syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246)
authorArjun Shankar <arjun@redhat.com>
Mon, 15 Jan 2024 16:44:43 +0000 (17:44 +0100)
committerArjun Shankar <arjun@redhat.com>
Tue, 30 Jan 2024 14:53:37 +0000 (15:53 +0100)
commit6bd0e4efcc78f3c0115e5ea9739a1642807450da
tree18ec2375433978e7a6aef01108958524f539a8d6
parent8aeec0eb5a18f9614d18156f9d6092b3525b818c
syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246)

__vsyslog_internal did not handle a case where printing a SYSLOG_HEADER
containing a long program name failed to update the required buffer
size, leading to the allocation and overflow of a too-small buffer on
the heap.  This commit fixes that.  It also adds a new regression test
that uses glibc.malloc.check.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
misc/Makefile
misc/syslog.c
misc/tst-syslog-long-progname.c [new file with mode: 0644]
misc/tst-syslog-long-progname.root/postclean.req [new file with mode: 0644]