Skip to content

[TT-15560] added batchbytes configs and unit testing for kafka #889

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
andrei-tyk merged 9 commits into from
Oct 13, 2025
+241 −2

Merge branch 'master' into TT-15560-Add-batchbytes-config-for-Kafka-pump

02c34db
Select commit
Loading
Failed to load commit list.
Merged

[TT-15560] added batchbytes configs and unit testing for kafka #889

Merge branch 'master' into TT-15560-Add-batchbytes-config-for-Kafka-pump
02c34db
Select commit
Loading
Failed to load commit list.
probelabs / Visor: security succeeded Oct 13, 2025 in 5m 1s

✅ Check Passed (Warnings Found)

security check passed. Found 2 warnings, but fail_if condition was not met.

Details

📊 Summary

  • Total Issues: 2
  • Warning Issues: 2

🐛 Issues by Category

🔐 Security (1)

  • ⚠️ pumps/kafka.go:185 - The batch_bytes configuration parameter lacks an upper limit. A malicious or misconfigured user could provide an extremely large value, causing the application to allocate excessive memory for the message batch. This could lead to an Out-of-Memory (OOM) error, resulting in a Denial of Service (DoS).

🧠 Logic (1)

  • ⚠️ pumps/kafka.go:186 - The application handles an invalid negative batch_bytes configuration by logging an error and then proceeding with a default value (0). This approach can mask configuration issues, as the error may be missed in logs, leading the service to run with unintended performance characteristics. A better practice for invalid configuration is to fail fast.

Generated by Visor - AI-powered code review

Annotations

Check warning on line 189 in pumps/kafka.go

See this annotation in the file changed.

@probelabs probelabs / Visor: security

security Issue 

The `batch_bytes` configuration parameter lacks an upper limit. A malicious or misconfigured user could provide an extremely large value, causing the application to allocate excessive memory for the message batch. This could lead to an Out-of-Memory (OOM) error, resulting in a Denial of Service (DoS).
Raw output 
Implement a validation check to enforce a reasonable maximum value for `batch_bytes`. If the configured value exceeds this limit, the pump should either cap the value at the maximum and log a warning, or return an error during initialization to prevent starting with a potentially dangerous configuration.

Check warning on line 187 in pumps/kafka.go

See this annotation in the file changed.

@probelabs probelabs / Visor: security

logic Issue 

The application handles an invalid negative `batch_bytes` configuration by logging an error and then proceeding with a default value (0). This approach can mask configuration issues, as the error may be missed in logs, leading the service to run with unintended performance characteristics. A better practice for invalid configuration is to fail fast.
Raw output 
Instead of logging and continuing, return an error from the `Init` function when `k.kafkaConf.BatchBytes` is negative. This ensures that the application will not start in a misconfigured state, making the problem immediately apparent to the operator.
View more details on probelabs