Don't allow partial host buffers (#947)

grcevski · web-flow · commit 67ae3cc60bba · 2025-11-28T14:48:30.000-05:00
diff --git a/internal/test/integration/docker-compose-python-aws.yml b/internal/test/integration/docker-compose-python-aws.yml
@@ -8,10 +8,7 @@ services:
       - "4566:4566"
 
   testserver:
-    build:
-      context: ../../../internal/test/integration/components/pythonawsclient/
-      dockerfile: Dockerfile
-    image: hatest-testserver-python-aws-client
+    image: ghcr.io/open-telemetry/obi-testimg:python_aws_s3-0.0.1
     ports:
       - "${TEST_SERVICE_PORTS}"
     depends_on:
diff --git a/pkg/ebpf/common/http_transform.go b/pkg/ebpf/common/http_transform.go
@@ -293,8 +293,10 @@ func httpHostFromBuf(req []byte) (string, int) {
 
 	rIdx := strings.Index(buf, "\r")
 
+	// only parse full host information, partial may
+	// get the wrong name or wrong port
 	if rIdx < 0 {
-		rIdx = len(buf)
+		return "", -1
 	}
 
 	host, portStr, err := net.SplitHostPort(buf[:rIdx])
diff --git a/pkg/ebpf/common/http_transform_test.go b/pkg/ebpf/common/http_transform_test.go
@@ -201,18 +201,25 @@ func TestToRequestTrace_BadHost(t *testing.T) {
 		End:          789012,
 		HostPort:     0,
 		Service:      svc.Attrs{},
-		Statement:    "http;example.c",
+		Statement:    "http;",
 	}
 	assert.Equal(t, expected, result)
 
 	s, p := httpHostFromBuf(record.Buf[:])
-	assert.Equal(t, "example.c", s)
+	assert.Empty(t, s)
 	assert.Equal(t, -1, p)
 
 	var record1 BPFHTTPInfo
 	copy(record1.Buf[:], "GET /hello HTTP/1.1\r\nHost: example.c:23")
 
 	s, p = httpHostFromBuf(record1.Buf[:])
+	assert.Empty(t, s)
+	assert.Equal(t, -1, p)
+
+	var record4 BPFHTTPInfo
+	copy(record4.Buf[:], "GET /hello HTTP/1.1\r\nHost: example.c:23\r")
+
+	s, p = httpHostFromBuf(record4.Buf[:])
 	assert.Equal(t, "example.c", s)
 	assert.Equal(t, 23, p)
 

Original file line number	Diff line number	Diff line change
`@@ -293,8 +293,10 @@ func httpHostFromBuf(req []byte) (string, int) {`
`293`	`293`
`294`	`294`	`rIdx := strings.Index(buf, "\r")`
`295`	`295`
	`296`	`+ // only parse full host information, partial may`
	`297`	`+ // get the wrong name or wrong port`
`296`	`298`	`if rIdx < 0 {`
`297`		`- rIdx = len(buf)`
	`299`	`+ return "", -1`
`298`	`300`	`}`
`299`	`301`
`300`	`302`	`host, portStr, err := net.SplitHostPort(buf[:rIdx])`