Skip to content

fix(obfuscation/http)!: fuzzer fixes [APMSP-2670]#1684

Open
Eldolfin wants to merge 63 commits intomainfrom
oscarld/obfuscation-http-parity
Open

fix(obfuscation/http)!: fuzzer fixes [APMSP-2670]#1684
Eldolfin wants to merge 63 commits intomainfrom
oscarld/obfuscation-http-parity

Conversation

@Eldolfin
Copy link
Contributor

@Eldolfin Eldolfin commented Mar 6, 2026
edited
Loading

What does this PR do?

Ran a fuzzer to find output difference between this obfuscator and the agent's obfuscator, fixed issues one by one, even the nonsensical edge cases.

Motivation

Reach 100% parity between obfuscation libs.

Additional Notes

  • Semver check shows breaking changes because the url crates dependencies were implementing their traits but it's not a real breaking change

How to test the change?

Here is the list of input that are fixed in this PR (one per line). These are obviously not correct urls but we need to get the exact same outputs as the agent even in these cases.

 ჸ
!
!#ჸ
!?ჸ
!ჸ
#
#!ჸ
##
#%
#'ჸ
#\u0001
#\u0001ჸ
#ჸ
%
%
%30ჸ
%802
.
.#
.#ჸ
../ჸ
/ჸ
0
:
:
:#\u0001
<!
?#
?#ჸ
?#ჸ
?ჸ
?ჸ#ჸ
A:ჸ
C:#
C:\u0001
[ჸ
\"!
\\
\\ჸ
\u0001
\u0001C:
\u0010
\u0010ჸ
ჸ
ჸ#
ჸ#!
ჸ#%
ჸ#%\u0001
ჸ#'ჸ
ჸ#0
ჸ#\u0010
􅙐%񭯐𵲸󴛏񾰻#󹱐ꦿ𔳕�𭄄!!࡫󃩐ۓ򹏤􂆮͡􏃁􏿯(࡫\u0002󃩐ۓ򹏤􂆮ߤꬃ
ჸ?#
ჸ?%
ჸ?ჸ
򑲸򒌯झ񄶰#\u0003\n񛭐򒗙򒗕򒗕򒗕򒗕䕞򚜍𽋿􎽏򇌇\u0006􎼊�򭟥̿筚͡➑\u0002{􍸓��'
򑲸򒌯झ񄶰#\u0003\n񛭐򒗙򒗕򒗕򒗕򒗕䕞򚜍𽋿􎽏򇌇\u0006􎼊�򭟥̿筚͡➑\u0002{􍸓��'
򑲸򒌯झ񄶰#\u0003\n񛭐򒗙򒗕򒗕򒗕򒗕䕞򚜍𽋿􎽏򇌇\u0006􎼊�򭟥̿筚͡➑\u0002{􍸓��'

@Eldolfin Eldolfin requested a review from Copilot March 6, 2026 16:05
@github-actions
Copy link

github-actions bot commented Mar 6, 2026
edited
Loading

Clippy Allow Annotation Report

Comparing clippy allow annotations between branches:

  • Base Branch: origin/main
  • PR Branch: origin/oscarld/obfuscation-http-parity

Summary by Rule

Rule Base Branch PR Branch Change
unwrap_used 1 0 ✅ -1 (-100.0%)
Total 1 0 ✅ -1 (-100.0%)

Annotation Counts by File

File Base Branch PR Branch Change
libdd-trace-obfuscation/src/http.rs 1 0 ✅ -1 (-100.0%)

Annotation Stats by Crate

Crate Base Branch PR Branch Change
clippy-annotation-reporter 5 5 No change (0%)
datadog-ffe-ffi 1 1 No change (0%)
datadog-ipc 28 28 No change (0%)
datadog-live-debugger 6 6 No change (0%)
datadog-live-debugger-ffi 10 10 No change (0%)
datadog-profiling-replayer 4 4 No change (0%)
datadog-remote-config 3 3 No change (0%)
datadog-sidecar 59 59 No change (0%)
libdd-common 10 10 No change (0%)
libdd-common-ffi 12 12 No change (0%)
libdd-data-pipeline 5 5 No change (0%)
libdd-ddsketch 2 2 No change (0%)
libdd-dogstatsd-client 1 1 No change (0%)
libdd-profiling 13 13 No change (0%)
libdd-telemetry 19 19 No change (0%)
libdd-tinybytes 4 4 No change (0%)
libdd-trace-normalization 2 2 No change (0%)
libdd-trace-obfuscation 9 8 ✅ -1 (-11.1%)
libdd-trace-utils 15 15 No change (0%)
Total 208 207 ✅ -1 (-0.5%)

About This Report

This report tracks Clippy allow annotations for specific rules, showing how they've changed in this PR. Decreasing the number of these annotations generally improves code quality.

@github-actions
Copy link

github-actions bot commented Mar 6, 2026
edited
Loading

📚 Documentation Check Results

⚠️ 522 documentation warning(s) found

📦 libdd-trace-obfuscation - 522 warning(s)

Updated: 2026-03-12 16:49:32 UTC | Commit: 9024ff9 | missing-docs job results

@Eldolfin Eldolfin force-pushed the oscarld/obfuscation-http-parity branch from 694c677 to 43100ec Compare March 6, 2026 16:10

This comment was marked as duplicate.

Sign in to view

@github-actions
Copy link

github-actions bot commented Mar 6, 2026
edited
Loading

🔒 Cargo Deny Results

No issues found!

📦 libdd-trace-obfuscation - ✅ No issues

Updated: 2026-03-12 16:52:24 UTC | Commit: 9024ff9 | dependency-check job results

@pr-commenter
Copy link

pr-commenter bot commented Mar 6, 2026
edited
Loading

Benchmarks

Comparison

Benchmark execution time: 2026-03-12 16:54:21

Comparing candidate commit 8db3fd4 in PR branch oscarld/obfuscation-http-parity with baseline commit 8fae837 in branch main.

Found 6 performance improvements and 0 performance regressions! Performance is the same for 52 metrics, 2 unstable metrics.

Explanation

This is an A/B test comparing a candidate commit's performance against that of a baseline commit. Performance changes are noted in the tables below as:

  • 🟩 = significantly better candidate vs. baseline
  • 🟥 = significantly worse candidate vs. baseline

We compute a confidence interval (CI) over the relative difference of means between metrics from the candidate and baseline commits, considering the baseline as the reference.

If the CI is entirely outside the configured SIGNIFICANT_IMPACT_THRESHOLD (or the deprecated UNCONFIDENCE_THRESHOLD), the change is considered significant.

Feel free to reach out to #apm-benchmarking-platform on Slack if you have any questions.

More details about the CI and significant changes

You can imagine this CI as a range of values that is likely to contain the true difference of means between the candidate and baseline commits.

CIs of the difference of means are often centered around 0%, because often changes are not that big:

---------------------------------(------|---^--------)-------------------------------->
                              -0.6%    0%  0.3%     +1.2%
                                 |          |        |
         lower bound of the CI --'          |        |
sample mean (center of the CI) -------------'        |
         upper bound of the CI ----------------------'

As described above, a change is considered significant if the CI is entirely outside the configured SIGNIFICANT_IMPACT_THRESHOLD (or the deprecated UNCONFIDENCE_THRESHOLD).

For instance, for an execution time metric, this confidence interval indicates a significantly worse performance:

----------------------------------------|---------|---(---------^---------)---------->
                                       0%        1%  1.3%      2.2%      3.1%
                                                  |   |         |         |
       significant impact threshold --------------'   |         |         |
                      lower bound of CI --------------'         |         |
       sample mean (center of the CI) --------------------------'         |
                      upper bound of CI ----------------------------------'

scenario:concentrator/add_spans_to_concentrator

  • 🟩 execution_time [-2.326ms; -2.321ms] or [-17.842%; -17.801%]

scenario:credit_card/is_card_number/ 3782-8224-6310-005

  • 🟩 execution_time [-4.323µs; -4.110µs] or [-5.403%; -5.138%]
  • 🟩 throughput [+678369.196op/s; +715197.811op/s] or [+5.427%; +5.722%]

scenario:credit_card/is_card_number_no_luhn/ 3782-8224-6310-005

  • 🟩 execution_time [-2.898µs; -2.720µs] or [-4.410%; -4.140%]
  • 🟩 throughput [+658908.610op/s; +703768.459op/s] or [+4.329%; +4.624%]

scenario:sql/obfuscate_sql_string

  • 🟩 execution_time [-3.692µs; -3.603µs] or [-4.139%; -4.039%]

Candidate

Candidate benchmark details

Group 1

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
normalization/normalize_name/normalize_name/Too-Long-.Too-Long-.Too-Long-.Too-Long-.Too-Long-.Too-Lo... execution_time 204.784µs 205.806µs ± 0.669µs 205.723µs ± 0.523µs 206.276µs 206.922µs 207.558µs 208.344µs 1.27% 0.681 0.289 0.32% 0.047µs 1 200
normalization/normalize_name/normalize_name/Too-Long-.Too-Long-.Too-Long-.Too-Long-.Too-Long-.Too-Lo... throughput 4799755.498op/s 4858998.578op/s ± 15760.890op/s 4860894.985op/s ± 12374.650op/s 4872557.922op/s 4879265.129op/s 4882408.852op/s 4883188.844op/s 0.46% -0.663 0.236 0.32% 1114.463op/s 1 200
normalization/normalize_name/normalize_name/bad-name execution_time 18.577µs 18.713µs ± 0.109µs 18.672µs ± 0.036µs 18.762µs 18.901µs 19.041µs 19.375µs 3.77% 2.123 7.024 0.58% 0.008µs 1 200
normalization/normalize_name/normalize_name/bad-name throughput 51612451.723op/s 53441229.378op/s ± 307160.078op/s 53556467.131op/s ± 102938.854op/s 53641246.213op/s 53725740.070op/s 53765473.671op/s 53829047.157op/s 0.51% -2.047 6.423 0.57% 21719.497op/s 1 200
normalization/normalize_name/normalize_name/good execution_time 10.803µs 10.928µs ± 0.050µs 10.927µs ± 0.034µs 10.960µs 11.014µs 11.076µs 11.087µs 1.47% 0.426 0.342 0.46% 0.004µs 1 200
normalization/normalize_name/normalize_name/good throughput 90195414.217op/s 91509569.925op/s ± 418242.452op/s 91518984.602op/s ± 282918.822op/s 91807688.123op/s 92125402.228op/s 92358996.403op/s 92563805.432op/s 1.14% -0.396 0.295 0.46% 29574.207op/s 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
normalization/normalize_name/normalize_name/Too-Long-.Too-Long-.Too-Long-.Too-Long-.Too-Long-.Too-Lo... execution_time [205.713µs; 205.899µs] or [-0.045%; +0.045%] None None None
normalization/normalize_name/normalize_name/Too-Long-.Too-Long-.Too-Long-.Too-Long-.Too-Long-.Too-Lo... throughput [4856814.271op/s; 4861182.886op/s] or [-0.045%; +0.045%] None None None
normalization/normalize_name/normalize_name/bad-name execution_time [18.698µs; 18.728µs] or [-0.081%; +0.081%] None None None
normalization/normalize_name/normalize_name/bad-name throughput [53398659.945op/s; 53483798.810op/s] or [-0.080%; +0.080%] None None None
normalization/normalize_name/normalize_name/good execution_time [10.921µs; 10.935µs] or [-0.063%; +0.063%] None None None
normalization/normalize_name/normalize_name/good throughput [91451605.544op/s; 91567534.307op/s] or [-0.063%; +0.063%] None None None

Group 2

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
benching deserializing traces from msgpack to their internal representation execution_time 48.857ms 49.397ms ± 1.288ms 49.241ms ± 0.182ms 49.424ms 49.666ms 54.308ms 62.453ms 26.83% 8.486 76.176 2.60% 0.091ms 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
benching deserializing traces from msgpack to their internal representation execution_time [49.219ms; 49.576ms] or [-0.361%; +0.361%] None None None

Group 3

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
normalization/normalize_service/normalize_service/A0000000000000000000000000000000000000000000000000... execution_time 493.421µs 494.155µs ± 0.583µs 494.086µs ± 0.273µs 494.370µs 494.770µs 495.320µs 500.311µs 1.26% 6.071 60.613 0.12% 0.041µs 1 200
normalization/normalize_service/normalize_service/A0000000000000000000000000000000000000000000000000... throughput 1998758.105op/s 2023658.378op/s ± 2368.942op/s 2023937.673op/s ± 1116.824op/s 2024978.504op/s 2026026.631op/s 2026547.972op/s 2026668.480op/s 0.13% -5.981 59.331 0.12% 167.510op/s 1 200
normalization/normalize_service/normalize_service/Data🐨dog🐶 繋がっ⛰てて execution_time 369.995µs 370.588µs ± 0.269µs 370.581µs ± 0.166µs 370.742µs 371.049µs 371.293µs 371.750µs 0.32% 0.563 1.076 0.07% 0.019µs 1 200
normalization/normalize_service/normalize_service/Data🐨dog🐶 繋がっ⛰てて throughput 2689976.994op/s 2698412.921op/s ± 1955.294op/s 2698463.167op/s ± 1207.819op/s 2699701.704op/s 2701570.916op/s 2702119.372op/s 2702741.767op/s 0.16% -0.557 1.058 0.07% 138.260op/s 1 200
normalization/normalize_service/normalize_service/Test Conversion 0f Weird !@#$%^&**() Characters execution_time 167.343µs 167.655µs ± 0.166µs 167.640µs ± 0.090µs 167.731µs 167.903µs 168.049µs 168.911µs 0.76% 2.462 15.166 0.10% 0.012µs 1 200
normalization/normalize_service/normalize_service/Test Conversion 0f Weird !@#$%^&**() Characters throughput 5920279.173op/s 5964646.044op/s ± 5895.078op/s 5965167.998op/s ± 3210.349op/s 5968210.259op/s 5971386.684op/s 5974982.515op/s 5975763.692op/s 0.18% -2.429 14.853 0.10% 416.845op/s 1 200
normalization/normalize_service/normalize_service/[empty string] execution_time 37.104µs 37.223µs ± 0.072µs 37.217µs ± 0.027µs 37.245µs 37.298µs 37.328µs 38.046µs 2.23% 7.426 82.499 0.19% 0.005µs 1 200
normalization/normalize_service/normalize_service/[empty string] throughput 26284069.566op/s 26865492.189op/s ± 51417.906op/s 26869621.877op/s ± 19544.968op/s 26887939.649op/s 26913518.735op/s 26939673.203op/s 26951609.653op/s 0.31% -7.257 79.974 0.19% 3635.795op/s 1 200
normalization/normalize_service/normalize_service/test_ASCII execution_time 45.470µs 45.637µs ± 0.098µs 45.628µs ± 0.039µs 45.672µs 45.734µs 45.804µs 46.712µs 2.38% 6.706 72.069 0.21% 0.007µs 1 200
normalization/normalize_service/normalize_service/test_ASCII throughput 21407760.028op/s 21912065.882op/s ± 46164.925op/s 21916473.883op/s ± 18588.928op/s 21930048.993op/s 21964085.109op/s 21980107.825op/s 21992624.651op/s 0.35% -6.522 69.433 0.21% 3264.353op/s 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
normalization/normalize_service/normalize_service/A0000000000000000000000000000000000000000000000000... execution_time [494.074µs; 494.236µs] or [-0.016%; +0.016%] None None None
normalization/normalize_service/normalize_service/A0000000000000000000000000000000000000000000000000... throughput [2023330.066op/s; 2023986.691op/s] or [-0.016%; +0.016%] None None None
normalization/normalize_service/normalize_service/Data🐨dog🐶 繋がっ⛰てて execution_time [370.551µs; 370.626µs] or [-0.010%; +0.010%] None None None
normalization/normalize_service/normalize_service/Data🐨dog🐶 繋がっ⛰てて throughput [2698141.936op/s; 2698683.906op/s] or [-0.010%; +0.010%] None None None
normalization/normalize_service/normalize_service/Test Conversion 0f Weird !@#$%^&**() Characters execution_time [167.632µs; 167.678µs] or [-0.014%; +0.014%] None None None
normalization/normalize_service/normalize_service/Test Conversion 0f Weird !@#$%^&**() Characters throughput [5963829.043op/s; 5965463.045op/s] or [-0.014%; +0.014%] None None None
normalization/normalize_service/normalize_service/[empty string] execution_time [37.213µs; 37.233µs] or [-0.027%; +0.027%] None None None
normalization/normalize_service/normalize_service/[empty string] throughput [26858366.162op/s; 26872618.216op/s] or [-0.027%; +0.027%] None None None
normalization/normalize_service/normalize_service/test_ASCII execution_time [45.624µs; 45.651µs] or [-0.030%; +0.030%] None None None
normalization/normalize_service/normalize_service/test_ASCII throughput [21905667.867op/s; 21918463.897op/s] or [-0.029%; +0.029%] None None None

Group 4

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
profile_add_sample_frames_x1000 execution_time 4.150ms 4.156ms ± 0.009ms 4.154ms ± 0.001ms 4.155ms 4.161ms 4.188ms 4.247ms 2.25% 6.968 61.261 0.21% 0.001ms 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
profile_add_sample_frames_x1000 execution_time [4.154ms; 4.157ms] or [-0.029%; +0.029%] None None None

Group 5

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
profile_add_sample2_frames_x1000 execution_time 721.889µs 723.205µs ± 0.748µs 723.153µs ± 0.350µs 723.518µs 724.120µs 724.852µs 730.331µs 0.99% 4.400 39.576 0.10% 0.053µs 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
profile_add_sample2_frames_x1000 execution_time [723.101µs; 723.308µs] or [-0.014%; +0.014%] None None None

Group 6

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
write only interface execution_time 1.164µs 3.220µs ± 1.435µs 3.001µs ± 0.030µs 3.030µs 3.660µs 14.114µs 14.721µs 390.59% 7.318 54.774 44.44% 0.101µs 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
write only interface execution_time [3.021µs; 3.419µs] or [-6.175%; +6.175%] None None None

Group 7

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
concentrator/add_spans_to_concentrator execution_time 10.684ms 10.713ms ± 0.014ms 10.710ms ± 0.009ms 10.721ms 10.737ms 10.751ms 10.781ms 0.66% 0.971 1.989 0.13% 0.001ms 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
concentrator/add_spans_to_concentrator execution_time [10.711ms; 10.715ms] or [-0.018%; +0.018%] None None None

Group 8

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
receiver_entry_point/report/2598 execution_time 3.583ms 3.624ms ± 0.025ms 3.615ms ± 0.010ms 3.629ms 3.679ms 3.704ms 3.716ms 2.79% 1.486 1.705 0.69% 0.002ms 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
receiver_entry_point/report/2598 execution_time [3.620ms; 3.627ms] or [-0.096%; +0.096%] None None None

Group 9

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
two way interface execution_time 17.675µs 25.653µs ± 9.815µs 17.925µs ± 0.192µs 34.472µs 43.095µs 47.523µs 62.338µs 247.76% 0.834 -0.351 38.16% 0.694µs 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
two way interface execution_time [24.293µs; 27.013µs] or [-5.302%; +5.302%] None None None

Group 10

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
tags/replace_trace_tags execution_time 2.385µs 2.405µs ± 0.012µs 2.401µs ± 0.006µs 2.410µs 2.429µs 2.436µs 2.444µs 1.78% 1.099 0.713 0.48% 0.001µs 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
tags/replace_trace_tags execution_time [2.403µs; 2.406µs] or [-0.067%; +0.067%] None None None

Group 11

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
ip_address/quantize_peer_ip_address_benchmark execution_time 4.958µs 5.004µs ± 0.036µs 4.984µs ± 0.016µs 5.041µs 5.063µs 5.065µs 5.070µs 1.73% 0.561 -1.331 0.72% 0.003µs 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
ip_address/quantize_peer_ip_address_benchmark execution_time [4.999µs; 5.009µs] or [-0.100%; +0.100%] None None None

Group 12

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
normalization/normalize_trace/test_trace execution_time 243.334ns 253.576ns ± 12.183ns 248.074ns ± 2.677ns 253.859ns 281.623ns 292.915ns 294.840ns 18.85% 1.810 2.353 4.79% 0.861ns 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
normalization/normalize_trace/test_trace execution_time [251.887ns; 255.264ns] or [-0.666%; +0.666%] None None None

Group 13

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
benching string interning on wordpress profile execution_time 164.407µs 165.111µs ± 0.273µs 165.074µs ± 0.165µs 165.280µs 165.569µs 165.775µs 166.335µs 0.76% 0.811 1.598 0.16% 0.019µs 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
benching string interning on wordpress profile execution_time [165.073µs; 165.149µs] or [-0.023%; +0.023%] None None None

Group 14

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
credit_card/is_card_number/ execution_time 3.896µs 3.913µs ± 0.003µs 3.913µs ± 0.002µs 3.915µs 3.917µs 3.918µs 3.922µs 0.24% -0.962 8.265 0.07% 0.000µs 1 200
credit_card/is_card_number/ throughput 254967271.383op/s 255562094.910op/s ± 167659.686op/s 255579561.926op/s ± 108213.032op/s 255671894.608op/s 255768818.159op/s 255828859.046op/s 256661702.196op/s 0.42% 0.980 8.383 0.07% 11855.330op/s 1 200
credit_card/is_card_number/ 3782-8224-6310-005 execution_time 74.321µs 75.784µs ± 0.762µs 75.726µs ± 0.596µs 76.297µs 77.122µs 77.604µs 78.083µs 3.11% 0.418 -0.220 1.00% 0.054µs 1 200
credit_card/is_card_number/ 3782-8224-6310-005 throughput 12806931.843op/s 13196757.579op/s ± 132183.557op/s 13205418.830op/s ± 104824.242op/s 13309480.141op/s 13396813.659op/s 13432682.572op/s 13455231.662op/s 1.89% -0.370 -0.286 1.00% 9346.789op/s 1 200
credit_card/is_card_number/ 378282246310005 execution_time 68.466µs 68.647µs ± 0.086µs 68.650µs ± 0.050µs 68.694µs 68.767µs 68.860µs 69.181µs 0.77% 1.173 6.677 0.12% 0.006µs 1 200
credit_card/is_card_number/ 378282246310005 throughput 14454794.363op/s 14567375.564op/s ± 18123.308op/s 14566748.483op/s ± 10647.500op/s 14578069.481op/s 14597200.038op/s 14602430.444op/s 14605845.259op/s 0.27% -1.146 6.500 0.12% 1281.511op/s 1 200
credit_card/is_card_number/37828224631 execution_time 3.893µs 3.913µs ± 0.003µs 3.913µs ± 0.002µs 3.915µs 3.918µs 3.920µs 3.923µs 0.24% -1.370 12.576 0.07% 0.000µs 1 200
credit_card/is_card_number/37828224631 throughput 254935739.437op/s 255545040.381op/s ± 182263.718op/s 255555609.992op/s ± 100928.452op/s 255654249.833op/s 255764930.038op/s 255837197.411op/s 256861085.184op/s 0.51% 1.397 12.780 0.07% 12887.991op/s 1 200
credit_card/is_card_number/378282246310005 execution_time 64.642µs 64.859µs ± 0.141µs 64.834µs ± 0.086µs 64.936µs 65.097µs 65.289µs 65.572µs 1.14% 1.304 3.178 0.22% 0.010µs 1 200
credit_card/is_card_number/378282246310005 throughput 15250503.291op/s 15418093.755op/s ± 33539.572op/s 15423961.413op/s ± 20464.908op/s 15441861.403op/s 15461725.207op/s 15467822.336op/s 15469903.303op/s 0.30% -1.282 3.064 0.22% 2371.606op/s 1 200
credit_card/is_card_number/37828224631000521389798 execution_time 45.377µs 45.694µs ± 0.142µs 45.696µs ± 0.107µs 45.802µs 45.923µs 45.951µs 46.032µs 0.74% -0.058 -0.721 0.31% 0.010µs 1 200
credit_card/is_card_number/37828224631000521389798 throughput 21724031.004op/s 21885070.952op/s ± 68205.174op/s 21883730.547op/s ± 51081.257op/s 21934740.808op/s 21997216.068op/s 22026788.309op/s 22037769.114op/s 0.70% 0.070 -0.719 0.31% 4822.834op/s 1 200
credit_card/is_card_number/x371413321323331 execution_time 6.431µs 6.439µs ± 0.004µs 6.439µs ± 0.003µs 6.442µs 6.446µs 6.448µs 6.452µs 0.19% 0.122 -0.517 0.07% 0.000µs 1 200
credit_card/is_card_number/x371413321323331 throughput 154993343.963op/s 155298111.869op/s ± 103299.788op/s 155292646.194op/s ± 75243.946op/s 155378973.344op/s 155465655.497op/s 155487072.300op/s 155500780.056op/s 0.13% -0.119 -0.519 0.07% 7304.398op/s 1 200
credit_card/is_card_number_no_luhn/ execution_time 3.891µs 3.912µs ± 0.003µs 3.912µs ± 0.002µs 3.914µs 3.917µs 3.920µs 3.921µs 0.23% -1.199 9.840 0.08% 0.000µs 1 200
credit_card/is_card_number_no_luhn/ throughput 255043113.362op/s 255614624.737op/s ± 199174.259op/s 255621254.908op/s ± 117646.579op/s 255737740.347op/s 255878193.332op/s 255927508.642op/s 256980576.752op/s 0.53% 1.223 10.016 0.08% 14083.747op/s 1 200
credit_card/is_card_number_no_luhn/ 3782-8224-6310-005 execution_time 61.193µs 62.896µs ± 0.638µs 62.904µs ± 0.410µs 63.291µs 63.885µs 64.477µs 64.697µs 2.85% -0.000 0.237 1.01% 0.045µs 1 200
credit_card/is_card_number_no_luhn/ 3782-8224-6310-005 throughput 15456692.777op/s 15900796.119op/s ± 161409.792op/s 15897287.926op/s ± 103605.730op/s 16005853.282op/s 16179489.689op/s 16312593.412op/s 16341698.124op/s 2.80% 0.068 0.237 1.01% 11413.396op/s 1 200
credit_card/is_card_number_no_luhn/ 378282246310005 execution_time 54.009µs 54.283µs ± 0.101µs 54.292µs ± 0.065µs 54.345µs 54.438µs 54.527µs 54.579µs 0.53% 0.097 -0.030 0.19% 0.007µs 1 200
credit_card/is_card_number_no_luhn/ 378282246310005 throughput 18322065.263op/s 18421936.971op/s ± 34349.708op/s 18418966.677op/s ± 21933.181op/s 18447632.745op/s 18476779.925op/s 18491315.020op/s 18515310.310op/s 0.52% -0.086 -0.037 0.19% 2428.891op/s 1 200
credit_card/is_card_number_no_luhn/37828224631 execution_time 3.895µs 3.914µs ± 0.003µs 3.914µs ± 0.002µs 3.916µs 3.918µs 3.920µs 3.921µs 0.18% -1.332 9.445 0.07% 0.000µs 1 200
credit_card/is_card_number_no_luhn/37828224631 throughput 255031305.691op/s 255496446.572op/s ± 181652.694op/s 255491607.689op/s ± 118940.436op/s 255615400.831op/s 255722102.217op/s 255793183.026op/s 256738816.368op/s 0.49% 1.353 9.602 0.07% 12844.785op/s 1 200
credit_card/is_card_number_no_luhn/378282246310005 execution_time 50.225µs 50.446µs ± 0.108µs 50.441µs ± 0.063µs 50.503µs 50.624µs 50.811µs 50.991µs 1.09% 1.226 4.086 0.21% 0.008µs 1 200
credit_card/is_card_number_no_luhn/378282246310005 throughput 19611465.179op/s 19823313.863op/s ± 42174.592op/s 19825013.221op/s ± 24660.761op/s 19851051.980op/s 19883572.548op/s 19906440.380op/s 19910413.196op/s 0.43% -1.197 3.955 0.21% 2982.194op/s 1 200
credit_card/is_card_number_no_luhn/37828224631000521389798 execution_time 45.369µs 45.700µs ± 0.140µs 45.717µs ± 0.099µs 45.800µs 45.920µs 45.947µs 45.970µs 0.55% -0.289 -0.604 0.31% 0.010µs 1 200
credit_card/is_card_number_no_luhn/37828224631000521389798 throughput 21753535.620op/s 21881831.478op/s ± 67086.405op/s 21873864.014op/s ± 47236.143op/s 21922383.307op/s 21999720.332op/s 22032485.167op/s 22041699.473op/s 0.77% 0.301 -0.595 0.31% 4743.725op/s 1 200
credit_card/is_card_number_no_luhn/x371413321323331 execution_time 6.429µs 6.437µs ± 0.004µs 6.437µs ± 0.002µs 6.439µs 6.444µs 6.448µs 6.452µs 0.24% 0.807 0.985 0.06% 0.000µs 1 200
credit_card/is_card_number_no_luhn/x371413321323331 throughput 154984842.103op/s 155348967.041op/s ± 95292.542op/s 155362425.600op/s ± 57110.636op/s 155416178.827op/s 155482432.899op/s 155515196.793op/s 155556474.257op/s 0.12% -0.802 0.974 0.06% 6738.200op/s 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
credit_card/is_card_number/ execution_time [3.913µs; 3.913µs] or [-0.009%; +0.009%] None None None
credit_card/is_card_number/ throughput [255538858.890op/s; 255585330.930op/s] or [-0.009%; +0.009%] None None None
credit_card/is_card_number/ 3782-8224-6310-005 execution_time [75.678µs; 75.889µs] or [-0.139%; +0.139%] None None None
credit_card/is_card_number/ 3782-8224-6310-005 throughput [13178438.209op/s; 13215076.948op/s] or [-0.139%; +0.139%] None None None
credit_card/is_card_number/ 378282246310005 execution_time [68.635µs; 68.659µs] or [-0.017%; +0.017%] None None None
credit_card/is_card_number/ 378282246310005 throughput [14564863.848op/s; 14569887.281op/s] or [-0.017%; +0.017%] None None None
credit_card/is_card_number/37828224631 execution_time [3.913µs; 3.914µs] or [-0.010%; +0.010%] None None None
credit_card/is_card_number/37828224631 throughput [255519780.382op/s; 255570300.379op/s] or [-0.010%; +0.010%] None None None
credit_card/is_card_number/378282246310005 execution_time [64.840µs; 64.879µs] or [-0.030%; +0.030%] None None None
credit_card/is_card_number/378282246310005 throughput [15413445.493op/s; 15422742.017op/s] or [-0.030%; +0.030%] None None None
credit_card/is_card_number/37828224631000521389798 execution_time [45.674µs; 45.713µs] or [-0.043%; +0.043%] None None None
credit_card/is_card_number/37828224631000521389798 throughput [21875618.371op/s; 21894523.534op/s] or [-0.043%; +0.043%] None None None
credit_card/is_card_number/x371413321323331 execution_time [6.439µs; 6.440µs] or [-0.009%; +0.009%] None None None
credit_card/is_card_number/x371413321323331 throughput [155283795.512op/s; 155312428.227op/s] or [-0.009%; +0.009%] None None None
credit_card/is_card_number_no_luhn/ execution_time [3.912µs; 3.913µs] or [-0.011%; +0.011%] None None None
credit_card/is_card_number_no_luhn/ throughput [255587021.101op/s; 255642228.374op/s] or [-0.011%; +0.011%] None None None
credit_card/is_card_number_no_luhn/ 3782-8224-6310-005 execution_time [62.808µs; 62.985µs] or [-0.141%; +0.141%] None None None
credit_card/is_card_number_no_luhn/ 3782-8224-6310-005 throughput [15878426.274op/s; 15923165.964op/s] or [-0.141%; +0.141%] None None None
credit_card/is_card_number_no_luhn/ 378282246310005 execution_time [54.269µs; 54.297µs] or [-0.026%; +0.026%] None None None
credit_card/is_card_number_no_luhn/ 378282246310005 throughput [18417176.432op/s; 18426697.510op/s] or [-0.026%; +0.026%] None None None
credit_card/is_card_number_no_luhn/37828224631 execution_time [3.914µs; 3.914µs] or [-0.010%; +0.010%] None None None
credit_card/is_card_number_no_luhn/37828224631 throughput [255471271.256op/s; 255521621.888op/s] or [-0.010%; +0.010%] None None None
credit_card/is_card_number_no_luhn/378282246310005 execution_time [50.431µs; 50.461µs] or [-0.030%; +0.030%] None None None
credit_card/is_card_number_no_luhn/378282246310005 throughput [19817468.870op/s; 19829158.855op/s] or [-0.029%; +0.029%] None None None
credit_card/is_card_number_no_luhn/37828224631000521389798 execution_time [45.681µs; 45.720µs] or [-0.042%; +0.042%] None None None
credit_card/is_card_number_no_luhn/37828224631000521389798 throughput [21872533.948op/s; 21891129.009op/s] or [-0.042%; +0.042%] None None None
credit_card/is_card_number_no_luhn/x371413321323331 execution_time [6.437µs; 6.438µs] or [-0.009%; +0.009%] None None None
credit_card/is_card_number_no_luhn/x371413321323331 throughput [155335760.411op/s; 155362173.670op/s] or [-0.009%; +0.009%] None None None

Group 15

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
redis/obfuscate_redis_string execution_time 33.494µs 33.940µs ± 0.735µs 33.619µs ± 0.052µs 33.702µs 35.370µs 35.401µs 38.378µs 14.16% 2.278 6.180 2.16% 0.052µs 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
redis/obfuscate_redis_string execution_time [33.839µs; 34.042µs] or [-0.300%; +0.300%] None None None

Group 16

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
sdk_test_data/rules-based execution_time 144.929µs 146.960µs ± 1.841µs 146.625µs ± 0.523µs 147.229µs 148.376µs 153.278µs 165.054µs 12.57% 6.175 51.194 1.25% 0.130µs 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
sdk_test_data/rules-based execution_time [146.704µs; 147.215µs] or [-0.174%; +0.174%] None None None

Group 17

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
benching serializing traces from their internal representation to msgpack execution_time 13.880ms 13.956ms ± 0.039ms 13.951ms ± 0.020ms 13.970ms 14.015ms 14.101ms 14.162ms 1.51% 1.687 5.350 0.28% 0.003ms 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
benching serializing traces from their internal representation to msgpack execution_time [13.951ms; 13.962ms] or [-0.038%; +0.038%] None None None

Group 18

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
sql/obfuscate_sql_string execution_time 85.360µs 85.563µs ± 0.215µs 85.539µs ± 0.045µs 85.588µs 85.679µs 85.893µs 88.374µs 3.31% 11.236 143.592 0.25% 0.015µs 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
sql/obfuscate_sql_string execution_time [85.533µs; 85.593µs] or [-0.035%; +0.035%] None None None

Group 19

cpu_model git_commit_sha git_commit_date git_branch
Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz 8db3fd4 1773333420 oscarld/obfuscation-http-parity
scenario metric min mean ± sd median ± mad p75 p95 p99 max peak_to_median_ratio skewness kurtosis cv sem runs sample_size
single_flag_killswitch/rules-based execution_time 190.366ns 192.552ns ± 1.998ns 192.371ns ± 1.257ns 193.239ns 196.334ns 199.855ns 200.239ns 4.09% 1.492 2.639 1.04% 0.141ns 1 200
scenario metric 95% CI mean Shapiro-Wilk pvalue Ljung-Box pvalue (lag=1) Dip test pvalue
single_flag_killswitch/rules-based execution_time [192.275ns; 192.829ns] or [-0.144%; +0.144%] None None None

Baseline

Omitted due to size.

@dd-octo-sts
Copy link
Contributor

dd-octo-sts bot commented Mar 6, 2026
edited
Loading

Artifact Size Benchmark Report

aarch64-alpine-linux-musl
Artifact Baseline Commit Change
/aarch64-alpine-linux-musl/lib/libdatadog_profiling.a 100.28 MB 100.28 MB 0% (0 B) 👌
/aarch64-alpine-linux-musl/lib/libdatadog_profiling.so 8.63 MB 8.63 MB 0% (0 B) 👌
aarch64-unknown-linux-gnu
Artifact Baseline Commit Change
/aarch64-unknown-linux-gnu/lib/libdatadog_profiling.so 11.21 MB 11.21 MB 0% (0 B) 👌
/aarch64-unknown-linux-gnu/lib/libdatadog_profiling.a 116.94 MB 116.94 MB 0% (0 B) 👌
libdatadog-x64-windows
Artifact Baseline Commit Change
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.dll 27.16 MB 27.16 MB 0% (0 B) 👌
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.lib 76.26 KB 76.26 KB 0% (0 B) 👌
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.pdb 186.01 MB 186.03 MB +0% (+16.00 KB) 👌
/libdatadog-x64-windows/debug/static/datadog_profiling_ffi.lib 917.14 MB 917.14 MB 0% (0 B) 👌
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.dll 9.93 MB 9.93 MB 0% (0 B) 👌
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.lib 76.26 KB 76.26 KB 0% (0 B) 👌
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.pdb 24.77 MB 24.77 MB 0% (0 B) 👌
/libdatadog-x64-windows/release/static/datadog_profiling_ffi.lib 51.43 MB 51.43 MB 0% (0 B) 👌
libdatadog-x86-windows
Artifact Baseline Commit Change
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.dll 22.97 MB 22.97 MB 0% (0 B) 👌
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.lib 77.44 KB 77.44 KB 0% (0 B) 👌
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.pdb 190.22 MB 190.19 MB --.01% (-32.00 KB) 💪
/libdatadog-x86-windows/debug/static/datadog_profiling_ffi.lib 900.80 MB 900.80 MB 0% (0 B) 👌
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.dll 7.53 MB 7.53 MB 0% (0 B) 👌
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.lib 77.44 KB 77.44 KB 0% (0 B) 👌
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.pdb 26.51 MB 26.51 MB 0% (0 B) 👌
/libdatadog-x86-windows/release/static/datadog_profiling_ffi.lib 47.05 MB 47.05 MB 0% (0 B) 👌
x86_64-alpine-linux-musl
Artifact Baseline Commit Change
/x86_64-alpine-linux-musl/lib/libdatadog_profiling.a 87.50 MB 87.50 MB 0% (0 B) 👌
/x86_64-alpine-linux-musl/lib/libdatadog_profiling.so 10.21 MB 10.21 MB 0% (0 B) 👌
x86_64-unknown-linux-gnu
Artifact Baseline Commit Change
/x86_64-unknown-linux-gnu/lib/libdatadog_profiling.a 109.81 MB 109.81 MB 0% (0 B) 👌
/x86_64-unknown-linux-gnu/lib/libdatadog_profiling.so 11.95 MB 11.95 MB 0% (0 B) 👌

@codecov-commenter
Copy link

codecov-commenter commented Mar 6, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 97.90210% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 71.42%. Comparing base (c37a7dd) to head (8db3fd4).
⚠️ Report is 10 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1684      +/-   ##
==========================================
+ Coverage   71.21%   71.42%   +0.20%     
==========================================
  Files         429      429              
  Lines       63504    63901     +397     
==========================================
+ Hits        45225    45641     +416     
+ Misses      18279    18260      -19
Components Coverage Δ
libdd-crashtracker 62.42% <ø> (+0.09%) ⬆️
libdd-crashtracker-ffi 17.18% <ø> (+0.61%) ⬆️
libdd-alloc 98.77% <ø> (ø)
libdd-data-pipeline 88.32% <ø> (-0.06%) ⬇️
libdd-data-pipeline-ffi 76.94% <ø> (-0.10%) ⬇️
libdd-common 79.73% <ø> (ø)
libdd-common-ffi 73.40% <ø> (ø)
libdd-telemetry 62.48% <ø> (ø)
libdd-telemetry-ffi 16.75% <ø> (ø)
libdd-dogstatsd-client 82.64% <ø> (ø)
datadog-ipc 80.35% <ø> (ø)
libdd-profiling 81.59% <ø> (ø)
libdd-profiling-ffi 63.65% <ø> (ø)
datadog-sidecar 32.61% <ø> (+0.12%) ⬆️
datdog-sidecar-ffi 8.35% <ø> (+0.53%) ⬆️
spawn-worker 54.69% <ø> (ø)
libdd-tinybytes 93.16% <ø> (ø)
libdd-trace-normalization 81.71% <ø> (ø)
libdd-trace-obfuscation 92.22% <97.90%> (+0.47%) ⬆️
libdd-trace-protobuf 68.25% <ø> (ø)
libdd-trace-utils 89.08% <ø> (ø)
datadog-tracer-flare 88.95% <ø> (-1.50%) ⬇️
libdd-log 74.69% <ø> (ø)
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@Eldolfin Eldolfin changed the title Oscarld/obfuscation http parity fix: obfuscation http parity Mar 9, 2026
@Eldolfin Eldolfin changed the title fix: obfuscation http parity fix: obfuscation http parity [APMSP-2670] Mar 9, 2026
@Eldolfin
Copy link
Contributor Author

Eldolfin commented Mar 9, 2026

For the kind of tests this fixes, it's not worth it given how much complexity it adds to a very simple function

@Eldolfin Eldolfin closed this Mar 9, 2026
@Eldolfin Eldolfin reopened this Mar 9, 2026
@Eldolfin Eldolfin marked this pull request as ready for review March 9, 2026 17:20
@Eldolfin Eldolfin requested review from a team as code owners March 9, 2026 17:20
@Eldolfin Eldolfin changed the title fix: obfuscation http parity [APMSP-2670] fix(obfuscation/http): fuzzer fixes [APMSP-2670] Mar 9, 2026
@Eldolfin Eldolfin requested a review from Copilot March 10, 2026 10:44
Copilot AI reviewed Mar 10, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 4 changed files in this pull request and generated 4 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Eldolfin added 7 commits March 10, 2026 18:40
@Eldolfin
UGLY(http): fix relative url obfuscation
368bac5
@Eldolfin
fix(http): fuzzing edge cases
405bf86
@Eldolfin
fix(http): fuzzing edge cases
fcae8ab
@Eldolfin
fix(http): reject invalid percent-encoding sequences like bare '%'
128aaa8 
Go's url.Parse rejects bare '%' and other invalid percent-encoding
sequences, returning an error which causes obfuscateURLString to
return "?". The url crate silently re-encodes them as '%25', so
add an explicit pre-check matching Go's behavior.

Fixes fuzzing testcase: http_fuzzing_594901251
@Eldolfin
fix(http): preserve dot path segments that url crate resolves away
54e0ee4 
Go's url.Parse stores "." and ".." path segments literally, while the
url crate's join() resolves them via RFC 3986 normalization (making them
empty after stripping the base). Return the original input when
go_like_reference returns empty for a non-empty input that already
passed all error checks (control chars, invalid percent-encoding).

Fixes fuzzing testcase: http_fuzzing_3638045804
@Eldolfin
fix(http): apply remove_path_digits to relative URL results
3291a32 
Go's url.Parse succeeds for relative URLs (like "0") and applies
path-digit removal to them. The Rust code was returning early from
the go_like_reference path without applying digit removal.

Add remove_relative_path_digits() helper and call it for relative URL
results when remove_path_digits=true.

Fixes fuzzing testcase: http_fuzzing_1928485962
@Eldolfin
fix(http): encode Go's extra path chars (!, ', (, ), *) for relative …
c47c680 
…URLs

Go's url.shouldEscape for encodePath does not allow !, ', (, ), * even though
RFC 3986 considers them valid sub-delimiters in path segments. The url crate
follows RFC 3986 and keeps them unencoded. Post-process go_like_reference
output to encode these characters to match Go's behavior.

Fixes fuzzing testcase: http_fuzzing_4273565798
Eldolfin added 19 commits March 10, 2026 18:40
@Eldolfin
fix(http): reject invalid %-encoding and strip empty fragment in opaq…
bd6a9d5 
…ue URIs

- Opaque URIs ending with bare '#' (e.g. "C:#") now strip the empty fragment
  to match Go's url.URL.String() which omits it
- When a URL has control chars in the fragment, also check the path for
  invalid percent-encoding before pre-encoding — previously this branch
  returned early and skipped the path validity check, causing inputs like
  "ჸ#%\u{1}" to return a percent-encoded result instead of "?"
@Eldolfin
fix(http): encode Cat2 chars (!, ', etc.) when path contains double-q…
0d94728 
…uote

Go's url.EscapedPath() calls escape() on the whole path whenever
validEncoded() returns false. validEncoded() returns false for any char
not in its explicit allowlist — including '\"' (double-quote). When
escape() is called, it also encodes Category 2 chars (!, ', (, ), *).

Add '\"' to the has_cat1 trigger check so that inputs containing '\"'
in the path also get Category 2 encoding, matching Go's behavior.
@Eldolfin
fix(http): reject percent-encoded non-UTF-8 sequences like Go
5c0526d 
Go's url.unescape validates that percent-encoded bytes in path/fragment
form valid UTF-8 sequences. The Rust implementation only checked for
syntactically invalid percent-encoding (wrong hex digits count), missing
cases like %80 (a lone UTF-8 continuation byte) which Go rejects.

Fix: collect consecutive percent-encoded bytes and validate with from_utf8.
@Eldolfin
fix(http): preserve fragment when removing query string for ?#frag URLs
9de928d 
Two bugs fixed:
1. go_like_reference() dropped the fragment when stripping the query.
   Fix: after finding path_end (at '?'), extract the '#...' fragment
   and include it in the returned string.
2. obfuscate_url_string() returned '?' for '?#frag' inputs with
   remove_query_string=true, discarding the fragment entirely.
   Fix: when after_q starts with '#' (empty query + fragment), fall
   through to go_like_reference which encodes and preserves it.
@Eldolfin
fix(http): preserve fragment for ?query#frag when removing query string
0d5b9eb 
When remove_query_string=true and the URL has both a query and a fragment
(e.g. "?ჸ#ჸ"), the previous fix only handled "?#frag" (empty query).
Extend the fix to any URL starting with '?' that contains a '#' fragment.
Fall through to go_like_reference which strips the query and preserves
the fragment with correct percent-encoding.
@Eldolfin
fix(http): strip empty trailing fragment for query-only URLs
b7e873b 
Go's url.URL.String() omits an empty trailing fragment (bare '#').
For query-only URL references like '?query#', the previous code returned
the original string including the bare '#', while Go returns '?query'.
@Eldolfin
fix(http): encode non-ASCII fragment chars for query-only URLs
d672f04 
For URLs starting with '?' that have a fragment (e.g. '?#ჸ'),
Go's url.URL.String() percent-encodes non-ASCII chars in the fragment
via EscapeFragment. Also, Go omits an empty trailing fragment ('?#' → '?').

Handle these cases early before the 'restore original query' pass
which would otherwise undo the encoding.
@Eldolfin
fix(http): don't restore bare '#' fragment when restoring raw query
3082013 
The restore-original-query pass was splicing &url[q_start..] which
includes any trailing '#' (empty fragment), overriding the empty-fragment
stripping done by go_like_reference. Now only restores up to '#', and
appends the (already-encoded/stripped) fragment from go_like_reference.
@Eldolfin
fix(http): normalize percent-encoded unreserved chars in path
9bab0bf 
Go's url.Parse decodes %XX sequences where the decoded byte is an
unreserved char (A-Z, a-z, 0-9, -, ., _, ~) as part of path normalization.
E.g. %30 → 0, %41 → A. The url crate preserves them as-is.

Add normalize_pct_encoded_unreserved() and apply it in go_like_reference
on the path portion of all returned values.
@Eldolfin
fix(http): reject URLs where pre-fragment path starts with colon
c726aa1 
Go's url.Parse first splits on '#', then parses the pre-fragment
portion. If that portion starts with ':' (empty scheme), getScheme
returns "missing protocol scheme" and ObfuscateURLString returns '?'.

The Rust code had a check for ':' in the first path segment, but it
was placed after the CTL-in-fragment pre-encode block which returned
early, so inputs like ":#<ctrl>" bypassed the check.

Move the colon check to before the CTL-in-fragment block so it fires
regardless of what the fragment contains.

Fixes parity for input ":#\u{1}" (http_fuzzing_4114246193).
@Eldolfin
fix(http): HTTP non-ASCII path check
e7180a7
@Eldolfin
fix(http): clippy warnings
c5f4ceb
@Eldolfin
fix(http): cargo fmt
42a31e5
@Eldolfin
fix(http): simplify a lot
b27a2fc
@Eldolfin
fix(http): clippy
a22d54a
@Eldolfin
fix: update LICENSE-3rdparty.yml
0362c87
@Eldolfin
fix(http): clippy
18088a7
@Eldolfin
fix(http): dash decode
3e32c31
@Eldolfin
fix: use older cargo bundle license to match ci
4d1aa68
@Eldolfin Eldolfin force-pushed the oscarld/obfuscation-http-parity branch from 1ca887f to 4d1aa68 Compare March 10, 2026 17:40
@Eldolfin Eldolfin changed the title fix(obfuscation/http): fuzzer fixes [APMSP-2670] fix!(obfuscation/http): fuzzer fixes [APMSP-2670] Mar 11, 2026
@Eldolfin Eldolfin changed the title fix!(obfuscation/http): fuzzer fixes [APMSP-2670] fix(obfuscation/http)!: fuzzer fixes [APMSP-2670] Mar 11, 2026
@Eldolfin Eldolfin requested a review from Copilot March 12, 2026 15:45
@Eldolfin
Copy link
Contributor Author

Eldolfin commented Mar 12, 2026

@codex review

Copilot AI reviewed Mar 12, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 4 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

@chatgpt-codex-connector
Copy link

chatgpt-codex-connector bot commented Mar 12, 2026

Codex Review: Something went wrong. Try again later by commenting “@codex review”.

An unknown error occurred
ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

mini-agent

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Eldolfin @codecov-commenter