[syslog-ng] Fwd: Seg fault with include file contains an error
anthony lineham
anthony.lineham at alliedtelesis.co.nz
Mon Oct 19 22:13:18 CEST 2009
Hi,
I sent this patch to the list last month, but haven't had any feedback yet. Does anyone have any comments (aside from my poor spelling and grammar)? Am I way off track with this fix or is it ok?
Looking forward to your comments.
best regards,
Anthony
>>> On 9/14/2009 at 4:50 PM, in message
<4ADD7D39.7D71.00E6.0 at alliedtelesis.co.nz>, anthony lineham wrote:
> Hi Bazsi,
>
> I've been investigating a seg fault that occurs when using an include
> statement in the config file. The error
> occurs when one of the included files contains an syntax error. The first
> time syslog-ng is restarted with the bad
> config, the error is detected and restart is aborted. However, if a second
> HUP is sent a seg fault occurs.
>
> I had a bit of trouble tracking down the cause and I'm still not entirely
> sure of the mechanism that leads to the
> crash but I found a couple of apparent problems, which when corrected
> prevent it.
>
> 1. There is a global variable "include_depth" which normally gets
> decremented back to zero after successful
> parsing of included config files. However, if an error is detected it stays
> at its current value and subsequent
> restarts increment from that point. This doesn't cause the crash, but given
> enough restarts would lead to
> overrun or exhaustion of the "include_stack" array.
>
> 2. In the case of unsuccessful config parsing certain bits of memory are
> dealloced but their pointers that not
> reset. This seems to be what was causing the seg fault but I've found it a
> bit hard to pin down.
>
> 3. There was an off-by-1 error in the included config deinit loop.
>
> The following patch fixes the problem, but may not necessarily be the best
> way to do it - particularly issue 1.
>
> Regards,
> Anthony
>
> --- syslog-ng_3.0.1-63-g41f77f5-old/src/cfg-lex.l 2009-09-14
> 16:02:09.000000000 +1200
> +++ syslog-ng_3.0.1-63-g41f77f5/src/cfg-lex.l 2009-09-14
> 16:15:30.000000000 +1200
> @@ -626,17 +626,24 @@
> {
> gint i;
>
> - for (i = 0; i < include_depth; i++)
> + for (i = 0; i <= include_depth; i++)
> {
> CfgIncludeLevel *level = &include_stack[i];
>
> if (level->current_file)
> - g_free(level->current_file);
> + {
> + g_free(level->current_file);
> + level->current_file = NULL;
> + }
>
> g_slist_foreach(level->files, (GFunc) g_free, NULL);
> g_slist_free(level->files);
> level->files = NULL;
> if (level->yybuf)
> - yy_delete_buffer(level->yybuf);
> + {
> + yy_delete_buffer(level->yybuf);
> + level->yybuf = NULL;
> + }
> }
> + include_depth = 0;
> }
>
More information about the syslog-ng
mailing list