feat(agent): Add AWS Lambda Relationship #1023
Conversation
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| return; | ||
| } | ||
|
|
||
| if (NULL == retval_ptr) { |
Check failure
Code scanning / CodeQL
Redundant null check due to previous dereference High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 1 day ago
To fix the problem, we need to move the null check for retval_ptr before its dereference. This will ensure that we do not dereference a null pointer, which could lead to undefined behavior or a crash. Specifically, we should move the null check from line 324 to before line 364 where retval_ptr is first dereferenced.
| @@ -323,7 +323,2 @@ | ||
|
|
||
| if (NULL == retval_ptr) { | ||
| /* Do not instrument when an exception has happened */ | ||
| return; | ||
| } | ||
|
|
||
| #define AWS_COMMAND_IS(CMD) \ | ||
| @@ -360,2 +355,7 @@ | ||
|
|
||
| if (NULL == retval_ptr) { | ||
| /* Do not instrument when an exception has happened */ | ||
| return; | ||
| } | ||
|
|
||
| /* end the segment */ |
|
|
||
| /* Compile the regex */ | ||
| if (NULL == NRPRG(aws_arn_regex)) { | ||
| NRPRG(aws_arn_regex) = nr_regex_create(AWS_ARN_REGEX, 0, 0); |
There was a problem hiding this comment.
Where/when does this get destroyed?
There was a problem hiding this comment.
Can we just precompile this in minit and destroy like wordpress does?
https://github.com/newrelic/newrelic-php-agent/blob/main/agent/fw_wordpress.c#L878-L886
| /* verify arguments */ | ||
| if (NULL == call_args || IS_ARRAY != Z_TYPE_P(call_args)) { | ||
| return; | ||
| } | ||
| zval* lambda_args = nr_php_zend_hash_index_find(Z_ARRVAL_P(call_args), 0); | ||
| if (NULL == lambda_args || IS_ARRAY != Z_TYPE_P(lambda_args)) { | ||
| return; | ||
| } | ||
| zval* lambda_name = nr_php_zend_hash_find(Z_ARRVAL_P(lambda_args), "FunctionName"); | ||
| if (NULL == lambda_name || IS_STRING != Z_TYPE_P(lambda_name)) { | ||
| return; | ||
| } |
There was a problem hiding this comment.
This function will already do all the checking for you and if 'FunctionName' has a valid string value, it will return the value to you .
https://github.com/newrelic/newrelic-php-agent/blob/main/agent/lib_aws_sdk_php.h#L78
| accountID = NRINI(aws_account_id); | ||
| } | ||
| if (nr_strempty(region)) { | ||
| region_zval = nr_php_call(this_obj, "getRegion"); |
There was a problem hiding this comment.
Since the region property exists on the object, instead of doing an nr_php_call here (which has higher overhead), you could use something like:
region_zval
= nr_php_get_zval_object_property(this_obj, "region");
if (!nr_php_is_zval_non_empty_string(region_zval)) {
...
}
| nr_aws_lambda_invoke(NR_EXECUTE_ORIG_ARGS, &cloud_attrs); | ||
| if (!cloud_attrs.cloud_resource_id) { | ||
| /* we do not want to instrument if we cannot reconstruct the ARN */ | ||
| return; |
There was a problem hiding this comment.
I think it's still fine to instrument in this case.
It won't create the relationship, but the external segment can still be created. The cloud attributes are extra attributes, not core external segment attributes.
| external_params.status = Z_LVAL_P(status_code); | ||
| } | ||
| zval* metadata = nr_php_zend_hash_find(Z_ARRVAL_P(data), "@metadata"); | ||
| if (NULL != metadata && IS_REFERENCE == Z_TYPE_P(metadata) |
There was a problem hiding this comment.
Could simplify this a bit by something like just adding this check:
if (IS_REFERENCE == Z_TYPE_P(metadata)) {
metadata = Z_REFVAL_P(metadata);
}
Then the code could look something like:
if (NULL != metadata && IS_REFERENCE == Z_TYPE_P(metadata)) {
metadata = Z_REFVAL_P(metadata);
}
if nr_php_is_zval_valid_array(metadata) {
zval* uri = nr_php_zend_hash_find(Z_ARRVAL_P(metadata), "effectiveUri");
if (nr_php_is_zval_non_empty_string(uri)) {
external_params.uri = Z_STRVAL_P(uri);
}
}
| char* accountID = NULL; | ||
|
|
||
| /* verify arguments */ | ||
| if (NULL == call_args || IS_ARRAY != Z_TYPE_P(call_args)) { |
There was a problem hiding this comment.
General comment, there are a lot of helper functions for zval here: https://github.com/newrelic/newrelic-php-agent/blob/main/agent/php_zval.h
of the form nr_php_is_zval_* that will already do the NULL and type checking for you for most zval types.
| STD_PHP_INI_ENTRY_EX("newrelic.cloud.aws.account_id", | ||
| "1", | ||
| NR_PHP_REQUEST, | ||
| nr_string_mh, |
There was a problem hiding this comment.
Can this call a function that verifies the string is always 12 chars long (according to the spec).
| ; Info : AWS account id that is used to map entities called | ||
| ; via the AWS SDK. | ||
| ; |
There was a problem hiding this comment.
Instrument AWS Lambda
invokeand reconstruct the ARN to facilitate a complete service map.