From b19cb3678f1ecf98beeed014be2bf6663a798f21 Mon Sep 17 00:00:00 2001 From: Leonardo Di Donato Date: Mon, 23 Sep 2019 18:48:13 +0000 Subject: [PATCH] fix(userspace/falco): pop output fields lua table and correctly check parameters on the stack Signed-off-by: Leonardo Di Donato --- userspace/engine/formats.cpp | 30 ++++++++++++------------------ userspace/falco/falco_outputs.cpp | 26 ++++++++++++++------------ userspace/falco/lua/output.lua | 10 ---------- 3 files changed, 26 insertions(+), 40 deletions(-) diff --git a/userspace/engine/formats.cpp b/userspace/engine/formats.cpp index 9527c990..bea9e5f0 100644 --- a/userspace/engine/formats.cpp +++ b/userspace/engine/formats.cpp @@ -265,17 +265,15 @@ int falco_formats::format_event (lua_State *ls) return 1; } -#include - int falco_formats::resolve_tokens(lua_State *ls) { - // if(!lua_isstring(ls, -1) || - // !lua_isstring(ls, -2) || - // !lua_islightuserdata(ls, -3)) - // { - // lua_pushstring(ls, "Invalid arguments passed to resolve_tokens()"); - // lua_error(ls); - // } + if(!lua_isstring(ls, -1) || + !lua_isstring(ls, -2) || + !lua_islightuserdata(ls, -3)) + { + lua_pushstring(ls, "Invalid arguments passed to resolve_tokens()"); + lua_error(ls); + } gen_event *evt = (gen_event *)lua_topointer(ls, 1); string source = luaL_checkstring(ls, 2); const char *format = (char *)lua_tostring(ls, 3); @@ -292,19 +290,15 @@ int falco_formats::resolve_tokens(lua_State *ls) json_event_formatter json_formatter(s_engine->json_factory(), sformat); values = json_formatter.tomap((json_event*) evt); } + // todo(leodido, fntlnz) > check explicitly for k8s_audit, otherwise throw exception lua_newtable(ls); - int top = lua_gettop(ls); - for(map::iterator it = values.begin(); it != values.end(); ++it) + for(auto const& v : values) { - std::cout << it->first << ":"<< it->second << ", "; - const char *key = it->first.c_str(); - const char *value = it->second.c_str(); - lua_pushlstring(ls, key, it->first.size()); - lua_pushlstring(ls, value, it->second.size()); - lua_settable(ls, top); + lua_pushstring(ls, v.first.c_str()); + lua_pushstring(ls, v.second.c_str()); + lua_settable(ls, -3); } - std::cout << std::endl; return 1; } diff --git a/userspace/falco/falco_outputs.cpp b/userspace/falco/falco_outputs.cpp index 2728d7b7..d248840b 100644 --- a/userspace/falco/falco_outputs.cpp +++ b/userspace/falco/falco_outputs.cpp @@ -306,16 +306,17 @@ int falco_outputs::handle_http(lua_State *ls) int falco_outputs::handle_grpc(lua_State *ls) { // check parameters - // if(!lua_isuserdata(ls, 1) || - // !lua_isstring(ls, 2) || - // !lua_isstring(ls, 3) || - // !lua_isstring(ls, 4) || - // !lua_isstring(ls, 5) || - // !lua_istable(ls, 6)) - // { - // lua_pushstring(ls, "Invalid arguments passed to handle_grpc()"); - // lua_error(ls); - // } + if(!lua_islightuserdata(ls, -7) || + !lua_isstring(ls, -6) || + !lua_isstring(ls, -5) || + !lua_isstring(ls, -4) || + !lua_isstring(ls, -3) || + !lua_istable(ls, -2) || + !lua_istable(ls, -1)) + { + lua_pushstring(ls, "Invalid arguments passed to handle_grpc()"); + lua_error(ls); + } response grpc_res = response(); @@ -353,11 +354,12 @@ int falco_outputs::handle_grpc(lua_State *ls) // output fields auto& fields = *grpc_res.mutable_output_fields(); - lua_pushnil(ls); + lua_pushnil(ls); // so that lua_next removes it from stack and puts (k, v) on it while (lua_next(ls, 6) != 0) { fields[lua_tostring(ls, -2)] = lua_tostring(ls, -1); - lua_pop(ls, 1); + lua_pop(ls, 1); // remove value, keep key for lua_next } + lua_pop(ls, 1); // pop table falco_output_queue::get().push(grpc_res); diff --git a/userspace/falco/lua/output.lua b/userspace/falco/lua/output.lua index cfa284c8..6a635d35 100644 --- a/userspace/falco/lua/output.lua +++ b/userspace/falco/lua/output.lua @@ -216,16 +216,6 @@ function output_event(event, rule, source, priority, priority_num, format) msg = formats.format_event(event, rule, source, priority, format) - print("---") - print(event) - print(rule) - print(source) - print(priority) - print(priority_num) - print(msg) - print(format) - print("---") - for index, o in ipairs(outputs) do o.output(event, rule, source, priority, priority_num, msg, format, o.options) end