Giters

benlaurie / objecthash

A way to cryptographically hash objects (in the JSON-ish sense) that works cross-language. And, therefore, cross-encoding.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

DON'T PANIC

maljub01 opened this issue · comments

commented

When using ObjectHash as a hashing strategy in Trillian, trying to call QueueLeaf with an invalid JSON value crashes the Trillian log server.

Stack trace:

trillian_log_server    | panic: invalid character '2' after object key [recovered]
trillian_log_server    |        panic: invalid character '2' after object key
trillian_log_server    | 
trillian_log_server    | goroutine 178 [running]:
trillian_log_server    | github.com/google/trillian/monitoring.(*RPCStatsInterceptor).Interceptor.func1.1(0xc42021c150, 0xc4202da1e0, 0x1, 0x1, 0xed1855119, 0xc41fc88d1d, 0xed2fc0)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/monitoring/rpc_stats_interceptor.go:77 +0xb8
trillian_log_server    | panic(0xa50980, 0xc4202d84e0)
trillian_log_server    |        /usr/local/go/src/runtime/panic.go:489 +0x2cf
trillian_log_server    | github.com/benlaurie/objecthash/go/objecthash.CommonJSONHash(0xc4202b3360, 0x9, 0x0, 0x0, 0x0, 0x0)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/benlaurie/objecthash/go/objecthash/objecthash.go:184 +0x157
trillian_log_server    | github.com/google/trillian/merkle/objhasher.(*objloghasher).HashLeaf(0xc4201f20a0, 0xc4202da1d0, 0x9, 0x9, 0xc420142cc0, 0xc42006a480, 0xe8f020)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/merkle/objhasher/objhasher.go:55 +0x82
trillian_log_server    | github.com/google/trillian/server.(*TrillianLogRPCServer).QueueLeaves(0xc420272630, 0x7efd36ba5408, 0xc420142cc0, 0xc4202b3570, 0x0, 0x0, 0x0)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/server/log_rpc_server.go:100 +0x1a3
trillian_log_server    | github.com/google/trillian/server.(*TrillianLogRPCServer).QueueLeaf(0xc420272630, 0x7efd36ba5408, 0xc420142b10, 0xc4202da1c0, 0xc420272630, 0x1, 0xc4202da1f0)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/server/log_rpc_server.go:73 +0xf4
trillian_log_server    | github.com/google/trillian._TrillianLog_QueueLeaf_Handler.func1(0x7efd36ba5408, 0xc420142b10, 0xab21c0, 0xc4202da1c0, 0xc4202da1c0, 0x7efd36ba5408, 0xc420142b10, 0x0)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/trillian_log_api.pb.go:841 +0x86
trillian_log_server    | github.com/google/trillian/server/interceptor.(*TrillianInterceptor).UnaryInterceptor(0xc42021ac90, 0x7efd36ba5408, 0xc420142b10, 0xab21c0, 0xc4202da1c0, 0xc4202d8280, 0xc4202d82a0, 0xc4200902c8, 0xc420142a50, 0x90c55ec2329a6601, ...)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/server/interceptor/interceptor.go:121 +0x131
trillian_log_server    | github.com/google/trillian/server/interceptor.(*TrillianInterceptor).UnaryInterceptor-fm(0x7efd36ba5408, 0xc4201429c0, 0xab21c0, 0xc4202da1c0, 0xc4202d8280, 0xc4202d82a0, 0xaef000, 0xc420142a00, 0x0, 0xa723a0)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/server/trillian_log_server/main.go:142 +0x73
trillian_log_server    | github.com/google/trillian/server/interceptor.Combine.func1.1(0x7efd36ba5408, 0xc4201429c0, 0xab21c0, 0xc4202da1c0, 0xc420089380, 0xc4204a42a0, 0xc420018600, 0x59f35a19)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/server/interceptor/interceptor.go:408 +0x66
trillian_log_server    | github.com/google/trillian/server/interceptor.ErrorWrapper(0x7efd36ba5408, 0xc4201429c0, 0xab21c0, 0xc4202da1c0, 0xc4202d8280, 0xc4202d82c0, 0x80574c, 0xc4202b37f8, 0xc4202b37f0, 0xc4204a42a0)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/server/interceptor/interceptor.go:417 +0x55
trillian_log_server    | github.com/google/trillian/server/interceptor.Combine.func1.1(0x7efd36ba5408, 0xc4201429c0, 0xab21c0, 0xc4202da1c0, 0x1, 0x1, 0xed1855119, 0xc41fc88d1d)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/server/interceptor/interceptor.go:408 +0x66
trillian_log_server    | github.com/google/trillian/monitoring.(*RPCStatsInterceptor).Interceptor.func1(0x7efd36ba5408, 0xc4201429c0, 0xab21c0, 0xc4202da1c0, 0xc4202d8280, 0xc4202d82e0, 0x0, 0x0, 0x0, 0x0)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/monitoring/rpc_stats_interceptor.go:82 +0x1a4
trillian_log_server    | github.com/google/trillian/server/interceptor.Combine.func1.1(0x7efd36ba5408, 0xc4201429c0, 0xab21c0, 0xc4202da1c0, 0xc420010820, 0xc420278070, 0xc4202d8240, 0xc4202b3960)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/server/interceptor/interceptor.go:408 +0x66
trillian_log_server    | github.com/google/trillian/server/interceptor.Combine.func1(0x7efd36ba5408, 0xc4201429c0, 0xab21c0, 0xc4202da1c0, 0xc4202d8280, 0xc4202d82a0, 0x0, 0xc4202b39d8, 0x4117c8, 0x50)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/server/interceptor/interceptor.go:411 +0x13c
trillian_log_server    | github.com/google/trillian._TrillianLog_QueueLeaf_Handler(0xb0ff20, 0xc420272630, 0x7efd36ba5408, 0xc4201429c0, 0xc420010820, 0xc4202148e0, 0x0, 0x0, 0xc420014090, 0x0)
trillian_log_server    |        /home/user/workspace/trillian/go/src/github.com/google/trillian/trillian_log_api.pb.go:843 +0x177
trillian_log_server    | google.golang.org/grpc.(*Server).processUnaryRPC(0xc420278000, 0xe92c60, 0xc42033a2c0, 0xc42000ad00, 0xc42021af00, 0xeca380, 0x0, 0x0, 0x0)
trillian_log_server    |        /home/user/workspace/trillian/go/src/google.golang.org/grpc/server.go:839 +0xc41
trillian_log_server    | google.golang.org/grpc.(*Server).handleStream(0xc420278000, 0xe92c60, 0xc42033a2c0, 0xc42000ad00, 0x0)
trillian_log_server    |        /home/user/workspace/trillian/go/src/google.golang.org/grpc/server.go:1036 +0x15a6
trillian_log_server    | google.golang.org/grpc.(*Server).serveStreams.func1.1(0xc4202da110, 0xc420278000, 0xe92c60, 0xc42033a2c0, 0xc42000ad00)
trillian_log_server    |        /home/user/workspace/trillian/go/src/google.golang.org/grpc/server.go:585 +0xa9
trillian_log_server    | created by google.golang.org/grpc.(*Server).serveStreams.func1
trillian_log_server    |        /home/user/workspace/trillian/go/src/google.golang.org/grpc/server.go:586 +0xa1

This seems to be happening because the Go code relies a lot on panic for errors.

The convention in Go libraries is that even when a package uses panic internally, its external API should still present explicit error return values. However, from looking at the code, I suspect there's no need to panic in the first place.