From 29d2002880505e8b40746b2b5dae0e25c2d44391 Mon Sep 17 00:00:00 2001 From: Lorenzo Fontana Date: Tue, 13 Apr 2021 15:19:18 +0200 Subject: [PATCH] fix(userspace): handle exceptions for process_k8s_audit_event This fix has two major points in it: - when `std::stoll` is used in parse_as_int64 handle all the exceptions it can throw (https://en.cppreference.com/w/cpp/string/basic_string/stol) - when `process_k8s_audit_event` an eventual exception in it does not stop the webserver process. This is done by doing a catch all handle outside it and by logging an error message to the caller as well as in stderr Signed-off-by: Lorenzo Fontana --- userspace/engine/json_evt.cpp | 6 +++++- userspace/falco/webserver.cpp | 12 +++++++++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/userspace/engine/json_evt.cpp b/userspace/engine/json_evt.cpp index aec147efeb9..36a644517b1 100644 --- a/userspace/engine/json_evt.cpp +++ b/userspace/engine/json_evt.cpp @@ -281,7 +281,11 @@ bool json_event_value::parse_as_int64(int64_t &intval, const std::string &val) return false; } } - catch (std::invalid_argument &e) + catch(std::out_of_range &) + { + return false; + } + catch (std::invalid_argument &) { return false; } diff --git a/userspace/falco/webserver.cpp b/userspace/falco/webserver.cpp index 7a556442457..5aeb13a818d 100644 --- a/userspace/falco/webserver.cpp +++ b/userspace/falco/webserver.cpp @@ -84,7 +84,17 @@ bool k8s_audit_handler::accept_data(falco_engine *engine, for(auto &jev : jevts) { std::unique_ptr res; - res = engine->process_k8s_audit_event(&jev); + + try + { + res = engine->process_k8s_audit_event(&jev); + } + catch(...) + { + errstr = string("unkown error processing audit event"); + fprintf(stderr, "%s\n", errstr.c_str()); + return false; + } if(res) {