utils::logdump needs to check event code,level, and length for validity

Question

utils::logdump needs to check event code,level, and length for validity

jaredmales opened this issue 2 years ago · 3 comments

we are verifying the flatbuffers part, but need to also verify things extracted from the header to make sure they make sense. Could also check on the time stamp.

Without this can get unexplained segfaults on corrupt logs.

jaredmales commented 2 years ago

see #102

jaredmales commented a year ago

12f912a

Answer 1 · 2022-09-27T04:56:31.000Z

This needs to be in libMagAOX:

josephlong
:cowboy-think: 9:47 PM
Just looked at the commit in logdump and I see an issue
9:47
One of the reasons I plumbed that in so deep in the flatlogs hierarchy is that you need to know which flatlog type you're verifying
9:47
So as it is on GitHub it's currently verifying every buffer against the observers schema

jaredmales
9:48 PM
ah, right
9:49
ok, what we should do is add a generator to do a switch-case on the event code to pick the right log type
9:50
then add bool verify(bufferPtrT*) to each log type struct
9:51
this is what needs to happen to verify things like the event code itself, and the length to look for corruption.
9:52
so that verify function first gets a default: in the switch that tells you that it's a bad event code. Then the type specific function checks the length (not always useful) and the flatbuffer.
9:52
might as well also check for obviously bad year, month, day, etc.