Re: [PR] [feat](cloud) Add system rate limit for meta-service [doris]

Thu, 28 May 2026 19:41:05 -0700 


github-actions[bot] commented on code in PR #61516:
URL: https://github.com/apache/doris/pull/61516#discussion_r3321821182


##########
cloud/src/common/http_helper.cpp:
##########
@@ -995,6 +1009,53 @@ HttpResponse process_get_cluster_status(MetaServiceImpl* 
service, brpc::Controll
     return http_json_reply_message(resp.status(), resp);
 }
 
+HttpResponse process_set_rpc_rate_limit_whitelist(MetaServiceImpl*, 
brpc::Controller* ctrl) {
+    rapidjson::Document doc;
+    std::string body = ctrl->request_attachment().to_string();
+    doc.Parse(body.c_str());
+
+    if (doc.HasParseError()) {
+        return http_json_reply(MetaServiceCode::INVALID_ARGUMENT,
+                               fmt::format("parse json failed: {}",
+                                           
rapidjson::GetParseError_En(doc.GetParseError())));
+    }
+
+    if (!doc.IsObject() || !doc.HasMember("rpcs") || !doc["rpcs"].IsArray()) {
+        return http_json_reply(MetaServiceCode::INVALID_ARGUMENT,
+                               "invalid request, need {\"rpcs\": [\"rpc1\", 
\"rpc2\"]}");
+    }
+
+    std::vector<std::string> rpcs;
+    for (auto& rpc : doc["rpcs"].GetArray()) {
+        if (rpc.IsString()) {
+            rpcs.emplace_back(rpc.GetString());

Review Comment:
   This silently ignores non-string entries and still commits the partially 
parsed whitelist. If the request is malformed, for example `{"rpcs":[1]}`, 
`rpcs` remains empty and `RpcRateLimitWhitelist::should_rate_limit()` treats an 
empty whitelist as match-all, so a bad control-plane request can accidentally 
make MS stress limiting apply to every RPC instead of only the intended write 
RPCs. Please reject any non-string element (and preferably add a negative test) 
before calling `set_whitelist()`.
   
   ```suggestion
           if (!rpc.IsString()) {
               return http_json_reply(MetaServiceCode::INVALID_ARGUMENT,
                                      "invalid request, rpcs must contain only 
strings");
           }
           rpcs.emplace_back(rpc.GetString());
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to