diff options
| author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2014-07-14 16:53:23 -0400 | 
|---|---|---|
| committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2014-07-15 22:34:42 -0400 | 
| commit | 874bc134ac6504c45e94174e37af13ff21a6bfe2 (patch) | |
| tree | d53dfbfa9fd082d119f3eb732e1a10ac9055bc61 | |
| parent | 93c0969cf91c4e4973806181a6098b66a4e8e2f8 (diff) | |
Clear up confusion wrt. ENTRY_SIZE_MAX and DATA_SIZE_MAX
Define DATA_SIZE_MAX to mean the maximum size of a single
field, and ENTRY_SIZE_MAX to mean the size of the whole
entry, with some rough calculation of overhead over the payload.
Check if entries are not too big when processing native journal
messages.
| -rw-r--r-- | src/journal/coredump.c | 4 | ||||
| -rw-r--r-- | src/journal/journald-native.c | 21 | ||||
| -rw-r--r-- | src/journal/journald-native.h | 2 | 
3 files changed, 22 insertions, 5 deletions
| diff --git a/src/journal/coredump.c b/src/journal/coredump.c index cd612b7ebc..4ac1a41299 100644 --- a/src/journal/coredump.c +++ b/src/journal/coredump.c @@ -61,8 +61,8 @@  #define JOURNAL_SIZE_MAX ((size_t) (767LU*1024LU*1024LU))  /* Make sure to not make this larger than the maximum journal entry - * size. See ENTRY_SIZE_MAX in journald-native.c. */ -assert_cc(JOURNAL_SIZE_MAX <= ENTRY_SIZE_MAX); + * size. See DATA_SIZE_MAX in journald-native.c. */ +assert_cc(JOURNAL_SIZE_MAX <= DATA_SIZE_MAX);  enum {          INFO_PID, diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c index c54f6475d3..6674f3bd50 100644 --- a/src/journal/journald-native.c +++ b/src/journal/journald-native.c @@ -82,7 +82,7 @@ void server_process_native_message(          struct iovec *iovec = NULL;          unsigned n = 0, j, tn = (unsigned) -1;          const char *p; -        size_t remaining, m = 0; +        size_t remaining, m = 0, entry_size = 0;          int priority = LOG_INFO;          char *identifier = NULL, *message = NULL;          pid_t object_pid = 0; @@ -106,9 +106,17 @@ void server_process_native_message(                  if (e == p) {                          /* Entry separator */ + +                        if (entry_size + n + 1 > ENTRY_SIZE_MAX) { /* data + separators + trailer */ +                                log_debug("Entry is too big with %u properties and %zu bytes, ignoring.", +                                          n, entry_size); +                                continue; +                        } +                          server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority, object_pid);                          n = 0;                          priority = LOG_INFO; +                        entry_size = 0;                          p++;                          remaining--; @@ -146,6 +154,7 @@ void server_process_native_message(                                  iovec[n].iov_base = (char*) p;                                  iovec[n].iov_len = l;                                  n++; +                                entry_size += iovec[n].iov_len;                                  /* We need to determine the priority                                   * of this entry for the rate limiting @@ -214,7 +223,7 @@ void server_process_native_message(                          l = le64toh(l_le);                          if (l > DATA_SIZE_MAX) { -                                log_debug("Received binary data block too large, ignoring."); +                                log_debug("Received binary data block of %zu bytes is too large, ignoring.", l);                                  break;                          } @@ -238,6 +247,7 @@ void server_process_native_message(                                  iovec[n].iov_base = k;                                  iovec[n].iov_len = (e - p) + 1 + l;                                  n++; +                                entry_size += iovec[n].iov_len;                          } else                                  free(k); @@ -251,6 +261,13 @@ void server_process_native_message(          tn = n++;          IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal"); +        entry_size += strlen("_TRANSPORT=journal"); + +        if (entry_size + n + 1 > ENTRY_SIZE_MAX) { /* data + separators + trailer */ +                log_debug("Entry is too big with %u properties and %zu bytes, ignoring.", +                          n, entry_size); +                goto finish; +        }          if (message) {                  if (s->forward_to_syslog) diff --git a/src/journal/journald-native.h b/src/journal/journald-native.h index 97808e746a..e82a5b87d5 100644 --- a/src/journal/journald-native.h +++ b/src/journal/journald-native.h @@ -25,7 +25,7 @@  /* Make sure not to make this smaller than the maximum coredump   * size. See COREDUMP_MAX in coredump.c */ -#define ENTRY_SIZE_MAX (1024*1024*768u) +#define ENTRY_SIZE_MAX (1024*1024*770u)  #define DATA_SIZE_MAX (1024*1024*768u)  bool valid_user_field(const char *p, size_t l, bool allow_protected); | 
