fix monitorROAS crashes in case of malformed VRP #416

2024-05-19 06:50:08 +00:00 · 2020-12-05 19:17:23 +01:00
parent fc1fe8c64e
commit 2b3a981ddb
4 changed files with 40 additions and 32 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -5717,20 +5717,20 @@
      }
    },
    "rpki-validator": {
-      "version": "2.2.9",
-      "resolved": "https://registry.npmjs.org/rpki-validator/-/rpki-validator-2.2.9.tgz",
-      "integrity": "sha512-r2aYSvNMbTq1RqzYpvLrJX+pOzIFIKSDAKjDOaNFqWGJ0A1jxBZP2OFIId3cFGcjwJ8LicFiG8tTH+BtF3lo2g==",
+      "version": "2.2.10",
+      "resolved": "https://registry.npmjs.org/rpki-validator/-/rpki-validator-2.2.10.tgz",
+      "integrity": "sha512-HeTvLkRwqH78sCISbvtQmMIK/jB+5XuY1MPETPphWcdezxfuieR+vsax6VKjuWCwJ0XIKO7J4y6lizKG91KgcQ==",
      "requires": {
        "axios": "^0.21.0",
        "brembo": "^2.0.4",
-        "ip-sub": "^1.0.17",
+        "ip-sub": "^1.0.19",
        "radix-trie-js": "^1.0.5"
      },
      "dependencies": {
        "ip-sub": {
-          "version": "1.0.17",
-          "resolved": "https://registry.npmjs.org/ip-sub/-/ip-sub-1.0.17.tgz",
-          "integrity": "sha512-U/4/OLzZ0TTF7LYog2RbJzXvb/yLWRLo+WDVffRWNnGjqNy0QxVr5u1GEMbUHyQ+dMbe6+vZA3YdefEuC/0xig==",
+          "version": "1.0.19",
+          "resolved": "https://registry.npmjs.org/ip-sub/-/ip-sub-1.0.19.tgz",
+          "integrity": "sha512-kDjWkCvq7EID99B0GHDZUGoDrLz6Oebe2sL9yV8Wc2M8rnT5V00/yhuADoOZi8AR2gDbNT+aBWGSQhihiGSGzg==",
          "requires": {
            "ip-address": "^6.4.0"
          }
--- a/package.json
+++ b/package.json
@@ -73,7 +73,7 @@
    "nodemailer": "^6.4.16",
    "path": "^0.12.7",
    "restify": "^8.5.1",
-    "rpki-validator": "^2.2.9",
+    "rpki-validator": "^2.2.10",
    "semver": "^7.3.2",
    "syslog-client": "^1.1.1",
    "ws": "^7.4.0",
--- a/src/monitors/monitorROAS.js
+++ b/src/monitors/monitorROAS.js
@@ -8,38 +8,45 @@ export default class MonitorROAS extends Monitor {
    constructor(name, channel, params, env, input){
        super(name, channel, params, env, input);

+        this.logger = env.logger;
        this.rpki = env.rpki;
        setInterval(this._diffVrps, 20000);
    };

    _diffVrps = () => {
-        let roaDiff;
-        const newVrps = this.rpki.getVrps(); // Get all the vrps as retrieved from the rpki validator
+        try {
+            let roaDiff;
+            const newVrps = this.rpki.getVrps(); // Get all the vrps as retrieved from the rpki validator

-        if (this._oldVrps) { // No diff if there were no vrps before
-            roaDiff = [].concat.apply([], this.monitored
-                .map(i => diff(this._oldVrps, newVrps, i.asn.getValue().toString()))); // Get the diff for each monitored AS
-        }
-
-        if (newVrps.length) {
-            this._oldVrps = newVrps;
-        }
-
-        if (roaDiff && roaDiff.length) { // Differences found
-            const impactedASes = [...new Set(roaDiff.map(i => i.asn))];
-            const matchedRules = impactedASes.map(asn => this.getMonitoredAsMatch(new AS(asn)));
-
-            for (let matchedRule of matchedRules) { // An alert for each AS involved (they may have different user group)
-                const message = "ROAs change detected: " + roaDiff.map(this._roaToString).join("; ");
-
-                this.publishAlert(md5(message), // The hash will prevent alert duplications in case multiple ASes/prefixes are involved
-                    matchedRule.asn.getId(),
-                    matchedRule,
-                    message,
-                    {});
+            if (this._oldVrps) { // No diff if there were no vrps before
+                roaDiff = [].concat.apply([], this.monitored
+                    .map(i => diff(this._oldVrps, newVrps, i.asn.getValue()))); // Get the diff for each monitored AS
            }
-        }

+            if (newVrps.length) {
+                this._oldVrps = newVrps;
+            }
+
+            if (roaDiff && roaDiff.length) { // Differences found
+                const impactedASes = [...new Set(roaDiff.map(i => i.asn))];
+                const matchedRules = impactedASes.map(asn => this.getMonitoredAsMatch(new AS(asn)));
+
+                for (let matchedRule of matchedRules.filter(i => !!i)) { // An alert for each AS involved (they may have different user group)
+                    const message = "ROAs change detected: " + [...new Set(roaDiff.map(this._roaToString))].join("; ");
+
+                    this.publishAlert(md5(message), // The hash will prevent alert duplications in case multiple ASes/prefixes are involved
+                        matchedRule.asn.getId(),
+                        matchedRule,
+                        message,
+                        {});
+                }
+            }
+        } catch (error) {
+            this.logger.log({
+                level: 'error',
+                message: error
+            });
+        }
    };

    _roaToString = (roa) => {
--- a/src/utils/rpkiDiffingTool.js
+++ b/src/utils/rpkiDiffingTool.js
@@ -6,6 +6,7 @@ export default function diff (vrpsOld, vrpsNew, asn) {
    };

    const getDiff = (vrpsOld, vrpsNew, asn)  => {
+        asn = parseInt(asn);
        const prefixes = [...new Set(vrpsOld.concat(vrpsNew).filter(i => i.asn === asn).map(i => i.prefix))];

        const filteredVrpsOld = vrpsOld.filter(i => i.asn === asn || prefixes.includes(i.prefix))