BUG/MINOR: log: fix parse_log_message rfc5424 size check In parse_log_message(), if log is rfc5424 compliant, p pointer is incremented and size is not. However size is still used in further checks as if p pointer was not incremented. This could lead to logic error or buffer overflow if input buf is not null-terminated. Fixing this by making sure size is up to date where it is needed. It could be backported up to 2.4.

commit: ab9efc25f07b9870c827e2da05fe23a084a8b8f4 [log] [tgz]
author: Aurelien DARRAGON <adarragon@haproxy.com> Tue Nov 22 11:17:11 2022 +0100
committer: Christopher Faulet <cfaulet@haproxy.com> Tue Nov 22 16:27:52 2022 +0100
tree: affa888476d804dcb3717c815aacde70ec55c279
parent: 9dce88ba2cb73b6c3665b4eeaa74186ebce2c7a5 [diff] [blame]
diff --git a/src/log.c b/src/log.c
index 1fdcd81..cf140cd 100644
--- a/src/log.c
+++ b/src/log.c

@@ -3234,6 +3234,7 @@
 		 */
 
 		p += 2;
+		*size -= 2;
 		/* timestamp is NILVALUE '-' */
 		if (*size > 2 && (p[0] == '-') && p[1] == ' ') {
 			metadata[LOG_META_TIME] = ist2(p, 1);
commit	ab9efc25f07b9870c827e2da05fe23a084a8b8f4	[log] [tgz]
author	Aurelien DARRAGON <adarragon@haproxy.com>	Tue Nov 22 11:17:11 2022 +0100
committer	Christopher Faulet <cfaulet@haproxy.com>	Tue Nov 22 16:27:52 2022 +0100
tree	affa888476d804dcb3717c815aacde70ec55c279
parent	9dce88ba2cb73b6c3665b4eeaa74186ebce2c7a5 [diff] [blame]