Skip to content

Commit

Permalink
don't allow too deep includes; don't exit on state file error
Browse files Browse the repository at this point in the history
  • Loading branch information
tsmetana committed May 29, 2008
1 parent ac37cf1 commit cc92802
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 5 deletions.
4 changes: 4 additions & 0 deletions CHANGES
View file
@@ -1,3 +1,7 @@
3.7.7 ->
- do not exit on status file errors
- limit config file inclusion nesting

3.7.6 -> 3.7.7
- dateformat
- fix possible buffer overflows in strings handling
Expand Down
16 changes: 14 additions & 2 deletions config.c
View file
Expand Up @@ -481,6 +481,7 @@ static int globerr(const char *pathname, int theerr)
free(newlog->what); \
newlog->what = NULL; \
}
#define MAX_NESTING 16U

static int readConfigFile(const char *configFile, struct logInfo *defConfig)
{
Expand All @@ -507,6 +508,7 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig)
int argc, argNum;
int logerror = 0;
struct logInfo *log;
static unsigned recursion_depth = 0U;

/* FIXME: createOwner and createGroup probably shouldn't be fixed
length arrays -- of course, if we aren't run setuid it doesn't
Expand Down Expand Up @@ -1095,9 +1097,19 @@ static int readConfigFile(const char *configFile, struct logInfo *defConfig)
oldchar = *endtag, *endtag = '\0';

message(MESS_DEBUG, "including %s\n", start);

if (++recursion_depth > MAX_NESTING)
{
message(MESS_ERROR, "%s:%d include nesting too deep\n",
configFile, lineNum);
--recursion_depth;
return 1;
}
if (readConfigPath(start, defConfig))
return 1;
{
--recursion_depth;
return 1;
}
--recursion_depth;

*endtag = oldchar, start = endtag;
}
Expand Down
13 changes: 10 additions & 3 deletions logrotate.c
View file
Expand Up @@ -1500,6 +1500,7 @@ int main(int argc, const char **argv)
const char **files;
poptContext optCon;
struct logInfo *log;
int state_file_ok = 1;

struct poptOption options[] = {
{"debug", 'd', 0, 0, 'd',
Expand Down Expand Up @@ -1570,15 +1571,21 @@ int main(int argc, const char **argv)
LIST_INIT(&states);

if (readState(stateFile))
exit(1);
{
state_file_ok = 0;
/* exit(1); */
}

message(MESS_DEBUG, "\nHandling %d logs\n", numLogs);

for (log = logs.tqh_first; log != NULL; log = log->list.tqe_next)
rc |= rotateLogSet(log, force);

if (!debug)
rc |= writeState(stateFile);
if (!debug && state_file_ok)
rc |= writeState(stateFile);
if (!state_file_ok)
message(MESS_ERROR, "could not read state file, "
"will not attempt to write into it\n");

return (rc != 0);
}

0 comments on commit cc92802

Please sign in to comment.