rsyslog icon indicating copy to clipboard operation
rsyslog copied to clipboard
verified publisher icon rsyslog

Do not free the uninitialized cstring.

Open lonicerae opened this issue 2 years ago • 2 comments

  • Better deal with corrupted queue messages

lonicerae avatar Apr 19 '24 09:04 lonicerae

I do confirm that the patch fixes the issue. Another approach could be to change step <= 2 to step <= 3 in objDeserializeProperty:

if(iRet != RS_RET_OK && iRet != RS_RET_NO_PROPLINE) {
  if(step <= 2) {
	  pProp->varType = VARTYPE_NONE;
  }
}

One thing that we should also investigate is how the queue got malformed. Is there a possibility that there were 2 concurrent writes to the same queue file?

Cropi avatar Apr 22 '24 12:04 Cropi

I do confirm that the patch fixes the issue. Another approach could be to change step <= 2 to step <= 3 in objDeserializeProperty:

if(iRet != RS_RET_OK && iRet != RS_RET_NO_PROPLINE) {
  if(step <= 2) {
	  pProp->varType = VARTYPE_NONE;
  }
}

One thing that we should also investigate is how the queue got malformed. Is there a possibility that there were 2 concurrent writes to the same queue file?

Good question! I also would like to know the same. My friend told me it's from a very old version: rsyslog-8.24.0, however, that queue file was generated long time ago. In case I see any other cases, will report to you again. Thanks.

Best regards, Flos

lonicerae avatar May 01 '24 06:05 lonicerae