Commit Graph

233 Commits

Author SHA1 Message Date
mancha
5b156a9033 Bugfix against minor vulnerability caused by invalid PRI value (CVE-2014-3634)
Rainer Gerhards, rsyslog project leader, discovered an issue in rsyslogd
where invalid priority values can trigger DoS and potentially RCE.

As his analysis reveals, the cause of the problem identified in rsyslog's
rsyslogd also exists in sysklogd's syslogd (from which rsyslogd was forked)
and stems from the use of a (LOG_FACMASK|LOG_PRIMASK) mask to detect invalid
priority values.

In sysklogd's syslogd, invalid priority values between 192 and 1023 (directly
or arrived at via overflow wraparound) can propagate through code causing
out-of-bounds access to the f_pmask array within the 'filed' structure by up
to 104 bytes past its end. Though most likely insufficient to reach
unallocated memory because there are around 544 bytes past f_pmask in 'filed'
(mod packing and other differences), incorrect access of fields at higher
positions of the 'filed' structure definition can cause unexpected behavior
including message mis-classification, forwarding issues, message loss,
or other.

This patch imposes a restriction on PRI message parts and requires they
be properly-delimited priority value strings that have non-negative
numerical values not exceeding 191. As before, sysklogd's syslogd permits
zero padding to not break compatibility with RFC-non-compliant loggers that
issue PRIs such as <0091>. Messages without well-formed PRI parts get
logged with priority user.notice (13). (c.f. RFC 3164)

Thanks to Rainer Gerhards for the initial report and analysis.
2014-10-04 21:34:41 +02:00
Joey Schulze
2a80f8117f Replace strcpy with memmove to fix continuation line problems
on 64bit architectures, patch by David Couture.
2010-09-10 08:50:59 +02:00
Joey Schulze
b03656d74e Adjust changelog information 2009-12-24 20:20:49 +01:00
John Haxby
0c2f6712a7 IPv6 support
This patch, apparently, came from the freebsd syslogd.
The patch was subsequently lost although the old Fedora RPM can still
be found.

I took that patch, the current freebsd sources and a dash of salt to
produce a new patch which I have attached.

The patch does two things: it will arrange for syslogd to listen on an
IPv6 socket in addition to the IPv4 socket and it uses getaddrinfo()
and getnameinfo() rather than gethostby[name|addr] and getservbyname.
It would be possible to use a single socket that accepts both IPv6 and
IPv4 datagrams, but this would mean that numeric IPv4 addresses would
be prefixed with ::ffff and this could cause some confusion -- and I'm
also not sure that everything that sysklogd runs on has a dual stack
like that.

I've also introduced the -4, -6 and -A with the same meanings that the
freebsd and rsyslog variants do.
2009-12-24 20:19:00 +01:00
Joey Schulze
8640ed6f6f Documentation update 2009-11-27 21:54:06 +01:00
Joey Schulze
74d15498a0 Remove faulty fclose() call. Thanks to Andrea Morandi and Sean Young. 2008-07-04 14:48:42 +00:00
Joey Schulze
0bb8aa7194 Adjust indention 2008-05-11 17:05:24 +00:00
Joey Schulze
91b3e07d6e Correct logic: flush log files independed of MARK 2008-05-11 17:04:18 +00:00
Joey Schulze
7bded835a2 Correct calculation 2008-05-11 17:03:39 +00:00
Joey Schulze
5e3891ec45 Document "don't output marks to recently written files" 2008-05-11 16:57:41 +00:00
Joey Schulze
e7141b5d5f Added missing changelog entry 2008-05-08 19:43:09 +00:00
Joey Schulze
94e0cb4f54 Code reorganisation: make sure that the service name is only queried
when it is needed, i.e. when we are sending to or receiving from the
network
2008-05-07 21:00:39 +00:00
Joey Schulze
c5f9d2cd50 Thomas Jarosch: Move hostname setting code from main() into init() 2007-11-10 19:01:48 +00:00
Joey Schulze
be3066caa3 Improved sleep/alarm/mark implementation by
Alan Jenkins <alan-jenkins@tuffmail.co.uk>
2007-10-08 15:24:06 +00:00
Joey Schulze
7097243191 Adjusted indention 2007-10-08 09:43:48 +00:00
Joey Schulze
af1ce3b6bb Untypo 2007-07-29 17:37:07 +00:00
Joey Schulze
2a2ab0cb77 Prevent pipes from becoming the controlling tty 2007-07-04 19:04:02 +00:00
Joey Schulze
c972380fef Reverted patch by Andreas Barth since it caused problems with opening the pipe 2007-07-04 19:00:09 +00:00
Joey Schulze
e06d6174b5 Untypo 2007-07-04 17:36:05 +00:00
Joey Schulze
ad9ad3a68f Preparation for version 1.5 2007-07-04 17:35:22 +00:00
Joey Schulze
07ee28cdee Updated the changelog/documentation 2007-06-21 08:22:59 +00:00
Joey Schulze
1aa1cfdb64 Adjusted the search function to find the symbol associated with an
address when EIP address resolving is enabled.
2007-06-18 07:50:55 +00:00
Joey Schulze
fce0c596cd Beautification of the output 2007-06-17 19:21:55 +00:00
Joey Schulze
b438513313 Improved condition 2007-06-02 19:08:52 +00:00
Joey Schulze
5bfd6c6dce We need to read all symbols 2007-06-02 19:04:38 +00:00
Joey Schulze
640b1ba8e0 Improved symbol lookup, since symbols are spread over the entire
address space.  Return the symbol that fits best instead of the first hit.
2007-05-31 15:23:42 +00:00
Joey Schulze
017e328032 Only read kernel symbols from /proc/kallsyms if no System.map has been read 2007-05-31 14:52:20 +00:00
Joey Schulze
ade259a045 Formatting & untypo 2007-05-30 18:46:09 +00:00
Joey Schulze
2d16b292d4 Correction to build tsyslogd again 2007-05-30 15:43:45 +00:00
Joey Schulze
bdcaeb12ea Build the new oops module with the kernel build system 2007-05-30 15:28:48 +00:00
Joey Schulze
2309b99118 Complete rewrite of the oops kernel module for Linux 2.6 2007-05-30 15:27:13 +00:00
Joey Schulze
e0186e8a9f File not needed anymroe 2007-05-30 15:26:09 +00:00
Joey Schulze
05daffb53e Use SKFLAGS instead of CFLAGS due to a conflict with the kernel build system 2007-05-30 15:24:27 +00:00
Joey Schulze
a62825213d Untypo 2007-05-30 10:26:51 +00:00
Joey Schulze
a9e818414a Notify the waiting parent process if the client dies to it doesn't
wait the entire five minutes.
2007-05-28 17:45:43 +00:00
Joey Schulze
f5fc069dc6 Improvements 2007-05-28 17:25:43 +00:00
Joey Schulze
73ee1f5d4f Spelling and other improvements, many of them from James R. Van Zandt 2007-05-28 17:24:21 +00:00
Joey Schulze
f6b24257f5 Patch by Andreas Barth: Prevent pipes from becoming the controlling tty 2007-05-28 17:02:06 +00:00
Joey Schulze
05e008b9cc Patch by Matthew Fischer: Remove special treatment of the percent sign 2007-05-28 16:08:32 +00:00
Joey Schulze
95b46a67d5 Added missing dependencies 2007-05-28 15:26:23 +00:00
Joey Schulze
7764938c41 Moved structs to module.h 2007-05-28 15:26:09 +00:00
Joey Schulze
bf5b096fdc Removed several structs not used anymore.
Moved structs from ksym_mod.c over here.
2007-05-28 15:24:57 +00:00
Joey Schulze
54d7bf79f3 Return of the symbols.
Linux 2.6 exports its symbols in /proc/kallsyms and does not implement
query_module() anymore.  Thus, the entire scanner has been overhauled.
2007-05-28 15:24:33 +00:00
Joey Schulze
997eb2b08b Added back /usr/src/linux/System.map as fall-back location 2007-05-28 06:28:37 +00:00
Joey Schulze
0e10989497 Updated address and copyright, shortened AUTHORS section 2007-05-27 12:16:17 +00:00
Joey Schulze
a2f2486c15 Removed superflous newlines 2007-05-27 12:08:51 +00:00
Joey Schulze
c6675cb832 Moved the documentation of the console log level into its own section 2007-05-27 12:05:25 +00:00
Joey Schulze
2ee736c8cf Don't fiddle with the console log level anymore 2007-05-27 12:05:01 +00:00
Joey Schulze
c678f47f8b Use ssize_t and reduced code where appropriate 2007-05-26 18:44:42 +00:00
Joey Schulze
75b4840911 Improved daemonise routine to stabilise startup 2007-05-26 14:37:43 +00:00