From 874bc134ac6504c45e94174e37af13ff21a6bfe2 Mon Sep 17 00:00:00 2001
From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Mon, 14 Jul 2014 16:53:23 -0400
Subject: Clear up confusion wrt. ENTRY_SIZE_MAX and DATA_SIZE_MAX

Define DATA_SIZE_MAX to mean the maximum size of a single
field, and ENTRY_SIZE_MAX to mean the size of the whole
entry, with some rough calculation of overhead over the payload.

Check if entries are not too big when processing native journal
messages.
---
 src/journal/journald-native.c | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

(limited to 'src/journal/journald-native.c')

diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c
index c54f6475d3..6674f3bd50 100644
--- a/src/journal/journald-native.c
+++ b/src/journal/journald-native.c
@@ -82,7 +82,7 @@ void server_process_native_message(
         struct iovec *iovec = NULL;
         unsigned n = 0, j, tn = (unsigned) -1;
         const char *p;
-        size_t remaining, m = 0;
+        size_t remaining, m = 0, entry_size = 0;
         int priority = LOG_INFO;
         char *identifier = NULL, *message = NULL;
         pid_t object_pid = 0;
@@ -106,9 +106,17 @@ void server_process_native_message(
 
                 if (e == p) {
                         /* Entry separator */
+
+                        if (entry_size + n + 1 > ENTRY_SIZE_MAX) { /* data + separators + trailer */
+                                log_debug("Entry is too big with %u properties and %zu bytes, ignoring.",
+                                          n, entry_size);
+                                continue;
+                        }
+
                         server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority, object_pid);
                         n = 0;
                         priority = LOG_INFO;
+                        entry_size = 0;
 
                         p++;
                         remaining--;
@@ -146,6 +154,7 @@ void server_process_native_message(
                                 iovec[n].iov_base = (char*) p;
                                 iovec[n].iov_len = l;
                                 n++;
+                                entry_size += iovec[n].iov_len;
 
                                 /* We need to determine the priority
                                  * of this entry for the rate limiting
@@ -214,7 +223,7 @@ void server_process_native_message(
                         l = le64toh(l_le);
 
                         if (l > DATA_SIZE_MAX) {
-                                log_debug("Received binary data block too large, ignoring.");
+                                log_debug("Received binary data block of %zu bytes is too large, ignoring.", l);
                                 break;
                         }
 
@@ -238,6 +247,7 @@ void server_process_native_message(
                                 iovec[n].iov_base = k;
                                 iovec[n].iov_len = (e - p) + 1 + l;
                                 n++;
+                                entry_size += iovec[n].iov_len;
                         } else
                                 free(k);
 
@@ -251,6 +261,13 @@ void server_process_native_message(
 
         tn = n++;
         IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
+        entry_size += strlen("_TRANSPORT=journal");
+
+        if (entry_size + n + 1 > ENTRY_SIZE_MAX) { /* data + separators + trailer */
+                log_debug("Entry is too big with %u properties and %zu bytes, ignoring.",
+                          n, entry_size);
+                goto finish;
+        }
 
         if (message) {
                 if (s->forward_to_syslog)
-- 
cgit v1.2.3-54-g00ecf