Fix wrong type conversion in cstrLen()

resolves: rhbz#2157805
imjournal: by default retrieves _PID from journal as PID number
  resolves: rhbz#2176397
Systemd service file hardening
  resolves: rhbz#2176403
rsyslog.conf: load imuxsock and imjournal before loading rsyslog.d
  resolves: rhbz#2165899
rsyslog is now started after the network service during boot
  resolves: rhbz#2074318
imjournal: add second fallback to the message identifier
  resolves: rhbv#2129015
This commit is contained in:
alakatos 2023-05-19 09:26:50 +02:00
parent bf71201ec3
commit d6b54a3912
5 changed files with 121 additions and 4 deletions

View File

@ -0,0 +1,12 @@
diff -up rsyslog-8.2102.0/plugins/imjournal/imjournal.c.orig rsyslog-8.2102.0/plugins/imjournal/imjournal.c
--- rsyslog-8.2102.0/plugins/imjournal/imjournal.c.orig 2023-05-19 10:32:32.467826852 +0200
+++ rsyslog-8.2102.0/plugins/imjournal/imjournal.c 2023-05-19 10:33:34.426902983 +0200
@@ -452,6 +452,8 @@ readjournal(void)
/* Get message identifier, client pid and add ':' */
if (journalGetData("SYSLOG_IDENTIFIER", &get, &length) >= 0) {
CHKiRet(sanitizeValue(((const char *)get) + 18, length - 18, &sys_iden));
+ } else if (journalGetData("_COMM", &get, &length) >= 0) {
+ CHKiRet(sanitizeValue(((const char *)get) + 6, length - 6, &sys_iden));
} else {
CHKmalloc(sys_iden = strdup(cs.dfltTag));
}

View File

@ -0,0 +1,72 @@
diff -up rsyslog-8.2102.0/parse.h.orig rsyslog-8.2102.0/parse.h
--- rsyslog-8.2102.0/parse.h.orig 2023-05-09 09:10:09.236597063 +0200
+++ rsyslog-8.2102.0/parse.h 2023-05-09 09:10:26.913608034 +0200
@@ -56,7 +56,7 @@ struct rsParsObject
rsObjID OID; /**< object ID */
#endif
cstr_t *pCStr; /**< pointer to the string object we are parsing */
- int iCurrPos; /**< current parsing position (char offset) */
+ size_t iCurrPos; /**< current parsing position (char offset) */
};
typedef struct rsParsObject rsParsObj;
diff -up rsyslog-8.2102.0/runtime/stream.c.orig rsyslog-8.2102.0/runtime/stream.c
--- rsyslog-8.2102.0/runtime/stream.c.orig 2023-05-09 09:10:34.122612508 +0200
+++ rsyslog-8.2102.0/runtime/stream.c 2023-05-09 09:12:47.934640583 +0200
@@ -1071,7 +1071,7 @@ strmReadMultiLine(strm_t *pThis, cstr_t
cstr_t *thisLine = NULL;
rsRetVal readCharRet;
const time_t tCurr = pThis->readTimeout ? getTime(NULL) : 0;
- int maxMsgSize = glblGetMaxLine();
+ size_t maxMsgSize = glblGetMaxLine();
DEFiRet;
do {
@@ -1132,9 +1132,9 @@ strmReadMultiLine(strm_t *pThis, cstr_t
}
- int currLineLen = cstrLen(thisLine);
+ size_t currLineLen = cstrLen(thisLine);
if(currLineLen > 0) {
- int len;
+ size_t len;
if((len = cstrLen(pThis->prevMsgSegment) + currLineLen) <
maxMsgSize) {
CHKiRet(cstrAppendCStr(pThis->prevMsgSegment, thisLine));
@@ -1144,7 +1144,7 @@ strmReadMultiLine(strm_t *pThis, cstr_t
len = 0;
} else {
len = currLineLen-(len-maxMsgSize);
- for(int z=0; z<len; z++) {
+ for(size_t z=0; z<len; z++) {
cstrAppendChar(pThis->prevMsgSegment,
thisLine->pBuf[z]);
}
diff -up rsyslog-8.2102.0/runtime/stringbuf.c.orig rsyslog-8.2102.0/runtime/stringbuf.c
--- rsyslog-8.2102.0/runtime/stringbuf.c.orig 2023-05-09 09:09:37.627577446 +0200
+++ rsyslog-8.2102.0/runtime/stringbuf.c 2023-05-09 09:09:59.061590749 +0200
@@ -474,7 +474,7 @@ finalize_it:
* This is due to performance reasons.
*/
#ifndef NDEBUG
-int cstrLen(cstr_t *pThis)
+size_t cstrLen(cstr_t *pThis)
{
rsCHECKVALIDOBJECT(pThis, OIDrsCStr);
return(pThis->iStrLen);
diff -up rsyslog-8.2102.0/runtime/stringbuf.h.orig rsyslog-8.2102.0/runtime/stringbuf.h
--- rsyslog-8.2102.0/runtime/stringbuf.h.orig 2023-05-09 09:08:05.199520082 +0200
+++ rsyslog-8.2102.0/runtime/stringbuf.h 2023-05-09 09:09:26.924570803 +0200
@@ -144,9 +144,9 @@ rsRetVal cstrAppendCStr(cstr_t *pThis, c
/* now come inline-like functions */
#ifdef NDEBUG
-# define cstrLen(x) ((int)((x)->iStrLen))
+# define cstrLen(x) ((size_t)((x)->iStrLen))
#else
- int cstrLen(cstr_t *pThis);
+ size_t cstrLen(cstr_t *pThis);
#endif
#define rsCStrLen(s) cstrLen((s))

View File

@ -12,19 +12,20 @@ global(workDirectory="/var/lib/rsyslog")
# Use default timestamp format # Use default timestamp format
module(load="builtin:omfile" Template="RSYSLOG_TraditionalFileFormat") module(load="builtin:omfile" Template="RSYSLOG_TraditionalFileFormat")
# Include all config files in /etc/rsyslog.d/
include(file="/etc/rsyslog.d/*.conf" mode="optional")
#### MODULES #### #### MODULES ####
module(load="imuxsock" # provides support for local system logging (e.g. via logger command) module(load="imuxsock" # provides support for local system logging (e.g. via logger command)
SysSock.Use="off") # Turn off message reception via local log socket; SysSock.Use="off") # Turn off message reception via local log socket;
# local messages are retrieved through imjournal now. # local messages are retrieved through imjournal now.
module(load="imjournal" # provides access to the systemd journal module(load="imjournal" # provides access to the systemd journal
UsePid="system" # PID nummber is retrieved as the ID of the process the journal entry originates from
StateFile="imjournal.state") # File to store the position in the journal StateFile="imjournal.state") # File to store the position in the journal
#module(load="imklog") # reads kernel messages (the same are read from journald) #module(load="imklog") # reads kernel messages (the same are read from journald)
#module(load="immark") # provides --MARK-- message capability #module(load="immark") # provides --MARK-- message capability
# Include all config files in /etc/rsyslog.d/
include(file="/etc/rsyslog.d/*.conf" mode="optional")
# Provides UDP syslog reception # Provides UDP syslog reception
# for parameters see http://www.rsyslog.com/doc/imudp.html # for parameters see http://www.rsyslog.com/doc/imudp.html
#module(load="imudp") # needs to be done just once #module(load="imudp") # needs to be done just once

View File

@ -1,6 +1,8 @@
[Unit] [Unit]
Description=System Logging Service Description=System Logging Service
;Requires=syslog.socket ;Requires=syslog.socket
Wants=network.target network-online.target
After=network.target network-online.target
Documentation=man:rsyslogd(8) Documentation=man:rsyslogd(8)
Documentation=https://www.rsyslog.com/doc/ Documentation=https://www.rsyslog.com/doc/
@ -12,6 +14,18 @@ ExecReload=/usr/bin/kill -HUP $MAINPID
UMask=0066 UMask=0066
StandardOutput=null StandardOutput=null
Restart=on-failure Restart=on-failure
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
RestrictNamespaces=net
NoNewPrivileges=yes
ProtectControlGroups=yes
ProtectHome=read-only
ProtectKernelModules=yes
ProtectKernelTunables=yes
RestrictSUIDSGID=yes
SystemCallArchitectures=native
SystemCallFilter=~@clock @debug @module @raw-io @reboot @swap @cpu-emulation @obsolete
LockPersonality=yes
MemoryDenyWriteExecute=yes
# Increase the default a bit in order to allow many simultaneous # Increase the default a bit in order to allow many simultaneous
# files to be monitored, we might need a lot of fds. # files to be monitored, we might need a lot of fds.

View File

@ -5,7 +5,7 @@
Summary: Enhanced system logging and kernel message trapping daemon Summary: Enhanced system logging and kernel message trapping daemon
Name: rsyslog Name: rsyslog
Version: 8.2102.0 Version: 8.2102.0
Release: 113%{?dist} Release: 114%{?dist}
License: (GPLv3+ and ASL 2.0) License: (GPLv3+ and ASL 2.0)
URL: http://www.rsyslog.com/ URL: http://www.rsyslog.com/
Source0: http://www.rsyslog.com/files/download/rsyslog/%{name}-%{version}.tar.gz Source0: http://www.rsyslog.com/files/download/rsyslog/%{name}-%{version}.tar.gz
@ -38,6 +38,8 @@ Patch16: rsyslog-8.2102.0-rhbz2127404-libcap-ng.patch
Patch17: rsyslog-8.2102.0-rhbz2157658-imklog.patch Patch17: rsyslog-8.2102.0-rhbz2157658-imklog.patch
Patch18: rsyslog-8.2102.0-capabilities-drop-credential.patch Patch18: rsyslog-8.2102.0-capabilities-drop-credential.patch
Patch19: rsyslog-8.2102.0-capabilities-capnetraw.patch Patch19: rsyslog-8.2102.0-capabilities-capnetraw.patch
Patch20: rsyslog-8.2102.0-rhbz2157804-cstrlen.patch
Patch21: rsyslog-8.2102.0-rhbz2129015-journal-COMM.patch
BuildRequires: make BuildRequires: make
BuildRequires: gcc BuildRequires: gcc
@ -293,6 +295,8 @@ mv build doc
%patch17 -p1 -b .imklog-leak %patch17 -p1 -b .imklog-leak
%patch18 -p1 -b .capabilities-drop-credential %patch18 -p1 -b .capabilities-drop-credential
%patch19 -p1 -b .capabilities-capnetraw %patch19 -p1 -b .capabilities-capnetraw
%patch20 -p1 -b .cstrlen
%patch21 -p1 -b .journalCOMM
pushd .. pushd ..
%patch9 -p1 -b .openssl-compatibility %patch9 -p1 -b .openssl-compatibility
@ -558,6 +562,20 @@ done
%changelog %changelog
* Fri May 19 2023 Attila Lakatos <alakatos@redhat.com> - 8.2102.0-114
- Fix wrong type conversion in cstrLen()
resolves: rhbz#2157805
- imjournal: by default retrieves _PID from journal as PID number
resolves: rhbz#2176397
- Systemd service file hardening
resolves: rhbz#2176403
- rsyslog.conf: load imuxsock and imjournal before loading rsyslog.d
resolves: rhbz#2165899
- rsyslog is now started after the network service during boot
resolves: rhbz#2074318
- imjournal: add second fallback to the message identifier
resolves: rhbv#2129015
* Tue Mar 07 2023 Attila Lakatos <alakatos@redhat.com> - 8.2102.0-113 * Tue Mar 07 2023 Attila Lakatos <alakatos@redhat.com> - 8.2102.0-113
- Do not allow having selinux-policy < 38.1.3-1 - Do not allow having selinux-policy < 38.1.3-1
resolves: rhbz#2176386 resolves: rhbz#2176386