From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Tue, 13 Dec 2022 10:15:17 +0000 (+0100)
Subject: coredump: cescape invalid json data before logging
X-Git-Tag: v253-rc1~304
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c5966ab5bf43b4fb45998760beaffa6c7f9e8a9e;p=thirdparty%2Fsystemd.git

coredump: cescape invalid json data before logging

In both cases, the json string is short, so we can print it, which is useful
for diagnosing invalid data in packages. But we need escape non-printable
characters.

https://bugzilla.redhat.com/show_bug.cgi?id=2152685

I went over the rest of the codebase, and it seems that other calls to
json_parse() don't have this problem.
---

diff --git a/src/coredump/coredumpctl.c b/src/coredump/coredumpctl.c
index a6abcc6496d..6a6a968149a 100644
--- a/src/coredump/coredumpctl.c
+++ b/src/coredump/coredumpctl.c
@@ -19,6 +19,7 @@
 #include "compress.h"
 #include "constants.h"
 #include "dissect-image.h"
+#include "escape.h"
 #include "fd-util.h"
 #include "format-table.h"
 #include "fs-util.h"
@@ -790,9 +791,10 @@ static int print_info(FILE *file, sd_journal *j, bool need_space) {
                 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
 
                 r = json_parse(pkgmeta_json, 0, &v, NULL, NULL);
-                if (r < 0)
-                        log_warning_errno(r, "json_parse on %s failed, ignoring: %m", pkgmeta_json);
-                else {
+                if (r < 0) {
+                        _cleanup_free_ char *esc = cescape(pkgmeta_json);
+                        log_warning_errno(r, "json_parse on \"%s\" failed, ignoring: %m", strnull(esc));
+                } else {
                         const char *module_name;
                         JsonVariant *module_json;
 
diff --git a/src/shared/elf-util.c b/src/shared/elf-util.c
index 77915454166..0c694d79f3a 100644
--- a/src/shared/elf-util.c
+++ b/src/shared/elf-util.c
@@ -15,6 +15,7 @@
 #include "dlfcn-util.h"
 #include "elf-util.h"
 #include "errno-util.h"
+#include "escape.h"
 #include "fileio.h"
 #include "fd-util.h"
 #include "format-util.h"
@@ -396,8 +397,10 @@ static int parse_package_metadata(const char *name, JsonVariant *id_json, Elf *e
                         }
 
                         r = json_parse(payload, 0, &v, NULL, NULL);
-                        if (r < 0)
-                                return log_error_errno(r, "json_parse on %s failed: %m", payload);
+                        if (r < 0) {
+                                _cleanup_free_ char *esc = cescape(payload);
+                                return log_error_errno(r, "json_parse on \"%s\" failed: %m", strnull(esc));
+                        }
 
                         /* If we have a build-id, merge it in the same JSON object so that it appears all
                          * nicely together in the logs/metadata. */