From 58d2b878e32d44d2441f3baabb255b45dc73ac0b Mon Sep 17 00:00:00 2001 From: Juanjo Alvarez Martinez Date: Fri, 3 May 2024 18:04:01 +0200 Subject: [PATCH] fix: better None protection when tainting a grpc message (#9155) ## Checklist - [X] Change(s) are motivated and described in the PR description - [X] Testing strategy is described if automated tests are not included in the PR - [X] Risks are described (performance impact, potential for breakage, maintainability) - [X] Change is maintainable (easy to change, telemetry, documentation) - [X] [Library release note guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html) are followed or label `changelog/no-changelog` is set - [X] Documentation is included (in-code, generated user docs, [public corp docs](https://github.com/DataDog/documentation/)) - [X] Backport labels are set (if [applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)) - [X] If this PR changes the public interface, I've notified `@DataDog/apm-tees`. ## Reviewer Checklist - [x] Title is accurate - [x] All changes are related to the pull request's stated goal - [x] Description motivates each change - [x] Avoids breaking [API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces) changes - [x] Testing strategy adequately addresses listed risks - [x] Change is maintainable (easy to change, telemetry, documentation) - [x] Release note makes sense to a user of the library - [x] Author has acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment - [x] Backport labels are set in a manner that is consistent with the [release branch maintenance policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting) --------- Signed-off-by: Juanjo Alvarez Co-authored-by: Brett Langdon (cherry picked from commit 434f71188c9374cd6892f774fd262cd2bc181f56) --- ddtrace/contrib/grpc/client_interceptor.py | 12 ++++++++---- .../notes/asm-gprc-not-none-788b4b435b931a11.yaml | 3 +++ 2 files changed, 11 insertions(+), 4 deletions(-) create mode 100644 releasenotes/notes/asm-gprc-not-none-788b4b435b931a11.yaml diff --git a/ddtrace/contrib/grpc/client_interceptor.py b/ddtrace/contrib/grpc/client_interceptor.py index 17a04330583..57808b81788 100644 --- a/ddtrace/contrib/grpc/client_interceptor.py +++ b/ddtrace/contrib/grpc/client_interceptor.py @@ -85,8 +85,10 @@ def _handle_response(span, response): "grpc.response_message", (response._response,), ) - if result and "response" in result: - response._response = result["response"].value + if result: + response_value = result.get("response") + if response_value: + response._response = response_value if hasattr(response, "add_done_callback"): response.add_done_callback(_future_done_callback(span)) @@ -173,8 +175,10 @@ def __next__(self): "grpc.response_message", (n,), ) - if result and "response" in result: - n = result["response"].value + if result: + response_value = result.get("response") + if response_value: + n = response_value return n next = __next__ diff --git a/releasenotes/notes/asm-gprc-not-none-788b4b435b931a11.yaml b/releasenotes/notes/asm-gprc-not-none-788b4b435b931a11.yaml new file mode 100644 index 00000000000..458a43d515e --- /dev/null +++ b/releasenotes/notes/asm-gprc-not-none-788b4b435b931a11.yaml @@ -0,0 +1,3 @@ +fixes: + - | + ASM: protect against potentially returning ``None`` when tainting a gRPC message.