From a9b0ddd7803f4c32cc0389426318aa22bd34ac06 Mon Sep 17 00:00:00 2001 From: Andre Lorbach Date: Tue, 26 Jul 2011 12:20:41 +0200 Subject: Experimentally added mutex lock in getMSGID in order to fix bug 275. --- runtime/msg.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/runtime/msg.c b/runtime/msg.c index d1e67aa2..f5f7fee1 100644 --- a/runtime/msg.c +++ b/runtime/msg.c @@ -1629,14 +1629,20 @@ finalize_it: } -/* rgerhards, 2005-11-24 +/* al, 2011-07-26: LockMsg to avoid race conditions */ static inline char *getMSGID(msg_t *pM) { - return (pM->pCSMSGID == NULL) ? "-" : (char*) rsCStrGetSzStrNoNULL(pM->pCSMSGID); + if (pM->pCSMSGID == NULL) { + return "-"; + } + else { + MsgLock(pM); + return (char*) rsCStrGetSzStrNoNULL(pM->pCSMSGID); + MsgUnlock(pM); + } } - /* rgerhards 2009-06-12: set associated ruleset */ void MsgSetRuleset(msg_t *pMsg, ruleset_t *pRuleset) -- cgit v1.2.3 From d66f7b95e081ecb356cc230685c5b7c90f8590b4 Mon Sep 17 00:00:00 2001 From: Andre Lorbach Date: Wed, 27 Jul 2011 09:35:14 +0200 Subject: Fixed a stupid return bug introduced by the last commit --- runtime/msg.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/runtime/msg.c b/runtime/msg.c index f5f7fee1..c93847ef 100644 --- a/runtime/msg.c +++ b/runtime/msg.c @@ -1638,8 +1638,9 @@ static inline char *getMSGID(msg_t *pM) } else { MsgLock(pM); - return (char*) rsCStrGetSzStrNoNULL(pM->pCSMSGID); + char* pszreturn = rsCStrGetSzStrNoNULL(pM->pCSMSGID); MsgUnlock(pM); + return (char*) pszreturn; } } -- cgit v1.2.3 From 37f5a7376a8e259d3ccbd2bd01aac3b2824c4a7e Mon Sep 17 00:00:00 2001 From: Andre Lorbach Date: Wed, 27 Jul 2011 17:19:00 +0200 Subject: Cosmetic change --- runtime/msg.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/runtime/msg.c b/runtime/msg.c index c93847ef..36c958ec 100644 --- a/runtime/msg.c +++ b/runtime/msg.c @@ -1638,9 +1638,9 @@ static inline char *getMSGID(msg_t *pM) } else { MsgLock(pM); - char* pszreturn = rsCStrGetSzStrNoNULL(pM->pCSMSGID); + char* pszreturn = (char*) rsCStrGetSzStrNoNULL(pM->pCSMSGID); MsgUnlock(pM); - return (char*) pszreturn; + return pszreturn; } } -- cgit v1.2.3 From 9bea045e60fa612336ae6a78267284bcec2e9e25 Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski Date: Tue, 9 Aug 2011 12:25:46 +0200 Subject: bugfix: memcpy overflow can occur in allowed sender checking MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ...if a host name is resolved to IPv4-mapped-on-IPv6 address. Found by Ismail Dönmez at suse. Signed-off-by: Rainer Gerhards --- ChangeLog | 3 +++ runtime/net.c | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 43c266ae..785a60eb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,9 @@ --------------------------------------------------------------------------- Version 4.6.8 [v4-stable] (rgerhards), 2011-??-?? - bugfix: potential misadressing in property replacer +- bugfix: memcpy overflow can occur in allowed sender checkig + if a name is resolved to IPv4-mapped-on-IPv6 address + Found by Ismail Dönmez at suse --------------------------------------------------------------------------- Version 4.6.7 [v4-stable] (rgerhards), 2011-07-11 - added support for the ":omusrmsg:" syntax in configuring user messages diff --git a/runtime/net.c b/runtime/net.c index fe6eef5b..0866efd7 100644 --- a/runtime/net.c +++ b/runtime/net.c @@ -721,7 +721,7 @@ static rsRetVal AddAllowedSender(struct AllowedSenders **ppRoot, struct AllowedS SIN(allowIP.addr.NetAddr)->sin_port = 0; memcpy(&(SIN(allowIP.addr.NetAddr)->sin_addr.s_addr), &(SIN6(res->ai_addr)->sin6_addr.s6_addr32[3]), - sizeof (struct sockaddr_in)); + sizeof (in_addr_t)); if((iRet = AddAllowedSenderEntry(ppRoot, ppLast, &allowIP, iSignificantBits)) -- cgit v1.2.3 From d28f4610657672220999eacd5aa2f5a25d994c42 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 9 Aug 2011 12:29:30 +0200 Subject: cosmetic: add imported bugfix to ChangeLog --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ChangeLog b/ChangeLog index c3ab4f15..011c39cc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,9 @@ --------------------------------------------------------------------------- Version 5.8.4 [V5-stable] (al), 2011-??-?? - bugfix: potential misadressing in property replacer +- bugfix: memcpy overflow can occur in allowed sender checkig + if a name is resolved to IPv4-mapped-on-IPv6 address + Found by Ismail Dönmez at suse --------------------------------------------------------------------------- Version 5.8.3 [V5-stable] (rgerhards), 2011-07-11 - systemd support: set stdout/stderr to null - thx to Lennart for the patch -- cgit v1.2.3 From 1d856763f9a3f078af7f066867ae88c59286285c Mon Sep 17 00:00:00 2001 From: Andre Lorbach Date: Wed, 10 Aug 2011 11:20:08 +0200 Subject: Added changelog entry for bugid 275 --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ChangeLog b/ChangeLog index 011c39cc..6be803e0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,9 @@ Version 5.8.4 [V5-stable] (al), 2011-??-?? - bugfix: memcpy overflow can occur in allowed sender checkig if a name is resolved to IPv4-mapped-on-IPv6 address Found by Ismail Dönmez at suse +- bugfix: potential misadressing in property replacer +- bugfix: MSGID corruption in RFC5424 parser under some circumstances + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=275 --------------------------------------------------------------------------- Version 5.8.3 [V5-stable] (rgerhards), 2011-07-11 - systemd support: set stdout/stderr to null - thx to Lennart for the patch -- cgit v1.2.3