diff options
author | Rainer Gerhards <rgerhards@adiscon.com> | 2010-03-25 08:03:37 +0100 |
---|---|---|
committer | Rainer Gerhards <rgerhards@adiscon.com> | 2010-03-25 08:03:37 +0100 |
commit | a3e48b697fa664110567fcd0027d24ea5a239041 (patch) | |
tree | 84a538e10842a8b00a4f8c02973d572d180ea587 /ChangeLog | |
parent | 28b3703c95cb06642ff245f4d7e265c4591c128f (diff) | |
download | rsyslog-a3e48b697fa664110567fcd0027d24ea5a239041.tar.gz rsyslog-a3e48b697fa664110567fcd0027d24ea5a239041.tar.xz rsyslog-a3e48b697fa664110567fcd0027d24ea5a239041.zip |
bugfix(temporary): message-induced off-by-one error (potential segfault)
Some types of malformed messages could trigger an off-by-one error
(for example, \0 or \n as the last character, and generally control
character escaption is questionable). This is due to not strictly
following a the \0 or string counted string paradigm (during the last
optimization on the cstring class). As a temporary fix, we have
introduced a proper recalculation of the size. However, a final
patch is expected in the future. See bug tracker for further details
and when the final patch will be available:
http://bugzilla.adiscon.com/show_bug.cgi?id=184
Note that the current patch is considered sufficient to solve the
situation, but it requires a bit more runtime than desirable.
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 12 |
1 files changed, 12 insertions, 0 deletions
@@ -2,6 +2,18 @@ Version 4.6.2 [v4-stable] (rgerhards), 2010-03-?? - new feature: "." action type added to support writing files to relative pathes (this is primarily meant as a debug aid) +- bugfix(temporary): message-induced off-by-one error (potential segfault) + Some types of malformed messages could trigger an off-by-one error + (for example, \0 or \n as the last character, and generally control + character escaption is questionable). This is due to not strictly + following a the \0 or string counted string paradigm (during the last + optimization on the cstring class). As a temporary fix, we have + introduced a proper recalculation of the size. However, a final + patch is expected in the future. See bug tracker for further details + and when the final patch will be available: + http://bugzilla.adiscon.com/show_bug.cgi?id=184 + Note that the current patch is considered sufficient to solve the + situation, but it requires a bit more runtime than desirable. - bugfix: potential segfault in dynafile cache This bug was triggered by an open failure. The the cache was full and a new entry needed to be placed inside it, a victim for eviction was |