From 6c23333feb497eca10f9aac0cef16ed929a7f7c9 Mon Sep 17 00:00:00 2001 From: Joachim Nilsson Date: Thu, 24 Oct 2019 08:48:32 +0200 Subject: [PATCH] Add wrapper for GLIBC __syslog_chk(), used for fortification When a user links with syslog.c, or the future libsyslog, they may still use the standard GLIBC header files. GLIBC redirects syslog() to the __syslog_chk() definition early on, but a user may not notice when a simple non-optimized (-O0 or none) program is compiled. This currently does not affect musl libc. Signed-off-by: Joachim Nilsson --- src/syslog.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/syslog.c b/src/syslog.c index 5b4cd4a..f800bad 100644 --- a/src/syslog.c +++ b/src/syslog.c @@ -91,6 +91,16 @@ static int LogStat = 0; /* status bits, set by openlog() */ static const char *LogTag = "syslog"; /* string to tag the entry with */ static int LogFacility = LOG_USER; /* default facility code */ +/* wrapper for GLIBC, which provides this for security measures */ +void __syslog_chk(int pri, int flag __attribute__((unused)), const char *fmt, ...) +{ + va_list ap; + + va_start(ap, fmt); + vsyslog(pri, fmt, ap); + va_end(ap); +} + void syslog(int pri, const char *fmt, ...) { va_list ap;