Commit Graph

14 Commits

Author SHA1 Message Date
Joey Schulze
1836e84e94 Ulf Härnhammar <Ulf.Harnhammar.9485@student.uu.se>
Added boundary check for fscanf() in InitKsyms() and CheckMapVersion()
to prevent an unintended crash when reading an incorrect System.map.

Hello,

I have discovered a potential crash bug in sysklogd. The klogd daemon
doesn't handle really malformed System.map files very well. It has
two fscanf() calls with "%s"format strings that stores to char
sym[512] arrays. This causes a crash if the string field in the
file is longer than that.

Despite being a buffer overflow, this is not a security problem, as
only root can change the System.map file. Nevertheless, I think it
is worth fixing, as the Right Thing for a program should be not to
assume anything about its input and to handle various problems well.
2004-07-16 06:48:27 +00:00
Joey Schulze
dcef709022 Patch by Dmitry V. Levin <ldv@altlinux.org>
Close file descriptor in FindSymbolFile() in order not to leak file
  descriptors.
2004-04-29 16:10:10 +00:00
Joey Schulze
50539e29d4 . Close symbol file before returning with 0 when an error occurred
while reading it.  This will enable systems to umount that
   partition with no open file descriptor left over.
2000-09-12 21:53:31 +00:00
Joey Schulze
2c81663786 . Use lseek64() instead of llseek() which is deprecated these days
. Keith Owens <kaos@ocs.com.au>
   - Fixed bug that caused klogd to die if there is no sym_array available.
   - When symbols are expanded, print the line twice.  Once with
     addresses converted to symbols, once with the raw text.  Allows
     external programs such as ksymoops do their own processing on the
     original data.
2000-09-12 21:15:28 +00:00
Joey Schulze
b0720eb617 Mon Oct 12 00:42:30 CEST 1998: Martin Schulze <joey@infodrom.north.de>
Modified CheckVersion()
      . Use shift to decode the kernel version
      . Compare integers of kernel version
      . extract major.minor.patch from utsname.release via sscanf()
      The reason lays in possible use of kernel flavours which
      modify utsname.release but no the Version_ symbol.
1998-10-12 16:39:49 +00:00
Joey Schulze
0beb8eec6d Corrected Mark's email address. 1998-04-13 23:46:21 +00:00
Joey Schulze
1f3d627188 * Fixed typos in syslogd-listfiles(1), thanks to Francesco Potorti`
<F.Potorti@cnuce.cnr.it> (closes: Bug#20903)
  * Corrected email address for Shane Alderton (closes: Bug#20765)
  * Fixed manpage to not reflect reverse implementated SIGALRM signal
    handler (closes: Bug#20647)
  * Modified behaviour with including <sys/module.h> (closes: Bug#20556)
  * Added correct prototype for llseek() (closes: Bug#20507, Bug#20220)
  * Added more log information if problems occurr while reading a system
    map file.
  * Modified System.map read function to try all possible map files until
    a file with matching version is found.
  * Added Debian release to klogd
  * Switched to fgets() as gets() is not buffer overrun secure.
  * Modified loop for detecting the correct system map.
1998-04-13 23:27:37 +00:00
Joey Schulze
e9b180bb9b * Corrected some code that caused klogd to dump core when receiving some
special messages from 2.1.78.  Thanks to Chu-yeon Park
    <kokids@doit.ajou.ac.kr> for informing me.
  * Fixed bug that caused klogd to die if there is no System.map
    available.
  * Added -x switch to omit EIP translation and System.map evaluation.
    Thanks to Florian La Roche <florian@knorke.saar.de>.
  * Fixed small bugs in F_FORW_UNKN meachanism.  Thanks to Torsten Neumann
    <torsten@londo.rhein-main.de> for pointing me to it.
  * Fixed problem with klogd not being able to be built on a kernel newer
    than 2.1.18.  Worked in a patch from Alessandro Suardi <asuardi@uninetcom.it>
1998-01-10 18:02:57 +00:00
Joey Schulze
05c061eaa5 * Added test in postinst if user and group exist. Christoph Lameter run
into trouble upgrading a RedHat system.
  * Fixed little mistake which prevented klogd from accepting a console
    log level of 8 to get <7> alias KERN_DEBUG displayed.
  * Linked against libc6 (Bug#11731)
  * Added SHELL=/bin/bash to rules as Herbert Xu suggested
  * Corrected syslog.conf(5) manpage
  * syslogd resets the ignore priority flag now.  Thanks to Herbert
    Thielen. (Bug#12009)
  * Fixed bug that caused syslogd to write into wrong files under some
    race conditions.  Thanks to Herbet Xu. (Bug#13506)
  * /var/log/auth.log will only be touch if needed (Bug#14329)
  * debian/conffiles is treated like a document (Bug#14521)
  * Added script for generic logfile detection and rotation and included
    that in cron scripts, included also its manpage (Bug#14610)
  * Modified restart messages in /etc/init.d/sysklogd (Bug#15840)
  * klogd will first try to load /boot/System.map-$ver, then
    /boot/System.map, then /System.map-$ver and after that /System.map
  * Modified ExpandKadds() because there were some problems accessing
    memory r/w.  (Bug#15336)
1998-01-02 03:07:16 +00:00
Joey Schulze
dd5def6ac9 Added patch from Leland Olds which fixes a buffer overrun and improved
symbol lookup.
1997-06-13 09:35:55 +00:00
Joey Schulze
c05f39c39c Included upstream patches for 1.3.1 to 1.3.3 and modified debian/rules
to support better debugging by including a patch to the modules package.
1997-06-13 07:42:20 +00:00
Joey Schulze
8947ba8d2f Included improvements and bugfixes 1997-06-10 21:06:52 +00:00
Joey Schulze
251da95efb Upgrading to version 1.3-15 from the archive 1997-06-02 17:42:34 +00:00
Joey Schulze
7834544c60 Import of bare source for 1.3 1997-06-02 17:21:41 +00:00