diff options
author | Rich Felker <dalias@aerifal.cx> | 2013-03-23 18:59:30 -0400 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2013-03-23 18:59:30 -0400 |
commit | 427c0ca79e8ab429681310308a0a87cd5fdd1837 (patch) | |
tree | 04f3dfe19d6fce0e138751f510751f8ef24e722e /arch | |
parent | dfdc337b3b276e6ea0e4786ede699f4d0d93dc40 (diff) | |
download | musl-427c0ca79e8ab429681310308a0a87cd5fdd1837.tar.gz musl-427c0ca79e8ab429681310308a0a87cd5fdd1837.tar.bz2 musl-427c0ca79e8ab429681310308a0a87cd5fdd1837.tar.xz musl-427c0ca79e8ab429681310308a0a87cd5fdd1837.zip |
fix multiple bugs in syslog interfaces
1. as reported by William Haddon, the value returned by snprintf was
wrongly used as a length passed to sendto, despite it possibly
exceeding the buffer length. this could lead to invalid reads and
leaking additional data to syslog.
2. openlog was storing a pointer to the ident string passed by the
caller, rather than copying it. this bug is shared with (and even
documented in) other implementations like glibc, but such behavior
does not seem to meet the requirements of the standard.
3. extremely long ident provided to openlog, or corrupt ident due to
the above issue, could possibly have resulted in buffer overflows.
despite having the potential for smashing the stack, i believe the
impact is low since ident points to a short string literal in typical
application usage (and per the above bug, other usages will break
horribly on other implementations).
4. when used with LOG_NDELAY, openlog was not connecting the
newly-opened socket; sendto was being used instead. this defeated the
main purpose of LOG_NDELAY: preparing for chroot.
5. the default facility was not being used at all, so all messages
without an explicit facility passed to syslog were getting logged at
the kernel facility.
6. setlogmask was not thread-safe; no synchronization was performed
updating the mask. the fix uses atomics rather than locking to avoid
introducing a lock in the fast path for messages whose priority is not
in the mask.
7. in some code paths, the syslog lock was being unlocked twice; this
could result in releasing a lock that was actually held by a different
thread.
some additional enhancements to syslog such as a default identifier
based on argv[0] or similar may still be desired; at this time, only
the above-listed bugs have been fixed.
Diffstat (limited to 'arch')
0 files changed, 0 insertions, 0 deletions