[syslog-ng] [Bug 32] New: syslog-ng stops listening after receiving a zero length udp packet
bugzilla at bugzilla.balabit.com
bugzilla at bugzilla.balabit.com
Tue Feb 10 22:12:56 CET 2009
https://bugzilla.balabit.com/show_bug.cgi?id=32
Summary: syslog-ng stops listening after receiving a zero length
udp packet
Product: syslog-ng
Version: 3.0.x
Platform: Other
OS/Version: Other
Status: NEW
Severity: major
Priority: unspecified
Component: syslog-ng
AssignedTo: bazsi at balabit.hu
ReportedBy: ffs at ccn.net
Type of the Report: bug
Estimated Hours: 0.0
Created an attachment (id=12)
--> (https://bugzilla.balabit.com/attachment.cgi?id=12)
afsocket EOF patch
Hi,
if syslog-ng has an udp() source configured it stops listening after receiving a zero length udp packet.
In debug mode it logs 'EOF occurred while reading'. After this message no udp messages get processed anymore.
After a restart syslog-ng is logging again.
As this bug is reproducible it could be abused for DOS attacks also.
Tested on: Solaris 8/9
Attached is a patch for version 3.0.1. There might be a better way to solve this problem, but it's working for me.
Thank you for syslog-ng!
Florian
--
Configure bugmail: https://bugzilla.balabit.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the syslog-ng
mailing list