Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request from GHSA-ggw7-xr6h-mmr8
net bugfix: potential buffer overrun
  • Loading branch information
rgerhards committed May 5, 2022
2 parents c08a8af + 30ccf7c commit f211042
Show file tree
Hide file tree
Showing 3 changed files with 50 additions and 0 deletions.
4 changes: 4 additions & 0 deletions tests/Makefile.am
Expand Up @@ -283,6 +283,7 @@ TESTS += \
allowed-sender-tcp-fail.sh \
allowed-sender-tcp-hostname-ok.sh \
allowed-sender-tcp-hostname-fail.sh \
imtcp-octet-framing-too-long-vg.sh \
imtcp-discard-truncated-msg.sh \
imtcp-basic.sh \
imtcp-basic-hup.sh \
Expand Down Expand Up @@ -1074,6 +1075,7 @@ if ENABLE_IMPTCP
# need to be disabled if we do not have this module
TESTS += \
manyptcp.sh \
imptcp-octet-framing-too-long-vg.sh \
imptcp_framing_regex.sh \
imptcp_framing_regex-oversize.sh \
imptcp_large.sh \
Expand Down Expand Up @@ -2121,6 +2123,7 @@ EXTRA_DIST= \
mmjsonparse_simple.sh \
mmjsonparse-invalid-containerName.sh \
wtpShutdownAll-assertionFailure.sh \
imptcp-octet-framing-too-long-vg.sh \
imptcp-oversize-message-display.sh \
imptcp-msg-truncation-on-number.sh \
imptcp-msg-truncation-on-number2.sh \
Expand Down Expand Up @@ -2199,6 +2202,7 @@ EXTRA_DIST= \
allowed-sender-tcp-fail.sh \
allowed-sender-tcp-hostname-ok.sh \
allowed-sender-tcp-hostname-fail.sh \
imtcp-octet-framing-too-long-vg.sh \
imtcp-discard-truncated-msg.sh \
imtcp-basic.sh \
imtcp-basic-hup.sh \
Expand Down
23 changes: 23 additions & 0 deletions tests/imptcp-octet-framing-too-long-vg.sh
@@ -0,0 +1,23 @@
#!/bin/bash
# added 2022-04-25 by RGerhards, released under ASL 2.0
. ${srcdir:=.}/diag.sh init
generate_conf
add_conf '
$MaxMessageSize 128
global(processInternalMessages="on"
oversizemsg.input.mode="accept")
module(load="../plugins/imptcp/.libs/imptcp")
input(type="imptcp" port="0" listenPortFileName="'$RSYSLOG_DYNNAME'.tcpflood_port")
action(type="omfile" file="'$RSYSLOG_OUT_LOG'")
'
startup_vg
echo "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000 <120> 2011-03-01T11:22:12Z host tag: this is a way too long message that has to be truncatedtest1 test2 test3 test4 test5 ab" > $RSYSLOG_DYNNAME.inputfile
tcpflood -I $RSYSLOG_DYNNAME.inputfile
shutdown_when_empty
wait_shutdown_vg
check_exit_vg

# the prime objective is to see if valgrind check is ok, but we also do a quick content check (just in case)
content_check "received oversize message from peer"
exit_test
23 changes: 23 additions & 0 deletions tests/imtcp-octet-framing-too-long-vg.sh
@@ -0,0 +1,23 @@
#!/bin/bash
# added 2022-04-25 by RGerhards, released under ASL 2.0
. ${srcdir:=.}/diag.sh init
generate_conf
add_conf '
$MaxMessageSize 128
global(processInternalMessages="on"
oversizemsg.input.mode="accept")
module(load="../plugins/imtcp/.libs/imtcp")
input(type="imtcp" port="0" listenPortFileName="'$RSYSLOG_DYNNAME'.tcpflood_port")
action(type="omfile" file="'$RSYSLOG_OUT_LOG'")
'
startup_vg
echo "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000 <120> 2011-03-01T11:22:12Z host tag: this is a way too long message that has to be truncatedtest1 test2 test3 test4 test5 ab" > $RSYSLOG_DYNNAME.inputfile
tcpflood -I $RSYSLOG_DYNNAME.inputfile
shutdown_when_empty
wait_shutdown_vg
check_exit_vg

# the prime objective is to see if valgrind check is ok, but we also do a quick content check (just in case)
content_check "received oversize message from peer"
exit_test

0 comments on commit f211042

Please sign in to comment.