From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
Subject: Re: Syslog bug
Date: Wed, 01 Apr 2015 21:51:38 +0200
Message-ID: <87wq1vvd85.fsf@gnu.org>
References: <87twx5qmpm.fsf@gmail.com> <87sicnx5m9.fsf@gnu.org>
	<87y4mfrlss.fsf@gmail.com> <87r3s641y2.fsf@gnu.org>
	<87zj6skwbs.fsf_-_@gmail.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:60203)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1YdOfy-0005Lo-Nd
	for guix-devel@gnu.org; Wed, 01 Apr 2015 15:51:47 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1YdOft-000571-SQ
	for guix-devel@gnu.org; Wed, 01 Apr 2015 15:51:46 -0400
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:41445)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1YdOft-00056x-PW
	for guix-devel@gnu.org; Wed, 01 Apr 2015 15:51:41 -0400
In-Reply-To: <87zj6skwbs.fsf_-_@gmail.com> (Alex Kost's message of "Wed, 01
	Apr 2015 12:54:31 +0300")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
To: Alex Kost <alezost@gmail.com>
Cc: guix-devel@gnu.org

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Alex Kost <alezost@gmail.com> skribis:

> Wow, I admire how deep you dig!  Your patch does some funny thing, it
> "moves" corruption to another place.  Here is the output:
>
> # ./syslogd --debug --rcfile /tmp/syslog-with-leading-spaces.conf
> init
> cfline(*.alert;auth.notice;authpriv.none       /dev/console
> sole)

Oops, indeed, I had it too but hadn=E2=80=99t noticed.  :-)

This is because the bcopy call didn=E2=80=99t copy the trailing zero, which=
 is
fixed by adding =E2=80=9C+ 1=E2=80=9D:


--=-=-=
Content-Type: text/x-patch
Content-Disposition: inline

diff --git a/src/syslogd.c b/src/syslogd.c
index 7af10f3..aaf02a4 100644
--- a/src/syslogd.c
+++ b/src/syslogd.c
@@ -1971,7 +1971,7 @@ load_conffile (const char *filename, struct filed **nextp)
       if (*p == '\0' || *p == '#')
 	continue;
 
-      strcpy (cline, p);
+      bcopy (p, cline, strlen (p) + 1);
 
       /* Cut the trailing spaces.  */
       for (p = strchr (cline, '\0'); isspace (*--p);)

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


> --- a/src/syslogd.c
> +++ b/src/syslogd.c
> @@ -1971,7 +1971,7 @@ load_conffile (const char *filename, struct filed *=
*nextp)
>        if (*p =3D=3D '\0' || *p =3D=3D '#')
>  	continue;
>=20=20
> -      strcpy (cline, p);
> +      strncpy (cline, p, strlen (cline));

I guess this worked by chance: it does not copy the trailing zero, and
it doesn=E2=80=99t address the overlapping-memory-regions issue.

> A side note: compilation of inetutils failed for me complaining about
> missing "help2man".  It finished successfully after I had added
> "help2man" to native-inputs.

That=E2=80=99s because the patch modifies the source of an executable for w=
hich
a man page is generated.

Thanks for your feedback!  I=E2=80=99ll report the issue upstream.

Ludo=E2=80=99.

--=-=-=--