Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Invalid error check due to signed/unsigned confusion #780
In the function _read_text_file_content_without_trailing_newline in the file
The code sets content_len to the return value of _read_text_file_content. That function returns -1 in case of an error. Then there is a check for (content_len <= 0).
The problem: cotent_len is of type gsize (unsigned), while _read_text_file_content returns gssize (signed). If it returns -1 this can't be stored in conten_len and will underflow, thus the error check will be skipped.
This causes some invalid memory reads which I detected with Address Sanitizer.
To fix this content_len must also be gssize (signed), so it can be -1. This patch (also attached) will fix it:
Some further Info: This affects both syslog-ng 3.7.2 and the current git code.
The Address Sanitizer stack trace looks like this: