Project

General

Profile

« Previous | Next » 

Revision 5c53507d

Added by Alexis Mousset over 6 years ago

Fixes #11620: Agent segfaults when merging non-container data variables

View differences:

rudder-agent/SOURCES/patches/cfengine/11620-01-tests-mergdata-segfault.patch
From f65d072001253bdc2a11ccc30a4e05d7089ba629 Mon Sep 17 00:00:00 2001
From: Nick Anderson <nick@cmdln.org>
Date: Wed, 18 Oct 2017 08:42:36 -0500
Subject: [PATCH 1/2] CFE-2704: Add tests for segfault from mergedata
---
.../01_vars/02_functions/CFE-2704-0.x.cf | 22 ++++++++++++++++++++++
.../01_vars/02_functions/CFE-2704-1.x.cf | 22 ++++++++++++++++++++++
2 files changed, 44 insertions(+)
create mode 100644 tests/acceptance/01_vars/02_functions/CFE-2704-0.x.cf
create mode 100644 tests/acceptance/01_vars/02_functions/CFE-2704-1.x.cf
diff --git a/tests/acceptance/01_vars/02_functions/CFE-2704-0.x.cf b/tests/acceptance/01_vars/02_functions/CFE-2704-0.x.cf
new file mode 100644
index 0000000000..f64c9dc367
--- /dev/null
+++ b/tests/acceptance/01_vars/02_functions/CFE-2704-0.x.cf
@@ -0,0 +1,22 @@
+body common control
+{
+ inputs => { "../../default.cf.sub" };
+ bundlesequence => { default("$(this.promise_filename)") };
+}
+
+bundle agent test
+{
+ meta:
+ "description" -> { "CFE-2704" }
+ string => "Test that attempting to merge incompatible data does not segfault.";
+
+ vars:
+ "data" data => "{\"env\":\"test\"}";
+ "node" data => mergedata("[]", "data[env]");
+}
+bundle agent check
+{
+ methods:
+ "Pass if we made it this far"
+ usebundle => dcs_pass( $(this.promise_filename) );
+}
diff --git a/tests/acceptance/01_vars/02_functions/CFE-2704-1.x.cf b/tests/acceptance/01_vars/02_functions/CFE-2704-1.x.cf
new file mode 100644
index 0000000000..d21f4336f7
--- /dev/null
+++ b/tests/acceptance/01_vars/02_functions/CFE-2704-1.x.cf
@@ -0,0 +1,22 @@
+body common control
+{
+ inputs => { "../../default.cf.sub" };
+ bundlesequence => { default("$(this.promise_filename)") };
+}
+
+bundle agent test
+{
+ meta:
+ "description" -> { "CFE-2704" }
+ string => "Test that attempting to merge incompatible data does not segfault. Variant 1.";
+
+ vars:
+ "data" data => '{"env":"test"}';
+ "node" data => mergedata("[]", "data[env]");
+}
+bundle agent check
+{
+ methods:
+ "Pass if we made it this far"
+ usebundle => dcs_pass( $(this.promise_filename) );
+}
rudder-agent/SOURCES/patches/cfengine/11620-02-fix-mergdata-segfault.patch
From 1dfff7a33b1c7b6e274049b4e32ba6f9b80ca7de Mon Sep 17 00:00:00 2001
From: Alexis Mousset <alexis.mousset@normation.com>
Date: Wed, 18 Oct 2017 15:24:57 +0200
Subject: [PATCH 1/3] CFE-2704: mergedata segfaults when called on a
non-container
Changelog: Title
---
libpromises/evalfunction.c | 7 +++++++
.../01_vars/02_functions/{CFE-2704-0.x.cf => CFE-2704-0.cf} | 0
.../01_vars/02_functions/{CFE-2704-1.x.cf => CFE-2704-1.cf} | 0
3 files changed, 7 insertions(+)
rename tests/acceptance/01_vars/02_functions/{CFE-2704-0.x.cf => CFE-2704-0.cf} (100%)
rename tests/acceptance/01_vars/02_functions/{CFE-2704-1.x.cf => CFE-2704-1.cf} (100%)
diff --git a/libpromises/evalfunction.c b/libpromises/evalfunction.c
index ea82625b30..655782436b 100644
--- a/libpromises/evalfunction.c
+++ b/libpromises/evalfunction.c
@@ -3431,6 +3431,13 @@ static FnCallResult FnCallMergeData(EvalContext *ctx, ARG_UNUSED const Policy *p
return FnFailure();
}
+ // Ignore json primitives, only merge containers
+ if (JsonGetElementType(json) != JSON_ELEMENT_TYPE_CONTAINER)
+ {
+ JsonDestroy(json);
+ continue;
+ }
+
// This can be optimized better
if (allocated)
{
diff --git a/tests/acceptance/01_vars/02_functions/CFE-2704-0.x.cf b/tests/acceptance/01_vars/02_functions/CFE-2704-0.cf
similarity index 100%
rename from tests/acceptance/01_vars/02_functions/CFE-2704-0.x.cf
rename to tests/acceptance/01_vars/02_functions/CFE-2704-0.cf
diff --git a/tests/acceptance/01_vars/02_functions/CFE-2704-1.x.cf b/tests/acceptance/01_vars/02_functions/CFE-2704-1.cf
similarity index 100%
rename from tests/acceptance/01_vars/02_functions/CFE-2704-1.x.cf
rename to tests/acceptance/01_vars/02_functions/CFE-2704-1.cf
From 641c404542f98a67fd092c8bc8a901f27fb1c0f0 Mon Sep 17 00:00:00 2001
From: Alexis Mousset <alexis.mousset@normation.com>
Date: Tue, 24 Oct 2017 15:17:55 +0200
Subject: [PATCH 2/3] Make the merge fail if one of the arguments is not
mergeable
---
libpromises/evalfunction.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/libpromises/evalfunction.c b/libpromises/evalfunction.c
index 655782436b..1f528e89fd 100644
--- a/libpromises/evalfunction.c
+++ b/libpromises/evalfunction.c
@@ -3431,11 +3431,16 @@ static FnCallResult FnCallMergeData(EvalContext *ctx, ARG_UNUSED const Policy *p
return FnFailure();
}
- // Ignore json primitives, only merge containers
+ // Fail on json primitives, only merge containers
if (JsonGetElementType(json) != JSON_ELEMENT_TYPE_CONTAINER)
{
- JsonDestroy(json);
- continue;
+ if (allocated)
+ {
+ JsonDestroy(json);
+ }
+
+ Log(LOG_LEVEL_ERR, "%s is not mergeable as it it not a container", RvalToString(arg->val));
+ return FnFailure();
}
// This can be optimized better
From 2fc82b68264993fdc87ba7e77a3c8d0f80e83752 Mon Sep 17 00:00:00 2001
From: Alexis Mousset <alexis.mousset@normation.com>
Date: Thu, 26 Oct 2017 15:42:01 +0200
Subject: [PATCH 3/3] Fix memory leak
---
libpromises/evalfunction.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/libpromises/evalfunction.c b/libpromises/evalfunction.c
index 1f528e89fd..6aa76f23c3 100644
--- a/libpromises/evalfunction.c
+++ b/libpromises/evalfunction.c
@@ -3440,6 +3440,7 @@ static FnCallResult FnCallMergeData(EvalContext *ctx, ARG_UNUSED const Policy *p
}
Log(LOG_LEVEL_ERR, "%s is not mergeable as it it not a container", RvalToString(arg->val));
+ SeqDestroy(containers);
return FnFailure();
}

Also available in: Unified diff