When rpn_parse() finds [^\0,] after parsing a token, it returns NULL
without setting an error. This causes rrd_test_error() to return false
and subsequent code will dereference NULL (cf. rrdtool xport
CDEF:foo=foo-bar).
This commit changes the OP_VARIABLE branch in rpn_parse so that in order
to be a variable name, sscanf needs to match the full name, causing a
more meaningful "ERROR: don't understand 'illegal-variable-name'" error
message in that case. Also, I made the return NULL branch set an error
message so rrd_test_error() will succeed.
#undef match_op
else if ((sscanf(expr, DEF_NAM_FMT "%n", vname, &pos) == 1)
+ && (expr[pos] == '\0' || expr[pos] == ',')
&& ((rpnp[steps].ptr = (*lookup) (key_hash, vname)) !=
-1)) {
rpnp[steps].op = OP_VARIABLE;
}
else {
- rrd_set_error("don't undestand '%s'",expr);
+ rrd_set_error("don't understand '%s'",expr);
free(rpnp);
return NULL;
}
if (*expr == ',')
expr++;
else {
+ rrd_set_error("garbage in RPN: '%s'", expr);
free(rpnp);
return NULL;
}
projects / thirdparty / rrdtool-1.x.git / commitdiff
