diff options
author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2014-07-14 16:53:23 -0400 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2014-07-15 22:34:42 -0400 |
commit | 874bc134ac6504c45e94174e37af13ff21a6bfe2 (patch) | |
tree | d53dfbfa9fd082d119f3eb732e1a10ac9055bc61 /src/journal | |
parent | 93c0969cf91c4e4973806181a6098b66a4e8e2f8 (diff) |
Clear up confusion wrt. ENTRY_SIZE_MAX and DATA_SIZE_MAX
Define DATA_SIZE_MAX to mean the maximum size of a single
field, and ENTRY_SIZE_MAX to mean the size of the whole
entry, with some rough calculation of overhead over the payload.
Check if entries are not too big when processing native journal
messages.
Diffstat (limited to 'src/journal')
-rw-r--r-- | src/journal/coredump.c | 4 | ||||
-rw-r--r-- | src/journal/journald-native.c | 21 | ||||
-rw-r--r-- | src/journal/journald-native.h | 2 |
3 files changed, 22 insertions, 5 deletions
diff --git a/src/journal/coredump.c b/src/journal/coredump.c index cd612b7ebc..4ac1a41299 100644 --- a/src/journal/coredump.c +++ b/src/journal/coredump.c @@ -61,8 +61,8 @@ #define JOURNAL_SIZE_MAX ((size_t) (767LU*1024LU*1024LU)) /* Make sure to not make this larger than the maximum journal entry - * size. See ENTRY_SIZE_MAX in journald-native.c. */ -assert_cc(JOURNAL_SIZE_MAX <= ENTRY_SIZE_MAX); + * size. See DATA_SIZE_MAX in journald-native.c. */ +assert_cc(JOURNAL_SIZE_MAX <= DATA_SIZE_MAX); enum { INFO_PID, diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c index c54f6475d3..6674f3bd50 100644 --- a/src/journal/journald-native.c +++ b/src/journal/journald-native.c @@ -82,7 +82,7 @@ void server_process_native_message( struct iovec *iovec = NULL; unsigned n = 0, j, tn = (unsigned) -1; const char *p; - size_t remaining, m = 0; + size_t remaining, m = 0, entry_size = 0; int priority = LOG_INFO; char *identifier = NULL, *message = NULL; pid_t object_pid = 0; @@ -106,9 +106,17 @@ void server_process_native_message( if (e == p) { /* Entry separator */ + + if (entry_size + n + 1 > ENTRY_SIZE_MAX) { /* data + separators + trailer */ + log_debug("Entry is too big with %u properties and %zu bytes, ignoring.", + n, entry_size); + continue; + } + server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority, object_pid); n = 0; priority = LOG_INFO; + entry_size = 0; p++; remaining--; @@ -146,6 +154,7 @@ void server_process_native_message( iovec[n].iov_base = (char*) p; iovec[n].iov_len = l; n++; + entry_size += iovec[n].iov_len; /* We need to determine the priority * of this entry for the rate limiting @@ -214,7 +223,7 @@ void server_process_native_message( l = le64toh(l_le); if (l > DATA_SIZE_MAX) { - log_debug("Received binary data block too large, ignoring."); + log_debug("Received binary data block of %zu bytes is too large, ignoring.", l); break; } @@ -238,6 +247,7 @@ void server_process_native_message( iovec[n].iov_base = k; iovec[n].iov_len = (e - p) + 1 + l; n++; + entry_size += iovec[n].iov_len; } else free(k); @@ -251,6 +261,13 @@ void server_process_native_message( tn = n++; IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal"); + entry_size += strlen("_TRANSPORT=journal"); + + if (entry_size + n + 1 > ENTRY_SIZE_MAX) { /* data + separators + trailer */ + log_debug("Entry is too big with %u properties and %zu bytes, ignoring.", + n, entry_size); + goto finish; + } if (message) { if (s->forward_to_syslog) diff --git a/src/journal/journald-native.h b/src/journal/journald-native.h index 97808e746a..e82a5b87d5 100644 --- a/src/journal/journald-native.h +++ b/src/journal/journald-native.h @@ -25,7 +25,7 @@ /* Make sure not to make this smaller than the maximum coredump * size. See COREDUMP_MAX in coredump.c */ -#define ENTRY_SIZE_MAX (1024*1024*768u) +#define ENTRY_SIZE_MAX (1024*1024*770u) #define DATA_SIZE_MAX (1024*1024*768u) bool valid_user_field(const char *p, size_t l, bool allow_protected); |