Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-0.7.git;a=commitdiff;h=3bb0ba3b5aad112602c5e72f24f8ac44d27858ef
commit 3bb0ba3b5aad112602c5e72f24f8ac44d27858ef Author: voroskoi <[EMAIL PROTECTED]> Date: Sun Jan 20 12:24:57 2008 +0100 syslog-ng-2.0.5-2sayshell1-x86_64 added syslog-ng-2.0.git-3126ebad217e7fd6356f4733ca33f571aa87a170.patch closes #2675 diff --git a/source/apps-extra/syslog-ng/FrugalBuild b/source/apps-extra/syslog-ng/FrugalBuild index 3d2a100..c9b2f56 100644 --- a/source/apps-extra/syslog-ng/FrugalBuild +++ b/source/apps-extra/syslog-ng/FrugalBuild @@ -3,7 +3,7 @@ pkgname=syslog-ng pkgver=2.0.5 -pkgrel=1 +pkgrel=2sayshell1 pkgdesc="A flexible system logging tool" url="http://www.balabit.com/products/syslog_ng/"; depends=('glib2' 'eventlog>=0.2.5' 'tcp_wrappers') @@ -15,12 +15,14 @@ groups=('apps-extra') archs=('i686' 'x86_64') up2date="lynx -dump http://www.balabit.com/downloads/files/syslog-ng/sources/stable/src/ | Flasttar" source=(http://www.balabit.com/downloads/files/syslog-ng/sources/stable/src/$pkgname-$pkgver.tar.gz \ - rc.syslog-ng syslog-ng.conf syslog-ng) + rc.syslog-ng syslog-ng.conf syslog-ng \ + syslog-ng-2.0.git-3126ebad217e7fd6356f4733ca33f571aa87a170.patch) backup=(etc/syslog-ng.conf) sha1sums=('f514e2d2ae7831298e71d6fa9cc1817f7038431c' \ '261b708d924538a7811be7ca09d1de36be414678' \ '12abe05ce61a93cd8f3b578129f97ec6d50888bf' \ - '2876e61d5e04f6117967da728bcb1d3b6785532f') + '2876e61d5e04f6117967da728bcb1d3b6785532f' \ + 'b8b5b38e468ae8109c480cd79b09ce965e6f1be7') build() { Fbuild --enable-tcp-wrapper --disable-spoof-source @@ -29,4 +31,3 @@ build() { } # optimization OK - diff --git a/source/apps-extra/syslog-ng/syslog-ng-2.0.git-3126ebad217e7fd6356f4733ca33f571aa87a170.patch b/source/apps-extra/syslog-ng/syslog-ng-2.0.git-3126ebad217e7fd6356f4733ca33f571aa87a170.patch new file mode 100644 index 0000000..987dc22 --- /dev/null +++ b/source/apps-extra/syslog-ng/syslog-ng-2.0.git-3126ebad217e7fd6356f4733ca33f571aa87a170.patch @@ -0,0 +1,63 @@ +From: Balazs Scheidler <[EMAIL PROTECTED]> +Date: Thu, 22 Nov 2007 14:39:14 +0000 (+0100) +Subject: fixed possible segmentation fault in input parsing (DoS possibility) +X-Git-Tag: v2.0.6~8 +X-Git-Url: http://git.balabit.hu/?p=bazsi%2Fsyslog-ng-2.0.git;a=commitdiff_plain;h=3126ebad217e7fd6356f4733ca33f571aa87a170;hp=09c462b997a2f34ce8bf541d20736cba47532911 + +fixed possible segmentation fault in input parsing (DoS possibility) + +2007-11-22 Balazs Scheidler <[EMAIL PROTECTED]> + + * src/logmsg.c (log_msg_parse): fixed possible NULL pointer + dereference in log message parsing + + * tests/unit/test_msgparse.c: added testcases for improperly + formatted ISO timestamps that can cause a segfault +--- + +diff --git a/src/logmsg.c b/src/logmsg.c +index b4354bf..e1bf5ea 100644 +--- a/src/logmsg.c ++++ b/src/logmsg.c +@@ -208,8 +208,10 @@ log_msg_parse(LogMessage *self, gchar *data, gint length, guint flags, regex_t * + self->stamp.time.tv_usec = 0; + + p = memchr(src, ' ', left); +- +- stamp_length = (p - src); ++ if (p) ++ stamp_length = (p - src); ++ else ++ stamp_length = left; + + g_string_assign_len(&self->date, src, stamp_length); + +diff --git a/tests/unit/test_msgparse.c b/tests/unit/test_msgparse.c +index 003950b..2d630a3 100644 +--- a/tests/unit/test_msgparse.c ++++ b/tests/unit/test_msgparse.c +@@ -198,6 +198,24 @@ main(int argc G_GNUC_UNUSED, char *argv[] G_GNUC_UNUSED) + "%bzorp openvpn[2499]: PTHREAD support initialized" // msg + ); + ++ testcase("<7>2006-10-29T02:00:00.156+01:00 ", 0, NULL, ++ 7, // pri ++ 1162083600, 156000, 3600, // timestamp (sec/usec/zone) ++ NULL, // originally formatted timestamp ++ "", // host ++ "", // openvpn ++ "" // msg ++ ); ++ ++ testcase("<7>2006-10-29T02:00:00.156+01:00", 0, NULL, ++ 7, // pri ++ 1162083600, 156000, 3600, // timestamp (sec/usec/zone) ++ NULL, // originally formatted timestamp ++ "", // host ++ "", // openvpn ++ "" // msg ++ ); ++ + testcase("<7>2006-10-29T02:00:00.156+01:00 ctld snmpd[2499]: PTHREAD support initialized", 0, "^ctld", + 7, // pri + 1162083600, 156000, 3600, // timestamp (sec/usec/zone) _______________________________________________ Frugalware-git mailing list [email protected] http://frugalware.org/mailman/listinfo/frugalware-git
