From 35e49cac53a97ae6c51190c8e2d35a215e188bba Mon Sep 17 00:00:00 2001
From: "Frank Ch. Eigler" <fche@redhat.com>
Date: Thu, 25 Feb 2021 14:04:20 -0500
Subject: [PATCH] debuginfod: filter webapi for bad keywords early

Prevent some unnecessary processing of user data and
keep invalid request types out of metrics.

Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
---
 debuginfod/ChangeLog         | 5 +++++
 debuginfod/debuginfod.cxx    | 3 ++-
 tests/ChangeLog              | 4 ++++
 tests/run-debuginfod-find.sh | 3 +++
 4 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog
index a66ded383..98089b2d9 100644
--- a/debuginfod/ChangeLog
+++ b/debuginfod/ChangeLog
@@ -1,3 +1,8 @@
+2021-02-25  Frank Ch. Eigler <fche@redhat.com>
+
+	* debuginfod.cxx (handler_cb): Filter webapi for bad
+	artifacttype keywords early for metric hygiene.
+
 2021-02-14  Frank Ch. Eigler <fche@redhat.com>
 
 	* debuginfod.cxx (main -U): Use bsdtar unconditionally.  Also map
diff --git a/debuginfod/debuginfod.cxx b/debuginfod/debuginfod.cxx
index 6fdaf60e6..2aecc0494 100644
--- a/debuginfod/debuginfod.cxx
+++ b/debuginfod/debuginfod.cxx
@@ -1587,6 +1587,8 @@ handle_buildid (MHD_Connection* conn,
   else if (artifacttype == "source") atype_code = "S";
   else throw reportable_exception("invalid artifacttype");
 
+  inc_metric("http_requests_total", "type", artifacttype);
+  
   if (atype_code == "S" && suffix == "")
      throw reportable_exception("invalid source suffix");
 
@@ -1936,7 +1938,6 @@ handler_cb (void * /*cls*/,
               suffix = url_copy.substr(slash3); // include the slash in the suffix
             }
 
-          inc_metric("http_requests_total", "type", artifacttype);
           // get the resulting fd so we can report its size
           int fd;
           r = handle_buildid(connection, buildid, artifacttype, suffix, &fd);
diff --git a/tests/ChangeLog b/tests/ChangeLog
index 889f5066d..944471288 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,3 +1,7 @@
+2021-02-25  Frank Ch. Eigler <fche@redhat.com>
+
+	* run-debuginfod-find.sh: Add bad webapi artifacttype test.
+
 2021-02-17  Frank Ch. Eigler <fche@redhat.com>
 
 	* run-debuginfod-find.sh: Tweak wait_ready() to also print -vvv log of
diff --git a/tests/run-debuginfod-find.sh b/tests/run-debuginfod-find.sh
index 1ae63e0ee..bcca61301 100755
--- a/tests/run-debuginfod-find.sh
+++ b/tests/run-debuginfod-find.sh
@@ -493,6 +493,9 @@ curl -s http://127.0.0.1:$PORT1/metrics | grep 'scanned_bytes_total'
 curl -s http://127.0.0.1:$PORT2/badapi > /dev/null || true
 curl -s http://127.0.0.1:$PORT2/buildid/deadbeef/debuginfo > /dev/null || true
 
+# Confirm bad artifact types are rejected without leaving trace
+curl -s http://127.0.0.1:$PORT2/buildid/deadbeef/badtype > /dev/null || true
+(curl -s http://127.0.0.1:$PORT2/metrics | grep 'badtype') && false
 
 ########################################################################
 # Corrupt the sqlite database and get debuginfod to trip across its errors
-- 
2.47.2