Hello!
Just stumble over the function 'decode_mode()' which IMHO has at least
one problem with a buffer overflow.
The static function 'decode_mode()' is used by the static function
'dump_subsys_config()' which is is turn used by the static function
'dump_full_config()' which is never used.
Are these functions used by someone using some magic? I did not find
any reference and even the flag LOGSYS_DEBUG, which prevents them from
compiling, does not exist at some other point.
If these functions are really not used, please remove them (because at
least one of them has a buffer overflow). Patch against 1.2.3
is attached.
If there is a need for these functions, I'll send a patch to fix
the 'decode_mode()' function.
Kind regards
Andreas Florath
Signed-off-by: Andreas Florath <gnu4u at flonatel dot org>
---
diff -ru corosync-1.2.3/exec/logsys.c corosync-1.2.3-patched/exec/logsys.c
--- corosync-1.2.3/exec/logsys.c 2010-05-19 15:59:17.000000000 +0200
+++ corosync-1.2.3-patched/exec/logsys.c 2010-05-28 21:13:02.000000000
+0200
@@ -217,87 +217,6 @@
/* forward declarations */
static void logsys_close_logfile(int subsysid);
-#ifdef LOGSYS_DEBUG
-static char *decode_mode(int subsysid, char *buf, size_t buflen)
-{
- memset(buf, 0, buflen);
-
- if (logsys_loggers[subsysid].mode & LOGSYS_MODE_OUTPUT_FILE)
- snprintf(buf+strlen(buf), buflen, "FILE,");
-
- if (logsys_loggers[subsysid].mode & LOGSYS_MODE_OUTPUT_STDERR)
- snprintf(buf+strlen(buf), buflen, "STDERR,");
-
- if (logsys_loggers[subsysid].mode & LOGSYS_MODE_OUTPUT_SYSLOG)
- snprintf(buf+strlen(buf), buflen, "SYSLOG,");
-
- if (subsysid == LOGSYS_MAX_SUBSYS_COUNT) {
- if (logsys_loggers[subsysid].mode & LOGSYS_MODE_FORK)
- snprintf(buf+strlen(buf), buflen, "FORK,");
-
- if (logsys_loggers[subsysid].mode & LOGSYS_MODE_THREADED)
- snprintf(buf+strlen(buf), buflen, "THREADED,");
- }
-
- memset(buf+strlen(buf)-1,0,1);
-
- return buf;
-}
-
-static const char *decode_debug(int subsysid)
-{
- if (logsys_loggers[subsysid].debug)
- return "on";
-
- return "off";
-}
-
-static const char *decode_status(int subsysid)
-{
- if (!logsys_loggers[subsysid].init_status)
- return "INIT_DONE";
-
- return "NEEDS_INIT";
-}
-
-static void dump_subsys_config(int subsysid)
-{
- char modebuf[1024];
-
- fprintf(stderr,
- "ID: %d\n"
- "subsys: %s\n"
- "logfile: %s\n"
- "logfile_fp: %p\n"
- "mode: %s\n"
- "debug: %s\n"
- "syslog_fac: %s\n"
- "syslog_pri: %s\n"
- "logfile_pri: %s\n"
- "init_status: %s\n",
- subsysid,
- logsys_loggers[subsysid].subsys,
- logsys_loggers[subsysid].logfile,
- logsys_loggers[subsysid].logfile_fp,
- decode_mode(subsysid, modebuf, sizeof(modebuf)),
- decode_debug(subsysid),
-
logsys_facility_name_get(logsys_loggers[subsysid].syslog_facility),
-
logsys_priority_name_get(logsys_loggers[subsysid].syslog_priority),
-
logsys_priority_name_get(logsys_loggers[subsysid].logfile_priority),
- decode_status(subsysid));
-}
-
-static void dump_full_config(void)
-{
- int i;
-
- for (i = 0; i <= LOGSYS_MAX_SUBSYS_COUNT; i++) {
- if (strlen(logsys_loggers[i].subsys) > 0)
- dump_subsys_config(i);
- }
-}
-#endif
-
static uint32_t circular_memory_map (void **buf, size_t bytes)
{
void *addr_orig;
_______________________________________________
Openais mailing list
[email protected]
https://lists.linux-foundation.org/mailman/listinfo/openais
