libtraceevent: Fix string parsing

Commit Message

Steven Rostedt Dec. 20, 2022, 3:26 a.m. UTC

From: "Steven Rostedt (Google)" <rostedt@goodmis.org>

The string parsing of tokens can be confused if the string has a backslash
at the end of the string. That is "\\\0" or \<nul>. The backslash will
skip the next character. If the next character is the end of the string,
it will read past the end of the string.

Check for end of buffer (less than or equal to 0), and if the next
character is the end of buffer, exit the loop regardless if the previous
character was a backslash.

Also fail the parsing of the event if the string is not terminated by the
quote that started it.

Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
---
 src/event-parse.c | 5 +++++
 1 file changed, 5 insertions(+)

Patch

diff --git a/src/event-parse.c b/src/event-parse.c
index b37d81a89bf8..8167777fccd7 100644
--- a/src/event-parse.c
+++ b/src/event-parse.c
@@ -1303,10 +1303,15 @@  static enum tep_event_type __read_token(struct tep_handle *tep, char **tok)
 			if (ch == '\\' && last_ch == '\\')
 				last_ch = 0;
 			/* Break out if the file is corrupted and giving non print chars */
+			if (ch <= 0)
+				break;
 		} while ((ch != quote_ch && isprint(ch)) || last_ch == '\\' || ch == '\n');
 		/* remove the last quote */
 		i--;
 
+		if (ch <= 0)
+			type = TEP_EVENT_NONE;
+
 		/*
 		 * For strings (double quotes) check the next token.
 		 * If it is another string, concatinate the two.