Fix nullptr crash in RecConfigOverrideFromEnvironment with runroot#12917
Draft
brbzull0 wants to merge 1 commit intoapache:masterfrom
Draft
Fix nullptr crash in RecConfigOverrideFromEnvironment with runroot#12917brbzull0 wants to merge 1 commit intoapache:masterfrom
brbzull0 wants to merge 1 commit intoapache:masterfrom
Conversation
When runroot is active and the PROXY_CONFIG_* environment variables for
path records (bin_path, local_state_dir, logfile_dir, plugin_dir) are
not set, RecConfigOverrideFromEnvironment() returned nullptr. This
violated its documented contract ("return either the overridden value,
or the original value") and caused a std::logic_error crash during
records.yaml parsing:
basic_string: construction from null is not valid
The nullptr was assigned to std::string in SetRecordFromYAMLNode(),
which threw the exception. The bug was masked in autests because the
framework always sets these env vars.
Fix: return the original config value instead of nullptr when
RecConfigOverrideFromRunroot() matches. The record value is then
resolved by Layout::relative() at runtime, producing the correct path.
Add a test that unsets the 4 path env vars to exercise the runroot code
path, and validates record values via traffic_ctl config get.
Contributor
There was a problem hiding this comment.
Pull request overview
Fixes a crash in ATS records.yaml parsing when runroot is enabled and certain PROXY_CONFIG_* path environment variables are unset, by ensuring RecConfigOverrideFromEnvironment() never returns nullptr for those records. This keeps the function’s contract intact and prevents exceptions when converting the returned C string into a std::string.
Changes:
- Update
RecConfigOverrideFromEnvironment()to return the original record value (instead ofnullptr) for runroot-managed path records when no env override exists. - Add a gold test that unsets the four path env vars to reproduce the previous crash path and validates resulting record values via
traffic_ctl.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
src/records/RecConfigParse.cc |
Prevents nullptr from being returned during env override resolution under runroot, avoiding downstream std::string(nullptr) crashes. |
tests/gold_tests/records/records_runroot_null_override.test.py |
Adds regression coverage for the runroot + missing env-var scenario and verifies both env overrides and path-record behavior. |
Comments suppressed due to low confidence (1)
src/records/RecConfigParse.cc:129
RecConfigOverrideFromEnvironment()now returnsvalueregardless of whetherRecConfigOverrideFromRunroot(name)is true or false (whenenvvalis unset), so thiselse ifbranch is redundant and adds an unnecessaryRecConfigOverrideFromRunroot()call on the hot path while parsing every record. Consider removing theelse ifentirely (or otherwise making the runroot branch do something meaningfully different).
if (envval) {
return envval;
} else if (RecConfigOverrideFromRunroot(name)) {
return value;
}
return value;
zwoop
requested changes
Mar 3, 2026
| if (envval) { | ||
| return envval; | ||
| } else if (RecConfigOverrideFromRunroot(name)) { | ||
| return nullptr; |
Contributor
There was a problem hiding this comment.
Why this else if ? you return "value" regardless of the value of RecConfigOverrideFromRunroot(name)), no?
zwoop
requested changes
Mar 3, 2026
Contributor
zwoop
left a comment
zwoop
left a comment
There was a problem hiding this comment.
I think you should cleanup the else if, I think CoPilot said the same thing.
Contributor
Author
thanks for pointing this out. I think I may have introduced a side effect bug. I'll ammend and put this back for review. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When runroot is active and the
PROXY_CONFIG_*environment variables for path records (bin_path,local_state_dir``,logfile_dir,plugin_dir) are not set,RecConfigOverrideFromEnvironment()returnednullptr. This violated its documented contract ("return either the overridden value, or the original value") and caused astd::logic_erro`r crash during records.yaml parsing:The nullptr was assigned to
std::stringinSetRecordFromYAMLNode(), which threw the exception. The bug was masked in autests because the framework always sets these env vars.Fix: return the original config value instead of nullptr when RecConfigOverrideFromRunroot() matches. The record value is then resolved by
Layout::relative()at runtime, producing the correct path.Add a test that unsets the 4 path env vars to exercise the runroot code path, and validates record values via
traffic_ctl config get.