Please review the Community Note before submitting
TruffleHog Version
v3.88.2
Trace Output
|
func (s *Source) monitorConnection(ctx context.Context, conn net.Conn, chunksChan chan *sources.Chunk) { |
|
defer common.RecoverWithExit(ctx) |
|
for { |
|
if common.IsDone(ctx) { |
|
return |
|
} |
|
err := conn.SetDeadline(time.Now().Add(time.Second)) |
|
if err != nil { |
|
ctx.Logger().V(2).Info("could not set connection deadline", "error", err) |
|
} |
|
input := make([]byte, 8096) |
|
remote := conn.RemoteAddr() |
|
_, err = conn.Read(input) |
|
if err != nil { |
|
if errors.Is(err, io.EOF) { |
|
return |
|
} |
|
continue |
|
} |
|
ctx.Logger().V(5).Info(string(input)) |
|
metadata, err := s.parseSyslogMetadata(input, remote.String()) |
|
if err != nil { |
|
ctx.Logger().V(2).Info("failed to generate metadata", "error", err) |
|
} |
|
chunksChan <- &sources.Chunk{ |
|
SourceName: s.syslog.sourceName, |
|
SourceID: s.syslog.sourceID, |
|
SourceType: s.syslog.sourceType, |
|
JobID: s.JobID(), |
|
SourceMetadata: metadata, |
|
Data: input, |
|
Verify: s.verify, |
|
} |
|
} |
|
} |
Expected Behavior
Syslog works without error
Actual Behavior
Panic while sending long messages via syslog
Steps to Reproduce
The main issue is if the syslog message field is longer than the buffer (8096 bytes), it will be chunked.
Then there will be attempt to extract metadata from each chunk, which will end with the error for chunks with numbers 1+.
For all the following chunks of the long message the source metadata field will be nil, which will result in a panic.
Environment
- OS: [e.g. iOS]
- Version [e.g. 22]
Additional Context
It seems like we need to read the full message from the connection before parsing its metadata. The current approach with the limited buffer is to fragile.
References
Please review the Community Note before submitting
TruffleHog Version
v3.88.2
Trace Output
trufflehog/pkg/sources/syslog/syslog.go
Lines 251 to 285 in b6b00bb
Expected Behavior
Syslog works without error
Actual Behavior
Panic while sending long messages via syslog
Steps to Reproduce
The main issue is if the syslog message field is longer than the buffer (8096 bytes), it will be chunked.
Then there will be attempt to extract metadata from each chunk, which will end with the error for chunks with numbers 1+.
For all the following chunks of the long message the source metadata field will be nil, which will result in a panic.
Environment
Additional Context
It seems like we need to read the full message from the connection before parsing its metadata. The current approach with the limited buffer is to fragile.
References