system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-10-15 12:34:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

journal: Don't try to write garbage if journal entry is corrupted

Browse source 
If journal_file_data_payload() returns -EBADMSG or -EADDRNOTAVAIL,
we skip the entry and go to the next entry, but we never modify
the number of items that we pass to journal_file_append_entry_internal()
if that happens, which means we could try to append garbage to the
journal file.

Let's keep track of the number of fields we've appended to avoid this
problem.
This commit is contained in:
Daan De Meyer 2023-04-26 13:21:55 +02:00 committed by Yu Watanabe
parent 22148897cf
commit f81409f844
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
src/libsystemd/sd-journal/journal-file.c
View file

@ -4168,7 +4168,7 @@ int journal_file_copy_entry(
_cleanup_free_ EntryItem *items_alloc = NULL;
EntryItem *items;
uint64_t q, n, xor_hash = 0;
uint64_t q, n, m = 0, xor_hash = 0;
const sd_id128_t *boot_id;
dual_timestamp ts;
int r;
@ -4227,7 +4227,7 @@ int journal_file_copy_entry(
else
xor_hash ^= le64toh(u->data.hash);
items[i] = (EntryItem) {
items[m++] = (EntryItem) {
.object_offset = h,
.hash = le64toh(u->data.hash),
};
@ -4240,6 +4240,9 @@ int journal_file_copy_entry(
return r;
}
if (m == 0)
return 0;
r = journal_file_append_entry_internal(
to,
&ts,
@ -4247,7 +4250,7 @@ int journal_file_copy_entry(
&from->header->machine_id,
xor_hash,
items,
n,
m,
seqnum,
seqnum_id,
/* ret_object= */ NULL,