aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2019-04-29 14:52:25 +0100
committerVsevolod Stakhov <vsevolod@highsecure.ru>2019-04-29 14:52:25 +0100
commit18e95de8f1fb5f5d756d3bf4db168ad96cd5f954 (patch)
treecd9d6d2d20d7f1885b1a174c40e495b8e272f8ef
parent622bad3d8a52fc810070bb000025c642e5a0695f (diff)
downloadrspamd-18e95de8f1fb5f5d756d3bf4db168ad96cd5f954.tar.gz
rspamd-18e95de8f1fb5f5d756d3bf4db168ad96cd5f954.zip
[Minor] Improve lua logging escaping
-rw-r--r--src/lua/lua_common.h13
-rw-r--r--src/lua/lua_logger.c64
-rw-r--r--src/rspamadm/lua_repl.c6
3 files changed, 63 insertions, 20 deletions
diff --git a/src/lua/lua_common.h b/src/lua/lua_common.h
index d9bbff585..5ff5cc8bf 100644
--- a/src/lua/lua_common.h
+++ b/src/lua/lua_common.h
@@ -365,6 +365,16 @@ struct lua_logger_trace {
gconstpointer traces[TRACE_POINTS];
};
+enum lua_logger_escape_type {
+ LUA_ESCAPE_NONE = (0u),
+ LUA_ESCAPE_UNPRINTABLE = (1u << 0u),
+ LUA_ESCAPE_NEWLINES = (1u << 1u),
+ LUA_ESCAPE_8BIT = (1u << 2u),
+};
+
+#define LUA_ESCAPE_LOG (LUA_ESCAPE_UNPRINTABLE|LUA_ESCAPE_NEWLINES)
+#define LUA_ESCAPE_ALL (LUA_ESCAPE_UNPRINTABLE|LUA_ESCAPE_NEWLINES|LUA_ESCAPE_8BIT)
+
/**
* Log lua object to string
* @param L
@@ -374,7 +384,8 @@ struct lua_logger_trace {
* @return
*/
gsize lua_logger_out_type (lua_State *L, gint pos, gchar *outbuf,
- gsize len, struct lua_logger_trace *trace);
+ gsize len, struct lua_logger_trace *trace,
+ enum lua_logger_escape_type esc_type);
/**
* Safely checks userdata to match specified class
diff --git a/src/lua/lua_logger.c b/src/lua/lua_logger.c
index 9d25fce6a..60c702e65 100644
--- a/src/lua/lua_logger.c
+++ b/src/lua/lua_logger.c
@@ -269,9 +269,37 @@ lua_logger_debug (lua_State *L)
return 0;
}
+static inline bool
+lua_logger_char_safe (int t, unsigned int esc_type)
+{
+ if (t & 0x80) {
+ if (esc_type & LUA_ESCAPE_8BIT) {
+ return false;
+ }
+
+ return true;
+ }
+
+ if (esc_type & LUA_ESCAPE_UNPRINTABLE) {
+ if (!g_ascii_isprint (t) && !g_ascii_isspace (t)) {
+ return false;
+ }
+ }
+
+ if (esc_type & LUA_ESCAPE_NEWLINES) {
+ if (t == '\r' || t == '\n') {
+ return false;
+ }
+ }
+
+ return true;
+}
+
static gsize
-lua_logger_out_str (lua_State *L, gint pos, gchar *outbuf, gsize len,
- struct lua_logger_trace *trace)
+lua_logger_out_str (lua_State *L, gint pos,
+ gchar *outbuf, gsize len,
+ struct lua_logger_trace *trace,
+ enum lua_logger_escape_type esc_type)
{
gsize slen, flen;
const gchar *str = lua_tolstring (L, pos, &slen);
@@ -283,7 +311,7 @@ lua_logger_out_str (lua_State *L, gint pos, gchar *outbuf, gsize len,
flen = MIN (slen, len - 1);
for (r = 0; r < flen; r ++) {
- if (!(g_ascii_isprint (str[r]) || (str[r] & 0x80))) {
+ if (!lua_logger_char_safe (str[r], esc_type)) {
normal = FALSE;
break;
}
@@ -298,11 +326,8 @@ lua_logger_out_str (lua_State *L, gint pos, gchar *outbuf, gsize len,
s = 0;
while (slen > 0 && len > 1) {
- if (!g_ascii_isprint (str[s])) {
- if (str[s] & 0x80) {
- outbuf[r++] = str[s];
- }
- else if (len >= 3) {
+ if (!lua_logger_char_safe (str[r], esc_type)) {
+ if (len >= 3) {
outbuf[r++] = '\\';
outbuf[r++] = hexdigests[((str[s] >> 4) & 0xF)];
outbuf[r++] = hexdigests[((str[s]) & 0xF)];
@@ -431,7 +456,8 @@ lua_logger_out_userdata (lua_State *L, gint pos, gchar *outbuf, gsize len,
static gsize
lua_logger_out_table (lua_State *L, gint pos, gchar *outbuf, gsize len,
- struct lua_logger_trace *trace)
+ struct lua_logger_trace *trace,
+ enum lua_logger_escape_type esc_type)
{
gchar *d = outbuf;
gsize remain = len, r;
@@ -485,7 +511,7 @@ lua_logger_out_table (lua_State *L, gint pos, gchar *outbuf, gsize len,
r = rspamd_snprintf (d, remain + 1, "__self");
}
else {
- r = lua_logger_out_type (L, tpos, d, remain, trace);
+ r = lua_logger_out_type (L, tpos, d, remain, trace, esc_type);
}
MOVE_BUF(d, remain, r);
@@ -515,7 +541,7 @@ lua_logger_out_table (lua_State *L, gint pos, gchar *outbuf, gsize len,
r = rspamd_snprintf (d, remain + 1, "__self");
}
else {
- r = lua_logger_out_type (L, tpos, d, remain, trace);
+ r = lua_logger_out_type (L, tpos, d, remain, trace, esc_type);
}
MOVE_BUF(d, remain, r);
@@ -533,8 +559,10 @@ lua_logger_out_table (lua_State *L, gint pos, gchar *outbuf, gsize len,
#undef MOVE_BUF
gsize
-lua_logger_out_type (lua_State *L, gint pos, gchar *outbuf, gsize len,
- struct lua_logger_trace *trace)
+lua_logger_out_type (lua_State *L, gint pos,
+ gchar *outbuf, gsize len,
+ struct lua_logger_trace *trace,
+ enum lua_logger_escape_type esc_type)
{
gint type;
gsize r = 0;
@@ -554,7 +582,7 @@ lua_logger_out_type (lua_State *L, gint pos, gchar *outbuf, gsize len,
r = lua_logger_out_boolean (L, pos, outbuf, len, trace);
break;
case LUA_TTABLE:
- r = lua_logger_out_table (L, pos, outbuf, len, trace);
+ r = lua_logger_out_table (L, pos, outbuf, len, trace, esc_type);
break;
case LUA_TUSERDATA:
r = lua_logger_out_userdata (L, pos, outbuf, len, trace);
@@ -570,7 +598,7 @@ lua_logger_out_type (lua_State *L, gint pos, gchar *outbuf, gsize len,
break;
default:
/* Try to push everything as string using tostring magic */
- r = lua_logger_out_str (L, pos, outbuf, len, trace);
+ r = lua_logger_out_str (L, pos, outbuf, len, trace, esc_type);
break;
}
@@ -747,7 +775,8 @@ lua_logger_log_format (lua_State *L, gint fmt_pos, gboolean is_string,
}
memset (&tr, 0, sizeof (tr));
- r = lua_logger_out_type (L, arg_num + 1, d, remain, &tr);
+ r = lua_logger_out_type (L, arg_num + 1, d, remain, &tr,
+ is_string ? LUA_ESCAPE_UNPRINTABLE : LUA_ESCAPE_LOG);
g_assert (r <= remain);
remain -= r;
d += r;
@@ -775,7 +804,8 @@ lua_logger_log_format (lua_State *L, gint fmt_pos, gboolean is_string,
}
memset (&tr, 0, sizeof (tr));
- r = lua_logger_out_type (L, arg_num + 1, d, remain, &tr);
+ r = lua_logger_out_type (L, arg_num + 1, d, remain, &tr,
+ is_string ? LUA_ESCAPE_UNPRINTABLE : LUA_ESCAPE_LOG);
g_assert (r <= remain);
remain -= r;
d += r;
diff --git a/src/rspamadm/lua_repl.c b/src/rspamadm/lua_repl.c
index 430c800f9..43c97d01f 100644
--- a/src/rspamadm/lua_repl.c
+++ b/src/rspamadm/lua_repl.c
@@ -282,7 +282,8 @@ rspamadm_exec_input (lua_State *L, const gchar *input)
rspamd_printf ("local function: %d\n", cbref);
} else {
memset (&tr, 0, sizeof (tr));
- lua_logger_out_type (L, i, outbuf, sizeof (outbuf), &tr);
+ lua_logger_out_type (L, i, outbuf, sizeof (outbuf), &tr,
+ LUA_ESCAPE_UNPRINTABLE);
rspamd_printf ("%s\n", outbuf);
}
}
@@ -462,7 +463,8 @@ rspamadm_lua_message_handler (lua_State *L, gint argc, gchar **argv)
for (j = old_top + 1; j <= lua_gettop (L); j ++) {
memset (&tr, 0, sizeof (tr));
- lua_logger_out_type (L, j, outbuf, sizeof (outbuf), &tr);
+ lua_logger_out_type (L, j, outbuf, sizeof (outbuf), &tr,
+ LUA_ESCAPE_UNPRINTABLE);
rspamd_printf ("%s\n", outbuf);
}
}