From 874bc134ac6504c45e94174e37af13ff21a6bfe2 Mon Sep 17 00:00:00 2001 From: Zbigniew Jędrzejewski-Szmek Date: Mon, 14 Jul 2014 16:53:23 -0400 Subject: Clear up confusion wrt. ENTRY_SIZE_MAX and DATA_SIZE_MAX Define DATA_SIZE_MAX to mean the maximum size of a single field, and ENTRY_SIZE_MAX to mean the size of the whole entry, with some rough calculation of overhead over the payload. Check if entries are not too big when processing native journal messages. --- src/journal/coredump.c | 4 ++-- src/journal/journald-native.c | 21 +++++++++++++++++++-- src/journal/journald-native.h | 2 +- 3 files changed, 22 insertions(+), 5 deletions(-) diff --git a/src/journal/coredump.c b/src/journal/coredump.c index cd612b7ebc..4ac1a41299 100644 --- a/src/journal/coredump.c +++ b/src/journal/coredump.c @@ -61,8 +61,8 @@ #define JOURNAL_SIZE_MAX ((size_t) (767LU*1024LU*1024LU)) /* Make sure to not make this larger than the maximum journal entry - * size. See ENTRY_SIZE_MAX in journald-native.c. */ -assert_cc(JOURNAL_SIZE_MAX <= ENTRY_SIZE_MAX); + * size. See DATA_SIZE_MAX in journald-native.c. */ +assert_cc(JOURNAL_SIZE_MAX <= DATA_SIZE_MAX); enum { INFO_PID, diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c index c54f6475d3..6674f3bd50 100644 --- a/src/journal/journald-native.c +++ b/src/journal/journald-native.c @@ -82,7 +82,7 @@ void server_process_native_message( struct iovec *iovec = NULL; unsigned n = 0, j, tn = (unsigned) -1; const char *p; - size_t remaining, m = 0; + size_t remaining, m = 0, entry_size = 0; int priority = LOG_INFO; char *identifier = NULL, *message = NULL; pid_t object_pid = 0; @@ -106,9 +106,17 @@ void server_process_native_message( if (e == p) { /* Entry separator */ + + if (entry_size + n + 1 > ENTRY_SIZE_MAX) { /* data + separators + trailer */ + log_debug("Entry is too big with %u properties and %zu bytes, ignoring.", + n, entry_size); + continue; + } + server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority, object_pid); n = 0; priority = LOG_INFO; + entry_size = 0; p++; remaining--; @@ -146,6 +154,7 @@ void server_process_native_message( iovec[n].iov_base = (char*) p; iovec[n].iov_len = l; n++; + entry_size += iovec[n].iov_len; /* We need to determine the priority * of this entry for the rate limiting @@ -214,7 +223,7 @@ void server_process_native_message( l = le64toh(l_le); if (l > DATA_SIZE_MAX) { - log_debug("Received binary data block too large, ignoring."); + log_debug("Received binary data block of %zu bytes is too large, ignoring.", l); break; } @@ -238,6 +247,7 @@ void server_process_native_message( iovec[n].iov_base = k; iovec[n].iov_len = (e - p) + 1 + l; n++; + entry_size += iovec[n].iov_len; } else free(k); @@ -251,6 +261,13 @@ void server_process_native_message( tn = n++; IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal"); + entry_size += strlen("_TRANSPORT=journal"); + + if (entry_size + n + 1 > ENTRY_SIZE_MAX) { /* data + separators + trailer */ + log_debug("Entry is too big with %u properties and %zu bytes, ignoring.", + n, entry_size); + goto finish; + } if (message) { if (s->forward_to_syslog) diff --git a/src/journal/journald-native.h b/src/journal/journald-native.h index 97808e746a..e82a5b87d5 100644 --- a/src/journal/journald-native.h +++ b/src/journal/journald-native.h @@ -25,7 +25,7 @@ /* Make sure not to make this smaller than the maximum coredump * size. See COREDUMP_MAX in coredump.c */ -#define ENTRY_SIZE_MAX (1024*1024*768u) +#define ENTRY_SIZE_MAX (1024*1024*770u) #define DATA_SIZE_MAX (1024*1024*768u) bool valid_user_field(const char *p, size_t l, bool allow_protected); -- cgit v1.2.3-54-g00ecf