diff options
-rw-r--r-- | ChangeLog | 11 | ||||
-rw-r--r-- | runtime/msg.h | 17 | ||||
-rw-r--r-- | runtime/parser.c | 16 |
3 files changed, 40 insertions, 4 deletions
@@ -111,6 +111,12 @@ increase. output module interface --------------------------------------------------------------------------- Version 4.5.3 [v4-beta] (rgerhards), 2009-08-?? +- bugfix: message sanitation had some issues: + - control character DEL was not properly escaped + - NUL and LF characters were not properly stripped if no control + character replacement was to be done + - NUL characters in the message body were silently dropped (this was + a regeression introduced by some of the recent optimizations) - bugfix: strings improperly reused, resulting in some message properties be populated with strings from previous messages. This was caused by an improper predicate check. [backported from v5] @@ -216,6 +222,11 @@ Version 4.4.1 [v4-stable] (rgerhards), 2009-08-?? This resulted in build errors if no Java was present on the build system, even though none of the selected option actually required Java. (I forgot to backport a similar fix to newer releases). +- bugfix (backport): omfwd segfault + Note that the orginal (higher version) patch states this happens only + when debugging mode is turned on. That statement is wrong: if debug + mode is turned off, the message is not being emitted, but the division + by zero in the actual parameters still happens. --------------------------------------------------------------------------- Version 4.4.0 [v4-stable] (rgerhards), 2009-08-21 - bugfix: stderr/stdout were not closed to be able to emit error messages, diff --git a/runtime/msg.h b/runtime/msg.h index 98b3599a..b006cbec 100644 --- a/runtime/msg.h +++ b/runtime/msg.h @@ -192,6 +192,23 @@ uchar *propIDToName(propid_t propID); extern void (*funcMsgPrepareEnqueue)(msg_t *pMsg); #define MsgPrepareEnqueue(pMsg) funcMsgPrepareEnqueue(pMsg) + +/* ------------------------------ some inline functions ------------------------------ */ + +/* set raw message size. This is needed in some cases where a trunctation is necessary + * but the raw message must not be newly set. The most important (and currently only) + * use case is if we remove trailing LF or NUL characters. Note that the size can NOT + * be extended, only shrunk! + * rgerhards, 2009-08-26 + */ +static inline void +MsgSetRawMsgSize(msg_t *pMsg, size_t newLen) +{ + assert(newLen <= (size_t) pMsg->iLenRawMsg); + pMsg->iLenRawMsg = newLen; +} + + #endif /* #ifndef MSG_H_INCLUDED */ /* vim:set ai: */ diff --git a/runtime/parser.c b/runtime/parser.c index a2538fa3..db11ac5b 100644 --- a/runtime/parser.c +++ b/runtime/parser.c @@ -163,6 +163,7 @@ sanitizeMessage(msg_t *pMsg) size_t iDst; size_t iMaxLine; size_t maxDest; + bool bUpdatedLen = FALSE; uchar szSanBuf[32*1024]; /* buffer used for sanitizing a string */ assert(pMsg != NULL); @@ -177,6 +178,7 @@ sanitizeMessage(msg_t *pMsg) /* remove NUL character at end of message (see comment in function header) */ if(pszMsg[lenMsg-1] == '\0') { DBGPRINTF("dropped NUL at very end of message\n"); + bUpdatedLen = TRUE; lenMsg--; } @@ -187,6 +189,7 @@ sanitizeMessage(msg_t *pMsg) */ if(bDropTrailingLF && pszMsg[lenMsg-1] == '\n') { DBGPRINTF("dropped LF at very end of message (DropTrailingLF is set)\n"); + bUpdatedLen = TRUE; lenMsg--; } @@ -197,7 +200,7 @@ sanitizeMessage(msg_t *pMsg) */ int bNeedSanitize = 0; for(iSrc = 0 ; iSrc < lenMsg ; iSrc++) { - if(pszMsg[iSrc] < 32) { + if(iscntrl(pszMsg[iSrc])) { if(pszMsg[iSrc] == '\0' || bEscapeCCOnRcv) { bNeedSanitize = 1; break; @@ -205,8 +208,11 @@ sanitizeMessage(msg_t *pMsg) } } - if(!bNeedSanitize) + if(!bNeedSanitize) { + if(bUpdatedLen == TRUE) + MsgSetRawMsgSize(pMsg, lenMsg); FINALIZE; + } /* now copy over the message and sanitize it */ iMaxLine = glbl.GetMaxLine(); @@ -219,8 +225,10 @@ sanitizeMessage(msg_t *pMsg) CHKmalloc(pDst = malloc(sizeof(uchar) * (iMaxLine + 1))); iSrc = iDst = 0; while(iSrc < lenMsg && iDst < maxDest - 3) { /* leave some space if last char must be escaped */ - if(pszMsg[iSrc] == '\0') { /* guard against \0 characters... */ - } else if(iscntrl((int) pszMsg[iSrc])) { + if(iscntrl((int) pszMsg[iSrc])) { + /* note: \0 must always be escaped, the rest of the code currently + * can not handle it! -- rgerhards, 2009-08-26 + */ if(pszMsg[iSrc] == '\0' || bEscapeCCOnRcv) { /* we are configured to escape control characters. Please note * that this most probably break non-western character sets like |