Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate helper version on client_init #4

Closed
Anilm3 opened this issue Dec 2, 2021 · 0 comments · Fixed by #52
Closed

Validate helper version on client_init #4

Anilm3 opened this issue Dec 2, 2021 · 0 comments · Fixed by #52
Labels
enhancement New feature or request extension helper
Milestone
v0.3.0

Comments

@Anilm3
Copy link
Collaborator

Anilm3 commented Dec 2, 2021

Description

As a continuation of #3.

The potential, but unlikely, scenario of a rogue outdated helper process running after an upgrade could result in undefined behaviour. To avoid this issue the socket and lock file should be versioned, this would ensure that communication can only be performed between a compatible extension and helper.

This doesn't cover the case in which the actual binary of the helper has not been upgraded.

Since the first extension to launch the helper process opens the socket and lock file for it, validating the helper version on client_init would ensure that an incompatible helper binary still wouldn't result in undefined behaviour, albeit this would prevent appsec from running.
@Anilm3 Anilm3 added enhancement New feature or request extension helper labels Dec 2, 2021
@Anilm3 Anilm3 added this to the v0.3.0 milestone Dec 8, 2021
@Anilm3 Anilm3 mentioned this issue Dec 14, 2021
Open
@Anilm3 Anilm3 modified the milestones: v0.3.0, v0.2.0 Dec 15, 2021
@Anilm3 Anilm3 mentioned this issue Dec 15, 2021
Closed
@cataphract cataphract mentioned this issue Dec 30, 2021
Merged
4 tasks
@cataphract cataphract linked a pull request Jan 5, 2022 that will close this issue
Validate helper version #52
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request extension helper
Projects
None yet
Milestone
v0.3.0
Development

Successfully merging a pull request may close this issue.

Validate helper version DataDog/dd-appsec-php
2 participants
@cataphract @Anilm3