Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cherry pick #4375 - security fix #4376

Merged
merged 1 commit into from
Jul 21, 2021
Merged

Conversation

bboreham
Copy link
Contributor

Pulling #4375 into release-1.10 branch so I can make a new RC

This prevents paths generated from TenantIDs to become vulnerable to
path traversal attacks. CVE-2021-36157

Signed-off-by: Christian Simon <[email protected]>
@pstibrany
Copy link
Contributor

Target branch is set as master, not release-1.10.

@bboreham
Copy link
Contributor Author

Thanks; release-1.10 was deleted and I'm putting it back.

@bboreham bboreham changed the base branch from master to release-1.10 July 21, 2021 14:11
Copy link
Contributor

@pstibrany pstibrany left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@bboreham bboreham merged commit 4a888bc into release-1.10 Jul 21, 2021
alvinlin123 pushed a commit to ac1214/cortex that referenced this pull request Jan 14, 2022
…ct#4376)

This prevents paths generated from TenantIDs to become vulnerable to
path traversal attacks. CVE-2021-36157

Signed-off-by: Christian Simon <[email protected]>
Signed-off-by: Alvin Lin <[email protected]>
simonswine pushed a commit to simonswine/dskit that referenced this pull request Feb 21, 2022
…exproject/cortex#4376)

This prevents paths generated from TenantIDs to become vulnerable to
path traversal attacks. CVE-2021-36157

Signed-off-by: Christian Simon <[email protected]>
simonswine pushed a commit to grafana/dskit that referenced this pull request Mar 22, 2022
…exproject/cortex#4376)

This prevents paths generated from TenantIDs to become vulnerable to
path traversal attacks. CVE-2021-36157

Signed-off-by: Christian Simon <[email protected]>
simonswine added a commit to grafana/dskit that referenced this pull request Mar 29, 2022
* Add tenant resolver (cortexproject/cortex#3486)

* Add tenant resolver package

This implements the multi tenant resolver as described by the [proposal]
for multi tenant query-federation.

By default it behaves like before, but it's implementation can be
swapped out.

[proposal]: cortexproject/cortex#3364

Signed-off-by: Christian Simon <[email protected]>

* Replace usages of `ExtractOrgID`

Use TenantID or UserID depending on which of the methods are meant to be
used.

Signed-off-by: Christian Simon <[email protected]>

* Replace usages of `ExtractOrgIDFromHTTPRequest`

This is replaced by ExtractTenantIDFromHTTPRequest, which makes sure
that exactly one tenant ID is set.

Signed-off-by: Christian Simon <[email protected]>

* Add methods to `tenant` package to use resolver directly

Signed-off-by: Christian Simon <[email protected]>

* Remove UserID method from Resolver interface

We need a better definition for what we are trying to achieve with
UserID before we can add it to the interface

Signed-off-by: Christian Simon <[email protected]>

* Update comment on the TenantID/TenantIDs

Signed-off-by: Christian Simon <[email protected]>

* Improve performance of NormalizeTenantIDs

- reduce allocations by reusing the input slice during de-duplication

Signed-off-by: Christian Simon <[email protected]>

* Add multi tenant query federation (cortexproject/cortex#3250)

* Add tenant query federation

This experimental feature allows queries to cover data from more than a
single Cortex tenant and can be activated by supplying
`-tenant-federation.enabled` to all cortex instances.

To query multiple tenants a `|` separated tenant list can be specified
in the `X-Scope-OrgID` header. The source tenant of a metric will be
exposed in the label `__tenant_id__`.

Signed-off-by: Christian Simon <[email protected]>

* Aggregate the limit of maxQueriers correctly

This ensures the limit is aggregated correctly of the setting of each
individual tenant. It also implements the logic for the v2 query
frontend.

Signed-off-by: Christian Simon <[email protected]>

* Fix tenant labels and make LabelNames more efficient

Signed-off-by: Christian Simon <[email protected]>

* Use tsdb_errors for error handling

Signed-off-by: Christian Simon <[email protected]>

* Fix uninitialized label matcher

Regexp matcher need to be initialized, this adds a test for regexp
matcher and fixes the underlying issue.

Signed-off-by: Christian Simon <[email protected]>

* Use map for filterValuesByMatchers to reduce allocations

Signed-off-by: Christian Simon <[email protected]>

* Address review suggestions

Signed-off-by: Christian Simon <[email protected]>

* Add validation.SmallestPositiveNonZeroIntPerTenant to avoid code duplication

Signed-off-by: Christian Simon <[email protected]>

* Add limitations and experimental status to docs

Signed-off-by: Christian Simon <[email protected]>

* Remove unnecessary cast of defaultTenantLabel

Signed-off-by: Christian Simon <[email protected]>

* Handle query-range limits for multi tenant queries

Signed-off-by: Christian Simon <[email protected]>

* Skip results cache, if multi tenants query

Signed-off-by: Christian Simon <[email protected]>

* Add failint to ensure query path supports multiple tenants

To avoid any future regressions in the multi tenant support within the
query path, a faillint command tests if TenantID is used and if it
finds one, it suggestest using TenantIDs instead>

Signed-off-by: Christian Simon <[email protected]>

* Align CHANGELOG line with the flag description

Signed-off-by: Christian Simon <[email protected]>

* Add a limitation about missing results cache

Signed-off-by: Christian Simon <[email protected]>

* Restrict path segments in TenantIDs (cortexproject/cortex#4375) (cortexproject/cortex#4376)

This prevents paths generated from TenantIDs to become vulnerable to
path traversal attacks. CVE-2021-36157

Signed-off-by: Christian Simon <[email protected]>

* Update nolint statement

Co-authored-by: Bryan Boreham <[email protected]>
@friedrichg friedrichg deleted the cherry-pick-d9e1f81f40c branch December 11, 2023 08:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants