_timestamp

Does this PR include user facing changes?

  • Yes. Please add a changelog fragment based on our guidelines.
  • No. A maintainer will apply the "no-changelog" label to this PR.

Notes

  • Please read our Vector contributor resources.
  • Do not hesitate to use @vectordotdev/vector to reach out to us regarding this PR.
  • The CI checks run only after we manually approve them.
    • We recommend adding a pre-push hook, please see this template.
    • Alternatively, we recommend running the following locally before pushing to the remote branch:
      • cargo fmt --all
      • cargo clippy --workspace --all-targets -- -D warnings
      • cargo nextest run --workspace (alternatively, you can run cargo test --all)
      • ./scripts/check_changelog_fragments.sh
  • After a review is requested, please avoid force pushes to help us review incrementally.
    • Feel free to push as many commits as you want. They will be squashed into one before merging.
    • For example, you can run git merge origin master and git push.
  • If this PR introduces changes Vector dependencies (modifies Cargo.lock), please
    run cargo vdev build licenses to regenerate the license inventory and commit the changes (if any). More details here.

References

@wooffie wooffie requested a review from a team as a code owner May 20, 2025 07:49
pront
pront approved these changes May 21, 2025
View reviewed changes
Copy link
Member

@pront pront left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @wooffie

changelog.d/fix_prometheus_timestamp_parse.fix.md Outdated
@@ -0,0 +1,3 @@
Fixed possible integer overflows in timestamp parsing for `prometheus_parser::line::Metric::parse_timestamp`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TIOLIT: This can be rephrased with a less technical audience in mind.

Copy link
Contributor Author

@wooffie wooffie May 22, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's try like this. I just not fluent vector user, and hard to write non-tech here =)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pront pront pront approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Panic in parsing at lib/prometheus-parser
2 participants
@wooffie @pront