From 9eb440ec44a58c4d9b1eed8034cf49581c172b55 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Petr=20=C5=A0pa=C4=8Dek?= Date: Tue, 20 Oct 2020 13:51:54 +0200 Subject: [PATCH] map: prevent crash on unrepresentable responses Typical example of unrepresentable message is a Lua error. E.g. error() called from kresc would lead to NULL message. --- NEWS | 1 + daemon/io.c | 16 ++++++++++------ 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/NEWS b/NEWS index 871a4b40b..17bbc385b 100644 --- a/NEWS +++ b/NEWS @@ -20,6 +20,7 @@ Bugfixes - avoid an assert() error in stash_rrset() (!1072) - fix emergency cache locking bug introduced in 5.1.3 (!1078) - migrate map() command to control sockets; fix systemd integration (!1000) +- fix crash when sending back errors over control socket (!1000) Incompatible changes -------------------- diff --git a/daemon/io.c b/daemon/io.c index 2552ba107..5d2c7727a 100644 --- a/daemon/io.c +++ b/daemon/io.c @@ -667,20 +667,24 @@ void io_tty_process_input(uv_stream_t *stream, ssize_t nread, const uv_buf_t *bu } int ret = engine_cmd(L, cmd, false); - const char *message = ""; + const char *message = NULL; + size_t len_s; if (lua_gettop(L) > 0) { - message = lua_tostring(L, -1); + message = lua_tolstring(L, -1, &len_s); } /* Simpler output in binary mode */ if (data->mode == io_mode_binary) { - size_t len_s = strlen(message); - if (len_s > UINT32_MAX) { - goto next_iter; + /* Leader expects length field in all cases */ + if (!message || len_s > UINT32_MAX) { + kr_log_error("[io] unrepresentable respose on control socket, " + "sending back empty block (command '%s')\n", cmd); + len_s = 0; } uint32_t len_n = htonl(len_s); fwrite(&len_n, sizeof(len_n), 1, out); - fwrite(message, len_s, 1, out); + if (len_s > 0) + fwrite(message, len_s, 1, out); goto next_iter; } -- 2.47.2