Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Builder rsyslog-solaris10-i386 Build #1902

Results:

Failed

SourceStamp:

Projectrsyslog
Repositoryhttps://github.com/rsyslog/rsyslog.git
Branchmaster
Revisionce4669432247bdbc378f9d8066d5e5d0b8afc2f0
Changes2 changes

BuildSlave:

unstable10x

Reason:

The SingleBranchScheduler scheduler named 'schedule-rsyslog-solaris10-i386' triggered this build

Steps and Logfiles:

  1. git updating ( 1 mins, 3 secs )
    1. stdio
  2. shell  
    1. - no logs -
  3. shell_1  
    1. - no logs -
  4. shell_2  
    1. - no logs -
  5. shell_3  
    1. - no logs -

Build Properties:

NameValueSource
branch master Build
builddir /export/home/buildbot/slave/rsyslog-solaris10-i386 slave
buildername rsyslog-solaris10-i386 Builder
buildnumber 1902 Build
codebase Build
project rsyslog Build
repository https://github.com/rsyslog/rsyslog.git Build
revision ce4669432247bdbc378f9d8066d5e5d0b8afc2f0 Build
scheduler schedule-rsyslog-solaris10-i386 Scheduler
slavename unstable10x BuildSlave
workdir /export/home/buildbot/slave/rsyslog-solaris10-i386 slave (deprecated)

Forced Build Properties:

NameLabelValue

Responsible Users:

  1. Lincoln Ramsay
  2. Rainer Gerhards

Timing:

StartThu Mar 6 12:30:21 2025
EndThu Mar 6 12:31:24 2025
Elapsed1 mins, 3 secs

All Changes:

:

  1. Change #224041

    Category rsyslog
    Changed by Lincoln Ramsay <lincoln.ramsayohnoyoudont@opengear.com>
    Changed at Thu 06 Mar 2025 04:09:01
    Repository https://github.com/rsyslog/rsyslog.git
    Project rsyslog
    Branch master
    Revision e06569ecea1b5c0cd1c35699f31ab3929d431d2a

    Comments

    Fix a buffer overflow when the argument to replace is empty
We have these expressions in rsyslogd.conf.

    set $!rsyslog_FileFormat = exec_template("RSYSLOG_FileFormat")
    set $!localheader = re_extract($!rsyslog_FileFormat, "[^ ]+.* +port[0-9]", 0, 0, "");
    set $!localpattern = re_extract($!rsyslog_FileFormat, " [^ ]+ +[^ ]+ +port[0-9]", 0, 0, "");
    set $!localheader = replace($!localheader, $!localpattern, " ");

We have a message like this arriving.

    <30>Feb 24 22:08:21 hostname port03 'label' RXDATA: \n

It was observed that when 2 of these messages arrive in a row, rsyslogd
crashes. This is clearly due to memory corruption, as the crash comes
from within calloc.

Unlike the crash, valgrind only complained about the first message. It
reported that the 'find' variable was being accessed in the replace
function, reading past allocated data.

The localpattern variable ends up "empty" (null?), because the pattern
fails to match. This ends up passed into the replace function as an
es_str_t with a length and buffer length of 0. There is no string data,
not even a null terminator.

As a result, the 'find' pointer is invalid, and accessing it is an
error. Protect against accessing the 'find' pointer when the buffer is
empty by exiting the two loops when j == lfind and lfind == 0.

This removes the report from valgrind, and stops rsyslogd from crashing.

    Changed files

    • grammar/rainerscript.c

  2. Change #224042

    Category rsyslog
    Changed by Rainer Gerhards <rgerhardsohnoyoudont@adiscon.com>
    Changed at Thu 06 Mar 2025 12:26:30
    Repository https://github.com/rsyslog/rsyslog.git
    Project rsyslog
    Branch master
    Revision ce4669432247bdbc378f9d8066d5e5d0b8afc2f0

    Comments

    Merge pull request #5598 from a1291762/fix_replace_crash
Fix a buffer overflow when the argument to replace is empty

    Changed files

    • no files
BuildBot (0.8.14) working for the OpenCSW Buildbot project.
Page built: Sat 26 Apr 2025 02:43:40 (CEST)