Package: rsyslog
Version: 8.12.0-1
Followup-For: Bug #785101
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu wily ubuntu-patch
Dear Maintainer,
While investigating FTBS on Ubuntu for i386 and powerpc, I fixed a bug in
tcpflood.c which you may be interested in. It has been submitted as issue
#506 upstream.
Kind regards,
...Louis
*** /tmp/tmpOUr_xN/bug_body
In Ubuntu, the attached patch was applied to achieve the following:
* debian/patches/fix-testbench-buffer-overflow-ftbs.patch
- Fix FTBS on i386 and powerpc caused by buffer overflow
detection while running rsyslog testbench.
Thanks for considering the patch.
-- System Information:
Debian Release: jessie/sid
APT prefers wily-updates
APT policy: (500, 'wily-updates'), (500, 'wily-security'), (500, 'wily'),
(100, 'wily-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.1.0-3-generic (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru rsyslog-8.12.0/debian/patches/fix-testbench-buffer-overflow-ftbs.patch rsyslog-8.12.0/debian/patches/fix-testbench-buffer-overflow-ftbs.patch
--- rsyslog-8.12.0/debian/patches/fix-testbench-buffer-overflow-ftbs.patch 1970-01-01 01:00:00.000000000 +0100
+++ rsyslog-8.12.0/debian/patches/fix-testbench-buffer-overflow-ftbs.patch 2015-09-02 15:07:21.000000000 +0200
@@ -0,0 +1,25 @@
+Description: Fix potential buffer overflow detection
+ On some architectures, calculation of edLen may lead to a
+ negative value when the value returned by rand() is less
+ than extraDataLen away from RAND_MAX. The negative value
+ passed to memset() triggers a glibc error. Forcing the
+ cast of rand() to be unsigned avoid the return of a negative
+ value.
+
+Author: Louis Bouchard <louis.bouch...@canonical.com>
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1464201
+Forwarded: https://github.com/rsyslog/rsyslog/issues/506
+---
+Index: rsyslog-8.12.0/tests/tcpflood.c
+===================================================================
+--- rsyslog-8.12.0.orig/tests/tcpflood.c 2015-07-08 16:31:07.000000000 +0200
++++ rsyslog-8.12.0/tests/tcpflood.c 2015-09-02 14:36:56.168433982 +0200
+@@ -398,7 +398,7 @@
+ }
+ } else {
+ if(bRandomizeExtraData)
+- edLen = ((long) rand() + extraDataLen) % extraDataLen + 1;
++ edLen = ((unsigned long) rand() + extraDataLen) % extraDataLen + 1;
+ else
+ edLen = extraDataLen;
+ memset(extraData, 'X', edLen);
diff -Nru rsyslog-8.12.0/debian/patches/series rsyslog-8.12.0/debian/patches/series
--- rsyslog-8.12.0/debian/patches/series 2015-08-16 18:46:13.000000000 +0200
+++ rsyslog-8.12.0/debian/patches/series 2015-09-02 15:07:21.000000000 +0200
@@ -1,2 +1,3 @@
Don-t-create-a-database.patch
Don-t-explicitly-link-tcpflood-against-lgcrypt.patch
+fix-testbench-buffer-overflow-ftbs.patch
