From 28f130198258320e67ca3e9341dd658fa8eb0274 Mon Sep 17 00:00:00 2001
From: zhoujiexiong <zhoujiexiong@foxmail.com>
Date: Fri, 21 Jun 2024 17:56:23 +0800
Subject: [PATCH 1/3] fix(grpc-transcode): filter out illegal INT(string)
 formats

---
 apisix-master-0.rockspec   |  2 +-
 t/plugin/grpc-transcode3.t | 42 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/apisix-master-0.rockspec b/apisix-master-0.rockspec
index ddd0d41e191f..75b90d9497e3 100644
--- a/apisix-master-0.rockspec
+++ b/apisix-master-0.rockspec
@@ -48,7 +48,7 @@ dependencies = {
     "lua-resty-session = 3.10",
     "opentracing-openresty = 0.1",
     "lua-resty-radixtree = 2.9.1",
-    "lua-protobuf = 0.5.0-1",
+    "lua-protobuf = 0.5.2-1",
     "lua-resty-openidc = 1.7.6-3",
     "luafilesystem = 1.7.0-2",
     "nginx-lua-prometheus-api7 = 0.20240201-1",
diff --git a/t/plugin/grpc-transcode3.t b/t/plugin/grpc-transcode3.t
index bd4164d3b5ae..956ee2bbc152 100644
--- a/t/plugin/grpc-transcode3.t
+++ b/t/plugin/grpc-transcode3.t
@@ -525,3 +525,45 @@ location /t {
         end
     }
 }
+
+
+
+=== TEST 13: bugfix - filter out illegal INT(string) formats
+--- config
+location /t {
+    content_by_lua_block {
+        local pb = require "pb"
+        local pb_encode = pb.encode
+        local protoc = require "protoc"
+        local pcall = pcall
+
+        assert(protoc:load [[
+        syntax = "proto3";
+        message IntStringPatterns {
+          repeated int64 values = 1;
+        }]])
+
+        local supported = {
+            values = {
+                1, 2, -3, "#123", "0xabF", "#-0x123abcdef", "-#0x123abcdef", "#0x123abc", "123",
+            },
+        }
+
+        local unsupported = {
+            values = {
+                "#a", "+aaa", "#aaaaa", "#-aa",
+            },
+        }
+
+        --pb.option "int64_as_string"
+        --pb.option "int64_as_hexstring"
+        pb_encode("IntStringPatterns", supported)
+        local status, err = pcall(pb_encode, "IntStringPatterns", unsupported)
+        if not status then
+            print(err)
+            ngx.say(err)
+        end
+    }
+}
+--- response_body
+bad argument #2 to '?' (number/'#number' expected for field 'values', got string)

From 23a7584fdaee6a176ae123b65e8c634b3e1ff933 Mon Sep 17 00:00:00 2001
From: zhoujiexiong <zhoujiexiong@foxmail.com>
Date: Mon, 24 Jun 2024 11:56:53 +0800
Subject: [PATCH 2/3] delete debug print

---
 t/plugin/grpc-transcode3.t | 1 -
 1 file changed, 1 deletion(-)

diff --git a/t/plugin/grpc-transcode3.t b/t/plugin/grpc-transcode3.t
index 956ee2bbc152..b276c03411bd 100644
--- a/t/plugin/grpc-transcode3.t
+++ b/t/plugin/grpc-transcode3.t
@@ -560,7 +560,6 @@ location /t {
         pb_encode("IntStringPatterns", supported)
         local status, err = pcall(pb_encode, "IntStringPatterns", unsupported)
         if not status then
-            print(err)
             ngx.say(err)
         end
     }

From 9739afa5bc42d46e2cfbf66f196cb3f28629df40 Mon Sep 17 00:00:00 2001
From: zhoujiexiong <zhoujiexiong@foxmail.com>
Date: Wed, 3 Jul 2024 16:41:47 +0800
Subject: [PATCH 3/3] arrange test case

---
 t/plugin/grpc-transcode3.t | 54 ++++++++++++++++++++++----------------
 1 file changed, 32 insertions(+), 22 deletions(-)

diff --git a/t/plugin/grpc-transcode3.t b/t/plugin/grpc-transcode3.t
index b276c03411bd..0a8ddf54ded6 100644
--- a/t/plugin/grpc-transcode3.t
+++ b/t/plugin/grpc-transcode3.t
@@ -532,37 +532,47 @@ location /t {
 --- config
 location /t {
     content_by_lua_block {
-        local pb = require "pb"
-        local pb_encode = pb.encode
-        local protoc = require "protoc"
         local pcall = pcall
+        local require = require
+        local protoc = require("protoc")
+        local pb = require("pb")
+        local pb_encode = pb.encode
 
         assert(protoc:load [[
         syntax = "proto3";
-        message IntStringPatterns {
-          repeated int64 values = 1;
+        message IntStringPattern {
+            int64 value = 1;
         }]])
 
-        local supported = {
-            values = {
-                1, 2, -3, "#123", "0xabF", "#-0x123abcdef", "-#0x123abcdef", "#0x123abc", "123",
-            },
-        }
+        local patterns
+        do
+            local function G(pattern)
+                return {pattern, true}
+            end
 
-        local unsupported = {
-            values = {
-                "#a", "+aaa", "#aaaaa", "#-aa",
-            },
-        }
+            local function B(pattern)
+                return {pattern, [[bad argument #2 to '?' (number/'#number' expected for field 'value', got string)]]}
+            end
 
-        --pb.option "int64_as_string"
-        --pb.option "int64_as_hexstring"
-        pb_encode("IntStringPatterns", supported)
-        local status, err = pcall(pb_encode, "IntStringPatterns", unsupported)
-        if not status then
-            ngx.say(err)
+            patterns = {
+                G(1), G(2), G(-3), G("#123"), G("0xabF"), G("#-0x123abcdef"), G("-#0x123abcdef"), G("#0x123abcdef"), G("123"),
+                B("#a"), B("+aaa"), B("#aaaa"), B("#-aa"),
+            }
         end
+
+        for _, p in pairs(patterns) do
+            local pattern = {
+                value = p[1],
+            }
+            local status, err = pcall(pb_encode, "IntStringPattern", pattern)
+            local res = status
+            if not res then
+                res = err
+            end
+            assert(res == p[2])
+        end
+        ngx.say("passed")
     }
 }
 --- response_body
-bad argument #2 to '?' (number/'#number' expected for field 'values', got string)
+passed