Steven,
we left this code in specifically to debug logsys and #ifdef out because
unrequired for normal runtime operations. the configure system does NOT
know how to enable that flag exactly because users shouldn´t be mangling
it at random.
the buffer overflow can´t be exploited since it´s not compiled in
anywhere in any package (or it could be fixed instead.. either way), but
the code is very useful to determine the status of the library
configuration (systems vs subsystems) when figuring out init issues and
why stuff mis-behave. We had to use it heavily when there was a gcc
issue compiling init macros in the right order (remember the
__attribute_ priority init problem?). Something otherwise you can´t spot.
Fabio
On 5/28/2010 10:36 PM, Steven Dake wrote:
> merged
>
> thanks
> -steve
>
> On 05/28/2010 12:56 PM, Andreas Florath wrote:
>> Hello!
>>
>> Just stumble over the function 'decode_mode()' which IMHO has at least
>> one problem with a buffer overflow.
>>
>> The static function 'decode_mode()' is used by the static function
>> 'dump_subsys_config()' which is is turn used by the static function
>> 'dump_full_config()' which is never used.
>>
>> Are these functions used by someone using some magic? I did not find
>> any reference and even the flag LOGSYS_DEBUG, which prevents them from
>> compiling, does not exist at some other point.
>>
>> If these functions are really not used, please remove them (because at
>> least one of them has a buffer overflow). Patch against 1.2.3
>> is attached.
>>
>> If there is a need for these functions, I'll send a patch to fix
>> the 'decode_mode()' function.
>>
>> Kind regards
>>
>> Andreas Florath
>>
>> Signed-off-by: Andreas Florath<gnu4u at flonatel dot org>
>> ---
>> diff -ru corosync-1.2.3/exec/logsys.c corosync-1.2.3-patched/exec/logsys.c
>> --- corosync-1.2.3/exec/logsys.c 2010-05-19 15:59:17.000000000 +0200
>> +++ corosync-1.2.3-patched/exec/logsys.c 2010-05-28 21:13:02.000000000
>> +0200
>> @@ -217,87 +217,6 @@
>> /* forward declarations */
>> static void logsys_close_logfile(int subsysid);
>>
>> -#ifdef LOGSYS_DEBUG
>> -static char *decode_mode(int subsysid, char *buf, size_t buflen)
>> -{
>> - memset(buf, 0, buflen);
>> -
>> - if (logsys_loggers[subsysid].mode& LOGSYS_MODE_OUTPUT_FILE)
>> - snprintf(buf+strlen(buf), buflen, "FILE,");
>> -
>> - if (logsys_loggers[subsysid].mode& LOGSYS_MODE_OUTPUT_STDERR)
>> - snprintf(buf+strlen(buf), buflen, "STDERR,");
>> -
>> - if (logsys_loggers[subsysid].mode& LOGSYS_MODE_OUTPUT_SYSLOG)
>> - snprintf(buf+strlen(buf), buflen, "SYSLOG,");
>> -
>> - if (subsysid == LOGSYS_MAX_SUBSYS_COUNT) {
>> - if (logsys_loggers[subsysid].mode& LOGSYS_MODE_FORK)
>> - snprintf(buf+strlen(buf), buflen, "FORK,");
>> -
>> - if (logsys_loggers[subsysid].mode& LOGSYS_MODE_THREADED)
>> - snprintf(buf+strlen(buf), buflen, "THREADED,");
>> - }
>> -
>> - memset(buf+strlen(buf)-1,0,1);
>> -
>> - return buf;
>> -}
>> -
>> -static const char *decode_debug(int subsysid)
>> -{
>> - if (logsys_loggers[subsysid].debug)
>> - return "on";
>> -
>> - return "off";
>> -}
>> -
>> -static const char *decode_status(int subsysid)
>> -{
>> - if (!logsys_loggers[subsysid].init_status)
>> - return "INIT_DONE";
>> -
>> - return "NEEDS_INIT";
>> -}
>> -
>> -static void dump_subsys_config(int subsysid)
>> -{
>> - char modebuf[1024];
>> -
>> - fprintf(stderr,
>> - "ID: %d\n"
>> - "subsys: %s\n"
>> - "logfile: %s\n"
>> - "logfile_fp: %p\n"
>> - "mode: %s\n"
>> - "debug: %s\n"
>> - "syslog_fac: %s\n"
>> - "syslog_pri: %s\n"
>> - "logfile_pri: %s\n"
>> - "init_status: %s\n",
>> - subsysid,
>> - logsys_loggers[subsysid].subsys,
>> - logsys_loggers[subsysid].logfile,
>> - logsys_loggers[subsysid].logfile_fp,
>> - decode_mode(subsysid, modebuf, sizeof(modebuf)),
>> - decode_debug(subsysid),
>> -
>> logsys_facility_name_get(logsys_loggers[subsysid].syslog_facility),
>> -
>> logsys_priority_name_get(logsys_loggers[subsysid].syslog_priority),
>> -
>> logsys_priority_name_get(logsys_loggers[subsysid].logfile_priority),
>> - decode_status(subsysid));
>> -}
>> -
>> -static void dump_full_config(void)
>> -{
>> - int i;
>> -
>> - for (i = 0; i<= LOGSYS_MAX_SUBSYS_COUNT; i++) {
>> - if (strlen(logsys_loggers[i].subsys)> 0)
>> - dump_subsys_config(i);
>> - }
>> -}
>> -#endif
>> -
>> static uint32_t circular_memory_map (void **buf, size_t bytes)
>> {
>> void *addr_orig;
>> _______________________________________________
>> Openais mailing list
>> [email protected]
>> https://lists.linux-foundation.org/mailman/listinfo/openais
>
> _______________________________________________
> Openais mailing list
> [email protected]
> https://lists.linux-foundation.org/mailman/listinfo/openais
_______________________________________________
Openais mailing list
[email protected]
https://lists.linux-foundation.org/mailman/listinfo/openais
