svn commit: r359276 - head/usr.sbin/newsyslog

Tue, 24 Mar 2020 12:31:24 -0700 

Author: markj
Date: Tue Mar 24 18:16:36 2020
New Revision: 359276
URL: https://svnweb.freebsd.org/changeset/base/359276

Log:
  newsyslog: Fix stack corruption when initializing a zipwork structure.
  
  This happens when compressing a previously uncompressed already-rotated
  file, as happens when handling the 'p' flag in newsyslog.conf.  The file
  name is stored in a flexible array member, so these structures cannot be
  stack allocated.
  
  Also make sure that we call change_attrs() and do_zipwork() in dry-run
  mode; they handle this properly, contrary to the commit log message for
  r327451.
  
  CID:          1008168
  Github PR:    https://github.com/freebsd/freebsd/pull/427
  MFC after:    2 weeks
  Submitted by: Radek Brich (original version)

Modified:
  head/usr.sbin/newsyslog/newsyslog.c

Modified: head/usr.sbin/newsyslog/newsyslog.c
==============================================================================
--- head/usr.sbin/newsyslog/newsyslog.c Tue Mar 24 18:16:02 2020        
(r359275)
+++ head/usr.sbin/newsyslog/newsyslog.c Tue Mar 24 18:16:36 2020        
(r359276)
@@ -1829,17 +1829,23 @@ do_rotate(const struct conf_entry *ent)
                else {
                        /* XXX - Ought to be checking for failure! */
                        (void)rename(zfile1, zfile2);
-                       change_attrs(zfile2, ent);
-                       if (ent->compress && !strlen(logfile_suffix)) {
-                               /* compress old rotation */
-                               struct zipwork_entry zwork;
+               }
+               change_attrs(zfile2, ent);
+               if (ent->compress && strlen(logfile_suffix) == 0) {
+                       /* compress old rotation */
+                       struct zipwork_entry *zwork;
+                       size_t sz;
 
-                               memset(&zwork, 0, sizeof(zwork));
-                               zwork.zw_conf = ent;
-                               zwork.zw_fsize = sizefile(zfile2);
-                               strcpy(zwork.zw_fname, zfile2);
-                               do_zipwork(&zwork);
-                       }
+                       sz = sizeof(*zwork) + strlen(zfile2) + 1;
+                       zwork = calloc(1, sz);
+                       if (zwork == NULL)
+                               err(1, "calloc");
+
+                       zwork->zw_conf = ent;
+                       zwork->zw_fsize = sizefile(zfile2);
+                       strcpy(zwork->zw_fname, zfile2);
+                       do_zipwork(zwork);
+                       free(zwork);
                }
        }
 
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to