journal: never assert directly on data read from the journal

[elogind.git] / src / journal / journal-file.c

diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
index 8016852b9163d2f4f1e34d3e022f50f1606bba67..8dc0a3a669036afdca8260ebf0b25c28989d8dc4 100644 (file)
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@@ -590,7 +590,9 @@ static int journal_file_link_data(JournalFile *f, Object *o, uint64_t offset, ui
         assert(f);
         assert(o);
         assert(offset > 0);
-        assert(o->object.type == OBJECT_DATA);
+
+        if (o->object.type != OBJECT_DATA)
+                return -EINVAL;
 
         /* This might alter the window we are looking at */
 
@@ -775,18 +777,18 @@ static int journal_file_append_data(
         if (r < 0)
                 return r;
 
-#ifdef HAVE_GCRYPT
-        r = journal_file_hmac_put_object(f, OBJECT_DATA, p);
-        if (r < 0)
-                return r;
-#endif
-
         /* The linking might have altered the window, so let's
          * refresh our pointer */
         r = journal_file_move_to_object(f, OBJECT_DATA, p, &o);
         if (r < 0)
                 return r;
 
+#ifdef HAVE_GCRYPT
+        r = journal_file_hmac_put_object(f, OBJECT_DATA, o, p);
+        if (r < 0)
+                return r;
+#endif
+
         if (ret)
                 *ret = o;
 
@@ -798,22 +800,28 @@ static int journal_file_append_data(
 
 uint64_t journal_file_entry_n_items(Object *o) {
         assert(o);
-        assert(o->object.type == OBJECT_ENTRY);
+
+        if (o->object.type != OBJECT_ENTRY)
+                return 0;
 
         return (le64toh(o->object.size) - offsetof(Object, entry.items)) / sizeof(EntryItem);
 }
 
 uint64_t journal_file_entry_array_n_items(Object *o) {
         assert(o);
-        assert(o->object.type == OBJECT_ENTRY_ARRAY);
+
+        if (o->object.type != OBJECT_ENTRY_ARRAY)
+                return 0;
 
         return (le64toh(o->object.size) - offsetof(Object, entry_array.items)) / sizeof(uint64_t);
 }
 
 uint64_t journal_file_hash_table_n_items(Object *o) {
         assert(o);
-        assert(o->object.type == OBJECT_DATA_HASH_TABLE ||
-               o->object.type == OBJECT_FIELD_HASH_TABLE);
+
+        if (o->object.type != OBJECT_DATA_HASH_TABLE &&
+            o->object.type != OBJECT_FIELD_HASH_TABLE)
+                return 0;
 
         return (le64toh(o->object.size) - offsetof(Object, hash_table.items)) / sizeof(HashItem);
 }
@@ -866,7 +874,7 @@ static int link_entry_into_array(JournalFile *f,
                 return r;
 
 #ifdef HAVE_GCRYPT
-        r = journal_file_hmac_put_object(f, OBJECT_ENTRY_ARRAY, q);
+        r = journal_file_hmac_put_object(f, OBJECT_ENTRY_ARRAY, o, q);
         if (r < 0)
                 return r;
 #endif
@@ -949,7 +957,9 @@ static int journal_file_link_entry(JournalFile *f, Object *o, uint64_t offset) {
         assert(f);
         assert(o);
         assert(offset > 0);
-        assert(o->object.type == OBJECT_ENTRY);
+
+        if (o->object.type != OBJECT_ENTRY)
+                return -EINVAL;
 
         __sync_synchronize();
 
@@ -1012,7 +1022,7 @@ static int journal_file_append_entry_internal(
         o->entry.boot_id = f->header->boot_id;
 
 #ifdef HAVE_GCRYPT
-        r = journal_file_hmac_put_object(f, OBJECT_ENTRY, np);
+        r = journal_file_hmac_put_object(f, OBJECT_ENTRY, o, np);
         if (r < 0)
                 return r;
 #endif