fix utf8#13
Merged
Merged
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix copy_raw handling for invalid UTF-8 payloads
Summary
修复
copy_raw在原始日志包含非法 UTF-8 字节时导致解析结果进入 miss 的问题。本次修复位置在
wp-lang:修复后,
copy_raw对 bytes payload 使用 lossy UTF-8 方式生成raw_msg,非法字节会以替代字符展示,不再导致整条日志解析失败。Problem
当 WPL 规则使用
#[copy_raw(name:"raw_msg")]时,规则匹配成功后会把原始日志写入raw_msg字段。在原始日志是 bytes payload 且包含非法 UTF-8 字节时,
copy_raw原先会使用严格 UTF-8 转换处理原始 bytes。转换失败后,annotation 阶段返回错误,导致已经匹配成功的日志最终进入 miss。实际用户现象:
JSON 场景同样会出现:
Changes
src/ast/ann_func.rs调整
RawCopy::proc中对 bytes payload 的处理。修改前:
修改后:
同时对
RawData::ArcBytes做同样处理。这样
RawData::String、RawData::Bytes、RawData::ArcBytes三类 payload 在copy_raw下都可以稳定写入raw_msg。Tests
新增测试:
覆盖场景:
RawData::Bytes中包含非法 UTF-8 字节。RawData::ArcBytes中包含非法 UTF-8 字节。copy_raw不返回错误。raw_msg字段内容等于 lossy UTF-8 后的结果。保留并通过既有测试:
Verification
已在
wp-lang仓库执行:验证结果:
User Impact
修复前:
修复后:
非法字节在
raw_msg中会显示为替代字符�。Risk
风险较低。
该改动只影响
copy_raw对 bytes payload 的处理方式。行为变化:
copy_raw返回错误。�并写入raw_msg。如果未来需要保留完全原始的二进制内容,应新增专门的 bytes/base64/hex 类型或编码策略,而不应继续放入
chars类型字段。Related Issue