diff options
| author | Rainer Gerhards <rgerhards@adiscon.com> | 2010-11-05 10:41:44 +0100 |
|---|---|---|
| committer | Rainer Gerhards <rgerhards@adiscon.com> | 2010-11-05 10:41:44 +0100 |
| commit | 71b8b60b220945aa0c2b541bf144182e2bb6e032 (patch) | |
| tree | e299863295daf0ac8a2bdd6e1198e90683795d8e | |
| parent | 7904ef4e377dda677a9e665e20401d8753535fca (diff) | |
| download | rsyslog-71b8b60b220945aa0c2b541bf144182e2bb6e032.tar.gz rsyslog-71b8b60b220945aa0c2b541bf144182e2bb6e032.tar.xz rsyslog-71b8b60b220945aa0c2b541bf144182e2bb6e032.zip | |
bugfix: segfault when an *empty* template was used
Bug: http://bugzilla.adiscon.com/show_bug.cgi?id=206
Thanks to David Hill for alerting us.
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | template.c | 12 |
2 files changed, 13 insertions, 2 deletions
@@ -1,5 +1,8 @@ --------------------------------------------------------------------------- Version 5.6.1 [V5-BETA] (rgerhards), 2010-??-?? +- bugfix: segfault when an *empty* template was used + Bug: http://bugzilla.adiscon.com/show_bug.cgi?id=206 + Thanks to David Hill for alerting us. - bugfix: compile failed with --enable-unlimited-select thanks varmojfekoj for the patch --------------------------------------------------------------------------- @@ -85,7 +85,7 @@ rsRetVal tplToString(struct template *pTpl, msg_t *pMsg, uchar **ppBuf, size_t * { DEFiRet; struct templateEntry *pTpe; - int iBuf; + size_t iBuf; unsigned short bMustBeFreed; uchar *pVal; size_t iLenVal; @@ -141,7 +141,15 @@ rsRetVal tplToString(struct template *pTpl, msg_t *pMsg, uchar **ppBuf, size_t * pTpe = pTpe->pNext; } - (*ppBuf)[iBuf] = '\0'; /* space was reserved above (see copy) */ + if(iBuf == *pLenBuf) { + /* in the weired case of an *empty* template, this can happen. + * it is debatable if we should really fix it here or simply + * forbid that case. However, performance toll is minimal, so + * I tend to permit it. -- 201011-05 rgerhards + */ + CHKiRet(ExtendBuf(ppBuf, pLenBuf, iBuf + 1)); + } + (*ppBuf)[iBuf] = '\0'; finalize_it: RETiRet; |