[jira] [Comment Edited] (CASSANDRA-19483) Catch InvalidLegacyProtocolMagic exceptions

Tue, 24 Sep 2024 10:54:06 -0700 


    [ 
https://issues.apache.org/jira/browse/CASSANDRA-19483?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17884394#comment-17884394
 ] 

Stefan Miklosovic edited comment on CASSANDRA-19483 at 9/24/24 5:53 PM:
------------------------------------------------------------------------

https://github.com/apache/cassandra/pull/3249/files#r1773768271

Somebody might it find handy that it throws but when we are about to return 
"null" there so there would be no way to tell the difference because the logic 
in try block in maybeDecode might throw as well and there we return null in 
catch block. InvalidLegacyProtocolMagic is not an instance of EOFException so 
it will throw from that maybeDecode method but the logic in try might throw and 
return null. So before we either threw or we returned null, now we always 
return null. If we do not throw InvalidLegacyProtocolMagic then we can not 
react on that in InboundMessageHandler.

So the ultimate question is what is the difference between returning null and 
throwing InvalidLegacyProtocolMagic. There is this in InboudConnectionInitiator:

{code}
            initiate = HandshakeProtocol.Initiate.maybeDecode(in);
            if (initiate == null)
                return;
{code}

which tells me that it kind of already counts with a situation when it returned 
null (e.g. when it throws EOFException and returns null) so returning null from 
maybeDecode seems pretty innocent. I think that as long as there is no spam 
logger it is just fine.

If the goal is to just not constantly throw and log, we can just use no spam 
logger in src/java/org/apache/cassandra/net/InboundMessageHandler.java and save 
ourselves from all the related changes. The result would be functionally-wise 
same. Hence, do we go to remove the exception and change the code or do we just 
log with no spam logger?

[~brandon.williams] thoughts?


was (Author: smiklosovic):
https://github.com/apache/cassandra/pull/3249/files#r1773768271

Somebody might it find handy that it throws but when we are abotu to return 
"null" there so there would be no way to tell the difference because the logic 
in try block in maybeDecode might throw as well and there we return null in 
catch block. InvalidLegacyProtocolMagic is not an instance of EOFException so 
it will throw from that maybeDecode method but the logic in try might throw and 
return null. So before we either threw or we returned null, now we always 
return null. If we do not throw InvalidLegacyProtocolMagic then we can not 
react on that in InboundMessageHandler.

So the ultimate question is what is the difference between returning null and 
throwing InvalidLegacyProtocolMagic. There is this in InboudConnectionInitiator:

{code}
            initiate = HandshakeProtocol.Initiate.maybeDecode(in);
            if (initiate == null)
                return;
{code}

which tells me that it kind of already counts with a situation when it returned 
null (e.g. when it throws EOFException and returns null) so returning null from 
maybeDecode seems pretty innocent. I think that as long as there is no spam 
logger it is just fine.

If the goal is to just not constantly throw and log, we can just use no spam 
logger in src/java/org/apache/cassandra/net/InboundMessageHandler.java and save 
ourselves from all the related changes. The result would be functionally-wise 
same. Hence, do we go to remove the exception and change the code or do we just 
log with no spam logger?

[~brandon.williams] thoughts?

> Catch InvalidLegacyProtocolMagic exceptions
> -------------------------------------------
>
>                 Key: CASSANDRA-19483
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-19483
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Observability/Logging
>            Reporter: Brad Schoening
>            Assignee: Ilya Zakharov
>            Priority: Low
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> Similar to CASSANDRA-18839, we frequently see the exception 
> InvalidLegacyProtocolMagic with full stack traces flooding our logs. These 
> are due to Qualys vulnerability scans.
> It seem to be a simple check in Message.java and would be better handled by:
> a) returning a boolean from validateLegacyProtocolMagic() -> 
> hasValidLegacyProtocolMagic() instead of creating a custom exception class or
> b) adding a catch block in HandshakeProtocol.java and return null as is done 
> for messagingVersion
> {code:java}
>  static Initiate maybeDecode(ByteBuf buf) throws IOException
>         {
>             ...
>             try (DataInputBuffer in = new DataInputBuffer(nio, false))
>             {
>                 validateLegacyProtocolMagic(in.readInt());   // throws 
> exception
>                 int flags = in.readInt();
>                 // legacy pre40 messagingVersion flag
>                 if (getBits(flags, 8, 8) < VERSION_40)
>                     return null;
>                 int minMessagingVersion = getBits(flags, 16, 8);
>                 int maxMessagingVersion = getBits(flags, 24, 8);
>                 // 5.0+ does not support pre40
>                 if (maxMessagingVersion < MessagingService.VERSION_40)
>                     return null;
>                 ....
>             }
>             catch (EOFException e)
>             {
>                 return null;
>             }
>         }
> {code}
> {code:java}
> static void validateLegacyProtocolMagic(int magic) throws 
> InvalidLegacyProtocolMagic
> {
>     if (magic != PROTOCOL_MAGIC)
>             throw new InvalidLegacyProtocolMagic(magic);
> }
> {code}
> {code:java}
> {{2024-03-20 03:47:27,380 [ERROR] [Messaging-EventLoop-3-2] cluster_id=9 
> ip_address=10.0.0.1 InboundConnectionInitiator.java:360 - Failed to properly 
> handshake with peer /10.0.2:33356. Closing the channel.}}
> {{io.netty.handler.codec.DecoderException: 
> org.apache.cassandra.net.Message$InvalidLegacyProtocolMagic: Read 1431520594, 
> Expected -900387334}}
> {{    at 
> io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:478)}}
> {{    at 
> io.netty.handler.codec.ByteToMessageDecoder.channelInputClosed(ByteToMessageDecoder.java:404)}}
> {{    at 
> io.netty.handler.codec.ByteToMessageDecoder.channelInputClosed(ByteToMessageDecoder.java:371)}}
> {{    at 
> io.netty.handler.codec.ByteToMessageDecoder.channelInactive(ByteToMessageDecoder.java:354)}}
> {{    at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:262)}}
> {{    at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:248)}}
> {{    at 
> io.netty.channel.AbstractChannelHandlerContext.fireChannelInactive(AbstractChannelHandlerContext.java:241)}}
> {{    at 
> io.netty.channel.DefaultChannelPipeline$HeadContext.channelInactive(DefaultChannelPipeline.java:1405)}}
> {{    at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:262)}}
> {{    at 
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:248)}}
> {{    at 
> io.netty.channel.DefaultChannelPipeline.fireChannelInactive(DefaultChannelPipeline.java:901)}}
> {{    at 
> io.netty.channel.AbstractChannel$AbstractUnsafe$8.run(AbstractChannel.java:819)}}
> {{    at 
> io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:164)}}
> {{    at 
> io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:472)}}
> {{    at io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:384)}}
> {{    at 
> io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)}}
> {{    at 
> io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)}}
> {{    at 
> io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)}}
> {{    at java.base/java.lang.Thread.run(Thread.java:834)}}
> {{Caused by: org.apache.cassandra.net.Message$InvalidLegacyProtocolMagic: 
> Read 1431520594, Expected -900387334}}
> {{    at 
> org.apache.cassandra.net.Message.validateLegacyProtocolMagic(Message.java:343)}}
> {{    at 
> org.apache.cassandra.net.HandshakeProtocol$Initiate.maybeDecode(HandshakeProtocol.java:167)}}
> {{    at 
> org.apache.cassandra.net.InboundConnectionInitiator$Handler.initiate(InboundConnectionInitiator.java:242)}}
> {{    at 
> org.apache.cassandra.net.InboundConnectionInitiator$Handler.decode(InboundConnectionInitiator.java:235)}}
> {{    at 
> io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:508)}}
> {{    at 
> io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:447)}}
> {{    ... 18 common frames omitted}}
>  {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

Reply via email to