Skip to content

Commit f211042

Browse files
authored
Merge pull request from GHSA-ggw7-xr6h-mmr8
net bugfix: potential buffer overrun
2 parents c08a8af + 30ccf7c commit f211042

File tree

3 files changed

+50
-0
lines changed

3 files changed

+50
-0
lines changed

Diff for: tests/Makefile.am

+4
Original file line numberDiff line numberDiff line change
@@ -283,6 +283,7 @@ TESTS += \
283283
allowed-sender-tcp-fail.sh \
284284
allowed-sender-tcp-hostname-ok.sh \
285285
allowed-sender-tcp-hostname-fail.sh \
286+
imtcp-octet-framing-too-long-vg.sh \
286287
imtcp-discard-truncated-msg.sh \
287288
imtcp-basic.sh \
288289
imtcp-basic-hup.sh \
@@ -1074,6 +1075,7 @@ if ENABLE_IMPTCP
10741075
# need to be disabled if we do not have this module
10751076
TESTS += \
10761077
manyptcp.sh \
1078+
imptcp-octet-framing-too-long-vg.sh \
10771079
imptcp_framing_regex.sh \
10781080
imptcp_framing_regex-oversize.sh \
10791081
imptcp_large.sh \
@@ -2121,6 +2123,7 @@ EXTRA_DIST= \
21212123
mmjsonparse_simple.sh \
21222124
mmjsonparse-invalid-containerName.sh \
21232125
wtpShutdownAll-assertionFailure.sh \
2126+
imptcp-octet-framing-too-long-vg.sh \
21242127
imptcp-oversize-message-display.sh \
21252128
imptcp-msg-truncation-on-number.sh \
21262129
imptcp-msg-truncation-on-number2.sh \
@@ -2199,6 +2202,7 @@ EXTRA_DIST= \
21992202
allowed-sender-tcp-fail.sh \
22002203
allowed-sender-tcp-hostname-ok.sh \
22012204
allowed-sender-tcp-hostname-fail.sh \
2205+
imtcp-octet-framing-too-long-vg.sh \
22022206
imtcp-discard-truncated-msg.sh \
22032207
imtcp-basic.sh \
22042208
imtcp-basic-hup.sh \

Diff for: tests/imptcp-octet-framing-too-long-vg.sh

+23
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
#!/bin/bash
2+
# added 2022-04-25 by RGerhards, released under ASL 2.0
3+
. ${srcdir:=.}/diag.sh init
4+
generate_conf
5+
add_conf '
6+
$MaxMessageSize 128
7+
global(processInternalMessages="on"
8+
oversizemsg.input.mode="accept")
9+
module(load="../plugins/imptcp/.libs/imptcp")
10+
input(type="imptcp" port="0" listenPortFileName="'$RSYSLOG_DYNNAME'.tcpflood_port")
11+
12+
action(type="omfile" file="'$RSYSLOG_OUT_LOG'")
13+
'
14+
startup_vg
15+
echo "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000 <120> 2011-03-01T11:22:12Z host tag: this is a way too long message that has to be truncatedtest1 test2 test3 test4 test5 ab" > $RSYSLOG_DYNNAME.inputfile
16+
tcpflood -I $RSYSLOG_DYNNAME.inputfile
17+
shutdown_when_empty
18+
wait_shutdown_vg
19+
check_exit_vg
20+
21+
# the prime objective is to see if valgrind check is ok, but we also do a quick content check (just in case)
22+
content_check "received oversize message from peer"
23+
exit_test

Diff for: tests/imtcp-octet-framing-too-long-vg.sh

+23
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
#!/bin/bash
2+
# added 2022-04-25 by RGerhards, released under ASL 2.0
3+
. ${srcdir:=.}/diag.sh init
4+
generate_conf
5+
add_conf '
6+
$MaxMessageSize 128
7+
global(processInternalMessages="on"
8+
oversizemsg.input.mode="accept")
9+
module(load="../plugins/imtcp/.libs/imtcp")
10+
input(type="imtcp" port="0" listenPortFileName="'$RSYSLOG_DYNNAME'.tcpflood_port")
11+
12+
action(type="omfile" file="'$RSYSLOG_OUT_LOG'")
13+
'
14+
startup_vg
15+
echo "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000 <120> 2011-03-01T11:22:12Z host tag: this is a way too long message that has to be truncatedtest1 test2 test3 test4 test5 ab" > $RSYSLOG_DYNNAME.inputfile
16+
tcpflood -I $RSYSLOG_DYNNAME.inputfile
17+
shutdown_when_empty
18+
wait_shutdown_vg
19+
check_exit_vg
20+
21+
# the prime objective is to see if valgrind check is ok, but we also do a quick content check (just in case)
22+
content_check "received oversize message from peer"
23+
exit_test

0 commit comments

Comments
 (0)