Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91

Removed invalid UUID error from Apple MDM UDID. (#25074)

Browse source 
#24961 

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
This commit is contained in:
Victor Lyuboslavsky 2025-01-01 18:44:09 -06:00 committed by GitHub
parent feedb5070a
commit eef175756a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 6 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
changes/24961-invalid-uuid Normal file
View file

@ -0,0 +1 @@
Removed `invalid UUID` log message when validating Apple MDM UDID.

14
server/mdm/nanomdm/storage/mysql/queue.go
View file

@ -7,7 +7,6 @@ import (
"fmt"
"strings"
"github.com/fleetdm/fleet/v4/server/contexts/ctxerr"
"github.com/fleetdm/fleet/v4/server/datastore/mysql/common_mysql"
"github.com/fleetdm/fleet/v4/server/mdm/nanomdm/mdm"
"github.com/google/uuid"
@ -195,17 +194,14 @@ func (m *MySQLStorage) RetrieveNextCommand(r *mdm.Request, skipNotNow bool) (*md
command := new(mdm.CommandWithSubtype)
id := "?"
var args []interface{}
// Validate the ID to avoid SQL injection.
// This performance optimization eliminates the prepare statement for this frequent query.
// Eventually, we should use binary storage for id (UUID).
// This performance optimization eliminates the prepare statement for this frequent query for macOS devices.
// For macOS devices, UDID is a UUID, so we can validate it and use it directly in the query.
if err := uuid.Validate(r.ID); err == nil {
id = "'" + r.ID + "'"
} else {
err = ctxerr.Wrap(r.Context, err, "device ID is not a valid UUID: %s", r.ID)
m.logger.Info("msg", "device ID is not a UUID", "device_id", r.ID, "err", err)
// Handle the error by sending it to Redis to be included in aggregated statistics.
// Before switching UUID to use binary storage, we should ensure that this error rate is low/none.
ctxerr.Handle(r.Context, err)
// iOS devices have a UDID that is not a valid UUID.
// User enrollments have their own identifier, which is not a UUID.
// We use a prepared statement for these cases to avoid SQL injection.
args = append(args, r.ID)
}
err := m.reader(r.Context).QueryRowxContext(