From 779e7b441076e41d3d96fce6aa751d60b91c09f5 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Thu, 12 Oct 2023 15:55:12 +0200 Subject: [PATCH] varlink: don't panic on malformed method definition --- src/shared/varlink-idl.c | 12 ++++++++++++ test/fuzz/fuzz-varlink-idl/crash-d1860f2b | Bin 0 -> 168 bytes 2 files changed, 12 insertions(+) create mode 100644 test/fuzz/fuzz-varlink-idl/crash-d1860f2b diff --git a/src/shared/varlink-idl.c b/src/shared/varlink-idl.c index 7d9d7874c1b..65059d33c1c 100644 --- a/src/shared/varlink-idl.c +++ b/src/shared/varlink-idl.c @@ -986,6 +986,9 @@ int varlink_idl_parse( assert(!symbol); n_fields = 0; + if (!token) + return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "%u:%u: Premature EOF.", *line, *column); + r = varlink_symbol_realloc(&symbol, n_fields); if (r < 0) return r; @@ -1004,6 +1007,9 @@ int varlink_idl_parse( case STATE_METHOD_ARROW: assert(symbol); + if (!token) + return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "%u:%u: Premature EOF.", *line, *column); + if (!streq(token, "->")) return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "%u:%u: Unexpected token '%s'.", *line, *column, token); @@ -1025,6 +1031,9 @@ int varlink_idl_parse( assert(!symbol); n_fields = 0; + if (!token) + return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "%u:%u: Premature EOF.", *line, *column); + r = varlink_symbol_realloc(&symbol, n_fields); if (r < 0) return r; @@ -1050,6 +1059,9 @@ int varlink_idl_parse( assert(!symbol); n_fields = 0; + if (!token) + return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "%u:%u: Premature EOF.", *line, *column); + r = varlink_symbol_realloc(&symbol, n_fields); if (r < 0) return r; diff --git a/test/fuzz/fuzz-varlink-idl/crash-d1860f2b b/test/fuzz/fuzz-varlink-idl/crash-d1860f2b new file mode 100644 index 0000000000000000000000000000000000000000..db720881dcd6446128b8f5bb3144e017b39a6011 GIT binary patch literal 168 zc-m7|$S5f(D7MnqFH0=S$;`{v%P&gT_slCvElNvFPStfuP0P&7EXmBz