diff options
| author | Karel Klic <kklic@redhat.com> | 2010-01-13 14:21:26 +0100 |
|---|---|---|
| committer | Karel Klic <kklic@redhat.com> | 2010-01-13 14:21:26 +0100 |
| commit | d548f0263bf1d707207aabe43a7c39c8419bc9d6 (patch) | |
| tree | 1fc50f9a0538e1d764f1a468abc694bb81f88426 /src/Hooks/abrt-hook-python.cpp | |
| parent | df1d7cd05d8f6abba8c713e773828deee19baf22 (diff) | |
| parent | f5925030be2963ddf257e6768dcd5712b0e6df08 (diff) | |
| download | abrt-d548f0263bf1d707207aabe43a7c39c8419bc9d6.tar.gz abrt-d548f0263bf1d707207aabe43a7c39c8419bc9d6.tar.xz abrt-d548f0263bf1d707207aabe43a7c39c8419bc9d6.zip | |
Merge branch 'master' of ssh://git.fedorahosted.org/git/abrt
Diffstat (limited to 'src/Hooks/abrt-hook-python.cpp')
| -rw-r--r-- | src/Hooks/abrt-hook-python.cpp | 53 |
1 files changed, 43 insertions, 10 deletions
diff --git a/src/Hooks/abrt-hook-python.cpp b/src/Hooks/abrt-hook-python.cpp index b921fba..c8a25e3 100644 --- a/src/Hooks/abrt-hook-python.cpp +++ b/src/Hooks/abrt-hook-python.cpp @@ -20,7 +20,7 @@ */ #include <getopt.h> -#include <unistd.h> +#include <syslog.h> /* We can easily get rid of abrtlib (libABRTUtils.so) usage in this file, * but DebugDump will pull it in anyway */ #include "abrtlib.h" @@ -38,12 +38,33 @@ static char *pid; static char *executable; static char *uuid; -int main(int argc, char** argv) +/* Note: "" will return false */ +static bool isxdigit_str(const char *str) { - // Error if daemon is not running. - if (!daemon_is_ok()) - error_msg_and_die("Daemon is not running."); + do { + if ((*str < '0' || *str > '9') /* not a digit */ + && ((*str | 0x20) < 'a' || (*str | 0x20) > 'f') /* not A-F or a-f */ + ) + { + return false; + } + str++; + } while (*str); + return true; +} + +static bool printable_str(const char *str) +{ + do { + if ((unsigned char)(*str) < ' ' || *str == 0x7f) + return false; + str++; + } while (*str); + return true; +} +int main(int argc, char** argv) +{ // Parse options static const struct option longopts[] = { // name , has_arg , flag, val @@ -79,8 +100,18 @@ int main(int argc, char** argv) } if (!pid || !executable || !uuid) goto usage; + if (strlen(uuid) > 128 || !isxdigit_str(uuid)) + goto usage; + if (strlen(executable) > PATH_MAX || !printable_str(executable)) + goto usage; + // pid string is sanitized later by xatou() -//TODO: sanitize uuid and executable (size, valid chars etc) + openlog("abrt", LOG_PID, LOG_DAEMON); + logmode = LOGMODE_SYSLOG; + + // Error if daemon is not running + if (!daemon_is_ok()) + error_msg_and_die("daemon is not running, python crash dump aborted"); unsigned setting_MaxCrashReportsSize = 0; parse_conf(NULL, &setting_MaxCrashReportsSize, NULL); @@ -94,14 +125,15 @@ int main(int argc, char** argv) ssize_t len = full_read(STDIN_FILENO, bt, MAX_BT_SIZE-1); if (len < 0) { - perror_msg_and_die("Read error"); + perror_msg_and_die("read error"); } bt[len] = '\0'; if (len == MAX_BT_SIZE-1) { - error_msg("Backtrace size limit exceeded, trimming to " MAX_BT_SIZE_STR); + error_msg("backtrace size limit exceeded, trimming to " MAX_BT_SIZE_STR); } + // This also checks that pid is a valid numeric string char *cmdline = get_cmdline(xatou(pid)); /* never NULL */ // Create directory with the debug dump @@ -109,11 +141,10 @@ int main(int argc, char** argv) snprintf(path, sizeof(path), DEBUG_DUMPS_DIR"/pyhook-%ld-%s", (long)time(NULL), pid); CDebugDump dd; - try { dd.Create(path, getuid()); } catch (CABRTException &e) { - error_msg_and_die("Error while creating debug dump: %s", e.what()); + error_msg_and_die("error while creating crash dump %s: %s", path, e.what()); } dd.SaveText(FILENAME_ANALYZER, "Python"); @@ -128,6 +159,8 @@ int main(int argc, char** argv) dd.SaveText("uid", uid); dd.Close(); + log("saved python crash dump of pid %s to %s", pid, path); + if (setting_MaxCrashReportsSize > 0) { trim_debug_dumps(setting_MaxCrashReportsSize, path); |