From c5966ab5bf43b4fb45998760beaffa6c7f9e8a9e Mon Sep 17 00:00:00 2001
From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 13 Dec 2022 11:15:17 +0100
Subject: [PATCH] coredump: cescape invalid json data before logging

In both cases, the json string is short, so we can print it, which is useful
for diagnosing invalid data in packages. But we need escape non-printable
characters.

https://bugzilla.redhat.com/show_bug.cgi?id=2152685

I went over the rest of the codebase, and it seems that other calls to
json_parse() don't have this problem.
---
 src/coredump/coredumpctl.c | 8 +++++---
 src/shared/elf-util.c      | 7 +++++--
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/coredump/coredumpctl.c b/src/coredump/coredumpctl.c
index a6abcc6496d..6a6a968149a 100644
--- a/src/coredump/coredumpctl.c
+++ b/src/coredump/coredumpctl.c
@@ -19,6 +19,7 @@
 #include "compress.h"
 #include "constants.h"
 #include "dissect-image.h"
+#include "escape.h"
 #include "fd-util.h"
 #include "format-table.h"
 #include "fs-util.h"
@@ -790,9 +791,10 @@ static int print_info(FILE *file, sd_journal *j, bool need_space) {
                 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
 
                 r = json_parse(pkgmeta_json, 0, &v, NULL, NULL);
-                if (r < 0)
-                        log_warning_errno(r, "json_parse on %s failed, ignoring: %m", pkgmeta_json);
-                else {
+                if (r < 0) {
+                        _cleanup_free_ char *esc = cescape(pkgmeta_json);
+                        log_warning_errno(r, "json_parse on \"%s\" failed, ignoring: %m", strnull(esc));
+                } else {
                         const char *module_name;
                         JsonVariant *module_json;
 
diff --git a/src/shared/elf-util.c b/src/shared/elf-util.c
index 77915454166..0c694d79f3a 100644
--- a/src/shared/elf-util.c
+++ b/src/shared/elf-util.c
@@ -15,6 +15,7 @@
 #include "dlfcn-util.h"
 #include "elf-util.h"
 #include "errno-util.h"
+#include "escape.h"
 #include "fileio.h"
 #include "fd-util.h"
 #include "format-util.h"
@@ -396,8 +397,10 @@ static int parse_package_metadata(const char *name, JsonVariant *id_json, Elf *e
                         }
 
                         r = json_parse(payload, 0, &v, NULL, NULL);
-                        if (r < 0)
-                                return log_error_errno(r, "json_parse on %s failed: %m", payload);
+                        if (r < 0) {
+                                _cleanup_free_ char *esc = cescape(payload);
+                                return log_error_errno(r, "json_parse on \"%s\" failed: %m", strnull(esc));
+                        }
 
                         /* If we have a build-id, merge it in the same JSON object so that it appears all
                          * nicely together in the logs/metadata. */
-- 
2.47.3