fix(userspace): handle exceptions for process_k8s_audit_event

This fix has two major points in it: - when `std::stoll` is used in parse_as_int64 handle all the exceptions it can throw (https://en.cppreference.com/w/cpp/string/basic_string/stol) - when `process_k8s_audit_event` an eventual exception in it does not stop the webserver process. This is done by doing a catch all handle outside it and by logging an error message to the caller as well as in stderr Signed-off-by: Lorenzo Fontana <lo@linux.com>
2025-07-21 09:59:40 +00:00 · 2021-04-13 15:19:18 +02:00 · 2021-04-13 15:19:18 +02:00 · 46425b392c
commit 46425b392c
parent 8b0d22dee9
2 changed files with 16 additions and 2 deletions
--- a/userspace/engine/json_evt.cpp
+++ b/userspace/engine/json_evt.cpp
@ -281,7 +281,11 @@ bool json_event_value::parse_as_int64(int64_t &intval, const std::string &val)
 			return false;
 		}
 	}
-	catch (std::invalid_argument &e)
+	catch(std::out_of_range &)
+	{
+		return false;
+	}
+	catch (std::invalid_argument &)
 	{
 		return false;
 	}
--- a/userspace/falco/webserver.cpp
+++ b/userspace/falco/webserver.cpp
@ -84,7 +84,17 @@ bool k8s_audit_handler::accept_data(falco_engine *engine,
 	for(auto &jev : jevts)
 	{
 		std::unique_ptr<falco_engine::rule_result> res;
+
+		try
+		{
 			res = engine->process_k8s_audit_event(&jev);
+		}
+		catch(...)
+		{
+			errstr = string("unkown error processing audit event");
+			fprintf(stderr, "%s\n", errstr.c_str());
+			return false;
+		}

 		if(res)
 		{