diff options
| author | Rainer Gerhards <rgerhards@adiscon.com> | 2009-09-29 14:22:11 +0200 |
|---|---|---|
| committer | Rainer Gerhards <rgerhards@adiscon.com> | 2009-09-29 14:22:11 +0200 |
| commit | 536415cf3dba053b0d2294b7f1dc8e34328e795f (patch) | |
| tree | 5bd199751cfcc575e8d382e13025d6e1ad819009 | |
| parent | 5c6eee3e440e486a1b2aeef7eeebb766509d79dc (diff) | |
| download | rsyslog-536415cf3dba053b0d2294b7f1dc8e34328e795f.tar.gz rsyslog-536415cf3dba053b0d2294b7f1dc8e34328e795f.tar.bz2 rsyslog-536415cf3dba053b0d2294b7f1dc8e34328e795f.zip | |
bugfix: invalid handling of zero-sized messages
could lead to mis-addressing and potential memory corruption/segfault
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | runtime/parser.c | 6 |
2 files changed, 6 insertions, 2 deletions
@@ -1,5 +1,7 @@ --------------------------------------------------------------------------- Version 4.4.2 [v4-stable] (rgerhards), 2009-09-?? +- bugfix: invalid handling of zero-sized messages, could lead to mis- + addressing and potential memory corruption/segfault - bugfix: random data could be appended to message, possibly causing segfaults - bugfix: reverse lookup reduction logic in imudp do DNS queries too often diff --git a/runtime/parser.c b/runtime/parser.c index 079bcf5e..7eff0801 100644 --- a/runtime/parser.c +++ b/runtime/parser.c @@ -167,6 +167,7 @@ sanitizeMessage(msg_t *pMsg) size_t iMaxLine; assert(pMsg != NULL); + assert(pMsg->iLenRawMsg > 0); # ifdef USE_NETZIP CHKiRet(uncompressMessage(pMsg)); @@ -288,6 +289,9 @@ rsRetVal parseMsg(msg_t *pMsg) int lenMsg; int iPriText; + if(pMsg->iLenRawMsg == 0) + ABORT_FINALIZE(RS_RET_EMPTY_MSG); + CHKiRet(sanitizeMessage(pMsg)); /* we needed to sanitize first, because we otherwise do not have a C-string we can print... */ @@ -295,8 +299,6 @@ rsRetVal parseMsg(msg_t *pMsg) /* pull PRI */ lenMsg = pMsg->iLenRawMsg; - if(lenMsg == 0) - ABORT_FINALIZE(RS_RET_EMPTY_MSG); msg = pMsg->pszRawMsg; pri = DEFUPRI; iPriText = 0; |