82 lines
3.7 KiB
Diff
82 lines
3.7 KiB
Diff
|
From ef4d6abe7c7fab6cbff975b32e76b09feee56074 Mon Sep 17 00:00:00 2001
|
||
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||
|
Date: Fri, 7 Dec 2018 10:48:10 +0100
|
||
|
Subject: [PATCH] journal-remote: set a limit on the number of fields in a
|
||
|
message
|
||
|
|
||
|
Existing use of E2BIG is replaced with ENOBUFS (entry too long), and E2BIG is
|
||
|
reused for the new error condition (too many fields).
|
||
|
|
||
|
This matches the change done for systemd-journald, hence forming the second
|
||
|
part of the fix for CVE-2018-16865
|
||
|
(https://bugzilla.redhat.com/show_bug.cgi?id=1653861).
|
||
|
|
||
|
[james.hilliard1@gmail.com: backport from upstream commit
|
||
|
ef4d6abe7c7fab6cbff975b32e76b09feee56074]
|
||
|
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
|
||
|
---
|
||
|
src/journal-remote/journal-remote-main.c | 7 +++++--
|
||
|
src/journal-remote/journal-remote.c | 3 +++
|
||
|
src/shared/journal-importer.c | 5 ++++-
|
||
|
3 files changed, 12 insertions(+), 3 deletions(-)
|
||
|
|
||
|
diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c
|
||
|
index 8543dba..802c3ea 100644
|
||
|
--- a/src/journal-remote/journal-remote-main.c
|
||
|
+++ b/src/journal-remote/journal-remote-main.c
|
||
|
@@ -222,9 +222,12 @@ static int process_http_upload(
|
||
|
if (r == -EAGAIN)
|
||
|
break;
|
||
|
if (r < 0) {
|
||
|
- if (r == -E2BIG)
|
||
|
- log_warning_errno(r, "Entry is too above maximum of %u, aborting connection %p.",
|
||
|
+ if (r == -ENOBUFS)
|
||
|
+ log_warning_errno(r, "Entry is above the maximum of %u, aborting connection %p.",
|
||
|
DATA_SIZE_MAX, connection);
|
||
|
+ else if (r == -E2BIG)
|
||
|
+ log_warning_errno(r, "Entry with more fields than the maximum of %u, aborting connection %p.",
|
||
|
+ ENTRY_FIELD_COUNT_MAX, connection);
|
||
|
else
|
||
|
log_warning_errno(r, "Failed to process data, aborting connection %p: %m",
|
||
|
connection);
|
||
|
diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c
|
||
|
index 3c0916c..1da32c5 100644
|
||
|
--- a/src/journal-remote/journal-remote.c
|
||
|
+++ b/src/journal-remote/journal-remote.c
|
||
|
@@ -407,6 +407,9 @@ int journal_remote_handle_raw_source(
|
||
|
log_debug("%zu active sources remaining", s->active);
|
||
|
return 0;
|
||
|
} else if (r == -E2BIG) {
|
||
|
+ log_notice("Entry with too many fields, skipped");
|
||
|
+ return 1;
|
||
|
+ } else if (r == -ENOBUFS) {
|
||
|
log_notice("Entry too big, skipped");
|
||
|
return 1;
|
||
|
} else if (r == -EAGAIN) {
|
||
|
diff --git a/src/shared/journal-importer.c b/src/shared/journal-importer.c
|
||
|
index b0e6192..8638cd3 100644
|
||
|
--- a/src/shared/journal-importer.c
|
||
|
+++ b/src/shared/journal-importer.c
|
||
|
@@ -23,6 +23,9 @@ enum {
|
||
|
};
|
||
|
|
||
|
static int iovw_put(struct iovec_wrapper *iovw, void* data, size_t len) {
|
||
|
+ if (iovw->count >= ENTRY_FIELD_COUNT_MAX)
|
||
|
+ return -E2BIG;
|
||
|
+
|
||
|
if (!GREEDY_REALLOC(iovw->iovec, iovw->size_bytes, iovw->count + 1))
|
||
|
return log_oom();
|
||
|
|
||
|
@@ -97,7 +100,7 @@ static int get_line(JournalImporter *imp, char **line, size_t *size) {
|
||
|
|
||
|
imp->scanned = imp->filled;
|
||
|
if (imp->scanned >= DATA_SIZE_MAX)
|
||
|
- return log_error_errno(SYNTHETIC_ERRNO(E2BIG),
|
||
|
+ return log_error_errno(SYNTHETIC_ERRNO(ENOBUFS),
|
||
|
"Entry is bigger than %u bytes.",
|
||
|
DATA_SIZE_MAX);
|
||
|
|
||
|
--
|
||
|
2.7.4
|
||
|
|