[PATCH] fix syslog corruption when using customized name
Fix bug with syslog using string passed to openlog() which is later stomped on, resulting in corrupted log messages. This happens when name is specified in a syslog log line, ala: log syslog name "bird-foo" all; Per Linux SYSLOG(3): The argument ident in the call of openlog() is probably stored as-is. Thus, if the string it points to is changed, syslog() may start prepending the changed string, and if the string it points to ceases to exist, the results are undefined. Most portable is to use a string constant. Signed-off-by: : Chris Caputo <ccaputo@alt.net> --- sysdep/unix/log.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/sysdep/unix/log.c b/sysdep/unix/log.c index 1fd6442..7086f7d 100644 --- a/sysdep/unix/log.c +++ b/sysdep/unix/log.c @@ -289,17 +289,23 @@ log_switch(int debug, list *l, char *new_syslog_name) #ifdef HAVE_SYSLOG char *old_syslog_name = current_syslog_name; - current_syslog_name = new_syslog_name; if (old_syslog_name && new_syslog_name && !strcmp(old_syslog_name, new_syslog_name)) return; if (old_syslog_name) - closelog(); + { + closelog(); + free(old_syslog_name); + } if (new_syslog_name) - openlog(new_syslog_name, LOG_CONS | LOG_NDELAY, LOG_DAEMON); + { + current_syslog_name = xmalloc(strlen(new_syslog_name) + 1); + strcpy(current_syslog_name, new_syslog_name); + openlog(current_syslog_name, LOG_CONS | LOG_NDELAY, LOG_DAEMON); + } #endif }
On Sun, Oct 30, 2016 at 10:40:30PM +0000, Chris Caputo wrote:
Fix bug with syslog using string passed to openlog() which is later stomped on, resulting in corrupted log messages. This happens when name is specified in a syslog log line, ala:
Thanks, you are right. I will merge the patch. Note that there is a minor bug in the patch as the current_syslog_name is not updated when new_syslog_name == NULL. -- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
On Mon, 31 Oct 2016, Ondrej Zajicek wrote:
On Sun, Oct 30, 2016 at 10:40:30PM +0000, Chris Caputo wrote:
Fix bug with syslog using string passed to openlog() which is later stomped on, resulting in corrupted log messages. This happens when name is specified in a syslog log line, ala:
Thanks, you are right. I will merge the patch.
Note that there is a minor bug in the patch as the current_syslog_name is not updated when new_syslog_name == NULL.
Ack - thank you for catching that. Is this better? Thanks, Chris diff --git a/sysdep/unix/log.c b/sysdep/unix/log.c index 1fd6442..89eae01 100644 --- a/sysdep/unix/log.c +++ b/sysdep/unix/log.c @@ -289,17 +289,27 @@ log_switch(int debug, list *l, char *new_syslog_name) #ifdef HAVE_SYSLOG char *old_syslog_name = current_syslog_name; - current_syslog_name = new_syslog_name; if (old_syslog_name && new_syslog_name && !strcmp(old_syslog_name, new_syslog_name)) return; if (old_syslog_name) - closelog(); + { + closelog(); + free(old_syslog_name); + } if (new_syslog_name) - openlog(new_syslog_name, LOG_CONS | LOG_NDELAY, LOG_DAEMON); + { + current_syslog_name = xmalloc(strlen(new_syslog_name) + 1); + strcpy(current_syslog_name, new_syslog_name); + openlog(current_syslog_name, LOG_CONS | LOG_NDELAY, LOG_DAEMON); + } + else + { + current_syslog_name = NULL; + } #endif }
participants (2)
-
Chris Caputo -
Ondrej Zajicek