. Changed SOCK_STREAM to SOCK_DGRAM in syslog.c
. klogd will only change the console log level if `-c' is supplied
. syslogd.c by Bill Nottingham <notting@redhat.com>
Um, if the directory is invalid, the bind() call in
create_unix_socket fails. Without the return -1, we return the
invalid fd that we just closed. When syslogd then starts
listening, select goes into a hard loop getting EBADF, IIRC.
. klogd.c by Troels Walsted Hansen <troels@thule.no>
I found a bug in the sysklogd package version 1.4. When it
encounters a zero byte in the kernel logging output, the text
parser enters a busy loop. I came upon it when the 3c59x driver
from kernel 2.4.0 started outputting two zero bytes for the product
code of my laptop's 3Com card. It could be argued that the kernel
should never output zero bytes in the logging info, but obviously
that will happen from time to time.
I fear this bug might be considered a security issue as well, if
the kernel can be coerced to output a zero byte somehow, all kernel
logging will stop.
Wolfgang Oertl <Wolfgang.Oertl@uibk.ac.at> had a similar bugfix
idea
. klogd.c by Thomas Roessler <roessler@does-not-exist.org>
Additionally, the patch prevents LogLine from being invoked with a
negative counter as an argument.
. klogd.c by Troels Walsted Hansen <troels@thule.no>
I found a bug in the sysklogd package version 1.4. When it
encounters a zero byte in the kernel logging output, the text
parser enters a busy loop. I came upon it when the 3c59x driver
from kernel 2.4.0 started outputting two zero bytes for the product
code of my laptop's 3Com card. It could be argued that the kernel
should never output zero bytes in the logging info, but obviously
that will happen from time to time.
I fear this bug might be considered a security issue as well, if
the kernel can be coerced to output a zero byte somehow, all kernel
logging will stop.
Wolfgang Oertl <Wolfgang.Oertl@uibk.ac.at> had a similar bugfix
idea
. klogd.c by Thomas Roessler <roessler@does-not-exist.org>
Additionally, the patch prevents LogLine from being invoked with a
negative counter as an argument.
Removed unixm/unix domain sockets and switch to Datagram Unix
Sockets. This should remove one possibility to play DoS with
syslogd. Thanks to Olaf Kirch <okir@caldera.de> for the patch.
into "%s". Thanks to Solar Designer <solar@false.com> for the patch.
This refers to CVE-2000-0867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0867
Kernel logging daemon (klogd) in Linux does not properly cleanse
user-injected format strings, which allows local users to gain root
privileges by triggering malformed kernel messages.
Except, users cannot insert arbitrary strings in the kernel log
rinbuffer, can they?
Fixed bug in printchopped() that caused syslogd to emit
kern.emerg messages when splitting long lines. Thanks to
Daniel Jacobowitz <dan@debian.org> for the fix.
Fixed some bugs in printline() code that did not escape
control characters '\177' through '\237' and contained a
single-byte buffer overflow. Thanks to Solar Designer
<solar@false.com>.
. Keith Owens <kaos@ocs.com.au>
- Fixed bug that caused klogd to die if there is no sym_array available.
- When symbols are expanded, print the line twice. Once with
addresses converted to symbols, once with the raw text. Allows
external programs such as ksymoops do their own processing on the
original data.
* Removed superflous call to utmpname() (closes: Bug#34733)
* Added --ignore-size and limit for rotating log files at 2MB to
syslogd-listfiles (closes: Bug#36198)
* Changed Greg's e-mail address to represent his current one.
* Shortened line length for kernel logging slightly.
* Corrected return value of AddModule (closes: Bug#30093)
* Finally fixed an error with `-a' processing, thanks to Topi Miettinen
<tom@medialab.sonera.net> (closes: Bug#30462)
* Fixed two mistakes from the most recent version
* Fixed fd leak problem. Thanks to Topi for detecting it
* Ouch! Looks like the released package again is broken. It worked
locally.
from OpenBSD. This provides the additional '-a' argument used for
specifying additional UNIX domain sockets to listen to. This is been
used with chroot()'ed named's for example. An example is described at
http://www.psionic.com/papers/dns.html. This time the patch doesn't
stall syslogd. Thanks to Topi Miettinen <tom@medialab.sonera.net>
(closes: Bug#24893)
syslogd to not accept more sockets after a certain (undefinitve)
time. (opens: Bug#24893)
* The complete code is still present, search for `Bug#24893'
* Commented out `-a' in the syslogd.8 manpage
Avoid logging of SIGCHLD when syslogd is in the process of
exiting and closing its files. Again thanks to Topi.
Mon Oct 12 22:18:34 CEST 1998: Martin Schulze <joey@infodrom.north.de>
Modified printline() to support 8bit characters - such as
russion letters. Thanks to Vladas Lapinskas <lapinskas@mail.iae.lt>.
Modified CheckVersion()
. Use shift to decode the kernel version
. Compare integers of kernel version
. extract major.minor.patch from utsname.release via sscanf()
The reason lays in possible use of kernel flavours which
modify utsname.release but no the Version_ symbol.
Added support for TESTING define which will turn klogd into
stdio-mode used for debugging.
Mon Oct 12 13:01:27 MET DST 1998: Martin Schulze <joey@infodrom.north.de>
Used unsigned long and strtoul() to resolve kernel oops symbols.
Redirected some error output with regard to argument parsing to
stderr.
Mon Oct 12 14:02:51 CEST 1998: Martin Schulze <joey@infodrom.north.de>
Applied patch provided vom Topi Miettinen with regard to the
people from OpenBSD. This provides the additional '-a'
argument used for specifying additional UNIX domain sockets to
listen to. This is been used with chroot()'ed named's for
example.
Mon Oct 12 18:29:44 CEST 1998: Martin Schulze <joey@infodrom.north.de>
Added `ftp' facility which was introduced in glibc version 2.
It's #ifdef'ed so won't harm with older libraries.
stdio-mode used for debugging.
. Reworked the initialization/fork code. Now the parent process
activates a signal handler which the daughter process will raise if
it is initialized. Only after that one the parent process may
exit. Otherwise klogd might try to flush its log cache while
syslogd can't receive the messages yet.
<F.Potorti@cnuce.cnr.it> (closes: Bug#20903)
* Corrected email address for Shane Alderton (closes: Bug#20765)
* Fixed manpage to not reflect reverse implementated SIGALRM signal
handler (closes: Bug#20647)
* Modified behaviour with including <sys/module.h> (closes: Bug#20556)
* Added correct prototype for llseek() (closes: Bug#20507, Bug#20220)
* Added more log information if problems occurr while reading a system
map file.
* Modified System.map read function to try all possible map files until
a file with matching version is found.
* Added Debian release to klogd
* Switched to fgets() as gets() is not buffer overrun secure.
* Modified loop for detecting the correct system map.
* Corrected debug output concerning remote receiption
* Removed race condition in syslogd-listfiles
* Modified logfile detection routine to take care of double listed
logfiles. Thanks to Roman Hodek <roman@debian.org> for providing an
appropriate patch. (Bug#17000)
special messages from 2.1.78. Thanks to Chu-yeon Park
<kokids@doit.ajou.ac.kr> for informing me.
* Fixed bug that caused klogd to die if there is no System.map
available.
* Added -x switch to omit EIP translation and System.map evaluation.
Thanks to Florian La Roche <florian@knorke.saar.de>.
* Fixed small bugs in F_FORW_UNKN meachanism. Thanks to Torsten Neumann
<torsten@londo.rhein-main.de> for pointing me to it.
* Fixed problem with klogd not being able to be built on a kernel newer
than 2.1.18. Worked in a patch from Alessandro Suardi <asuardi@uninetcom.it>