I just upgraded from 1.4.8 to 1.4.9. I compiled with the default options and I'm using the same configuration file as I did with 1.4.8. The only thing that has changed is the syslog-ng binary itself. When I started 1.4.9, it wasn't logging normal events. I have the "internal" messages logging to a separate file, so I checked that. In the few minutes that had passed since I started the daemon, the file had filled up to 250 meg with continuous repetitions of this message:
Nov 22 12:43:30 flogm syslog-ng[27074]: io.c: do_recv(): Zero length read was requested.
it's silly, can you send me your configuration file? I hardly changed anything in 1.4.9. And it passed my simple tests.
Never mind. I could successfully reproduce it. I commented out a HP-UX workaround, which as it seems was not used only under HP-UX, and I thought it took part in the DoS I fixed in 1.4.9. Here's the patch, and I'll promptly release 1.4.9a before the bugtraq announcement goes out. diff -u -r1.23.2.5 sources.c --- sources.c 2000/11/22 16:04:59 1.23.2.5 +++ sources.c 2000/11/23 08:29:06 @@ -100,15 +100,12 @@ eol = memchr(closure->buffer, '\0', closure->pos); if (eol == NULL) eol = memchr(closure->buffer, '\n', closure->pos); -#if 0 - /* this is broken, and breaks other platforms */ - if (!eol && closure->pos) { - /* HP-UX kludge workaround */ + if (!eol && closure->pos == MAX_LINE) { + /* our buffer is full, we have to flush it */ do_handle_line(closure, closure->pos, closure->buffer, salen ? (abstract_addr *) &sabuf : NULL, salen); closure->pos = 0; return ST_OK | ST_GOON; } -#endif start = closure->buffer; while (eol) { /* eol points at the newline character. end points at the -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 url: http://www.balabit.hu/pgpkey.txt