Skip to content

test: Add HTTP test for deep JSON in repository index requests#8745

Open
pskiran1 wants to merge 4 commits intomainfrom
spolisetty/tri-868-psirt-triton-nested-json-parsing-causes-denial-of-service
Open

test: Add HTTP test for deep JSON in repository index requests#8745
pskiran1 wants to merge 4 commits intomainfrom
spolisetty/tri-868-psirt-triton-nested-json-parsing-causes-denial-of-service

Conversation

@pskiran1
Copy link
Copy Markdown
Member

@pskiran1 pskiran1 commented Apr 16, 2026
edited
Loading

What does the PR do?

This PR adds a new HTTP QA regression test intended to ensure Triton’s /v2/repository/index request handling remains robust (and the server stays live) when presented with extremely deeply nested JSON input.

Checklist

  • PR title reflects the change and is of format <commit_type>: <Title>
  • Changes are described in the pull request.
  • Related issues are referenced.
  • Populated github labels field
  • Added test plan and verified test passes.
  • Verified that the PR passes existing CI.
  • Verified copyright is correct on all changed files.
  • Added succinct git squash message before merging ref.
  • All template sections are filled out.
  • Optional: Additional screenshots for behavior/output changes with before/after.

Commit Type:

Check the conventional commit type
box here and add the label to the github PR.

  • build
  • ci
  • docs
  • feat
  • fix
  • perf
  • refactor
  • revert
  • style
  • test

Related PRs: triton-inference-server/common#156

Where should the reviewer start?

Test plan:

  • CI Pipeline ID: 48692947

Caveats:

Background

Related Issues: (use one of the action keywords Closes / Fixes / Resolves / Relates to)

  • closes GitHub issue: #xxx

@pskiran1 pskiran1 added the PR: test Adding missing tests or correcting existing test label Apr 16, 2026
@pskiran1 pskiran1 requested a review from Copilot April 16, 2026 13:56
Copilot AI reviewed Apr 16, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new HTTP QA regression test intended to ensure Triton’s /v2/repository/index request handling remains robust (and the server stays live) when presented with extremely deeply nested JSON input.

Changes:

  • Add a new Python HTTP test that posts a deeply-nested JSON payload to /v2/repository/index and verifies the server remains live.
  • Update the L0 HTTP test harness to expect one additional Python unit test.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
qa/L0_http/test.sh Bumps expected Python test count from 13 to 14 to include the new test.
qa/L0_http/http_test.py Adds test_repository_index_deeply_nested_json to exercise deep JSON parsing on repository index requests and then checks liveness.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread qa/L0_http/http_test.py
@pskiran1 pskiran1 mentioned this pull request Apr 16, 2026
Open
whoisj
whoisj previously approved these changes Apr 17, 2026
View reviewed changes
@pskiran1
Merge branch 'main' of https://github.com/triton-inference-server/server
6b712df 
 into spolisetty/tri-868-psirt-triton-nested-json-parsing-causes-denial-of-service
yinggeh
yinggeh requested changes Apr 20, 2026
View reviewed changes
Comment thread qa/L0_http/http_test.py
Comment on lines +441 to +445
self.assertEqual(
500,
response.status_code,
"Expected repository index request to fail on invalid 'ready' type.",
)
Copy link
Copy Markdown
Contributor

@yinggeh yinggeh Apr 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Assertion of error message was missing.

Copy link
Copy Markdown
Member Author

@pskiran1 pskiran1 Apr 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added error message assertion.

Comment thread qa/L0_http/http_test.py Outdated
timeout=60,
)
self.assertEqual(
500,
Copy link
Copy Markdown
Contributor

@yinggeh yinggeh Apr 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why 500 server error instead of 400 bad request?

Copy link
Copy Markdown
Member Author

@pskiran1 pskiran1 Apr 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the note. Updated server to return 400 if a non-boolean value is provided.

@pskiran1 pskiran1 requested a review from yinggeh April 20, 2026 14:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@whoisj whoisj whoisj left review comments

@mattwittwer mattwittwer Awaiting requested review from mattwittwer

@yinggeh yinggeh Awaiting requested review from yinggeh

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

PR: test Adding missing tests or correcting existing test

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@pskiran1 @whoisj @yinggeh