-
Notifications
You must be signed in to change notification settings - Fork 463
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cfg: Fix double free/double close crashes #1721
Conversation
This user does not have permission to start the build. Can one of the admins verify this patch and start the build? (admin please type: ok to test) |
@kira-syslogng ok to test |
Build SUCCESS, the tests were executed on test branch: master and test suite: functions |
@swstephenson I have reviewed the PR and found that it indeed solves the double free problem and no crash occurs, but syslog-ng is not handling correctly the error case in cfg_lexer_start_next_include().
I use the same reproduction method which furiel mentioned in #1720: This is not a good way of error handling, syslog-ng should be stopped in such cases, otherwise the user would not spot the issue. The reason that the return FALSE is not sufficient error reporting is that we also return with FALSE when we finished with including every file:
and this is used in lib/cfg-lex.l:
Could you resolve this termination part in this PR as well, please? |
Hi @gaborznagy, If I understand you correctly, I see the following: If syslog-ng is already running with a config, and one of the files is made unreadable (with the @furiel reproduction method), the reload fails and syslog reverts to it's old config. If syslog-ng is starting up for the first time and the config load fails (for the same reason) I see it exiting with a non-zero status and an error message that parsing the configuration failed, as below.
Are you getting something different? (For getting notification of the failure I would have thought the messages and non-zero exit status should be sufficient. Process supervisors should be able to deal with this as well. And #1739 should make it possible to directly detect the reload failure case) |
Yes I have different scenario than you. In your case it is an invalid config file, which is included directly from the config file. |
HI @swstephenson ! We have found the source why syslog-ng is not failing when an include fails inside a glob (thanks too Kokan! ). So what we have found is that when the include procedure returns False (i.e. stop including more files) and the include depth shows that we were not finished we report this as an error state. diff --git a/lib/cfg-lex.l b/lib/cfg-lex.l
index c16155b..243837e 100644
--- a/lib/cfg-lex.l
+++ b/lib/cfg-lex.l
@@ -306,8 +306,13 @@ word [^ \#'"\(\)\{\}\\;\r\n\t,|\.@:]
<INITIAL><<EOF>> {
if (!cfg_lexer_start_next_include(yyextra))
{
- *yylloc = yyextra->include_stack[0].lloc;
- yyterminate();
+ if (yyextra->include_depth == 0)
+ {
+ *yylloc = yyextra->include_stack[0].lloc;
+ yyterminate();
+ }
+ else
+ return LL_ERROR; What do you think about this solution? |
Right, I'm with you now. I was able to reproduce as you describe. Your patch seems to do the trick. Glad this prompted the discovery of another issue! |
Fix the double free of level->yy_buff and double close of level->file.include_file that can occur during a config reload if a config file is delted. This was observed on a system with frequent dynamic config change. The issue occurs when a config file is deleted between the glob expansion/directory scanning in cfg_lexer_include_file_*() functions and files being opened in cfg_lexer_start_next_include. Fixes syslog-ng#1720 Signed-off-by: Sam Stephenson <sam.stephenson@alliedtelesis.co.nz>
Prior to this a read fail on a nested include file results in syslog-ng starting up with an empty configuration. Make this an exit condition. Signed-off-by: Sam Stephenson <sam.stephenson@alliedtelesis.co.nz>
Build SUCCESS, the tests were executed on test branch: master and test suite: functions |
1 similar comment
Build SUCCESS, the tests were executed on test branch: master and test suite: functions |
Fix the double free of level->yy_buff and double close of
level->file.include_file that can occur during a config reload if a config
file is deleted.
This was observed on a system with frequent dynamic config change. The issue
occurs when a config file is deleted between the glob expansion/directory
scanning in cfg_lexer_include_file_*() functions and files being opened in
cfg_lexer_start_next_include.
Fixes #1720
Signed-off-by: Sam Stephenson sam.stephenson@alliedtelesis.co.nz