diff --git a/backport-GNUTls-Driver-Fix-memory-leaks-in-gtlsInitC.patch b/backport-GNUTls-Driver-Fix-memory-leaks-in-gtlsInitC.patch new file mode 100644 index 0000000000000000000000000000000000000000..0610703d74d7915196c47f7dc35608451e7342b7 --- /dev/null +++ b/backport-GNUTls-Driver-Fix-memory-leaks-in-gtlsInitC.patch @@ -0,0 +1,54 @@ +From 0f06a850ced79244774734ed525b289f2930d9c7 Mon Sep 17 00:00:00 2001 +From: Andre lorbach +Date: Thu, 11 May 2023 16:49:11 +0200 +Subject: [PATCH] [backport] GNUTls Driver: Fix memory leaks in gtlsInitCred + +Missing CA Certificate or multiple Connections caused +a memory leak in pThis->xcred as it was allocated each time in +gtlsInitCred by gnutls_certificate_allocate_credentials + +closes: https://github.com/rsyslog/rsyslog/issues/5135 + +--- + +Conflict:NA +Type:bugfix +Reference:https://github.com/rsyslog/rsyslog/commit/3401d687d2d5f9556165b53be79fbe4dc49b8c79 + +--- +--- + runtime/nsd_gtls.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c +index e003d85d3..91cffb500 100644 +--- a/runtime/nsd_gtls.c ++++ b/runtime/nsd_gtls.c +@@ -711,7 +711,10 @@ gtlsInitCred(nsd_gtls_t *const pThis ) + DEFiRet; + + /* X509 stuff */ +- CHKgnutls(gnutls_certificate_allocate_credentials(&pThis->xcred)); ++ if (pThis->xcred == NULL) { ++ /* Allocate only ONCE */ ++ CHKgnutls(gnutls_certificate_allocate_credentials(&pThis->xcred)); ++ } + + /* sets the trusted cas file */ + cafile = (pThis->pszCAFile == NULL) ? glbl.GetDfltNetstrmDrvrCAF(runConf) : pThis->pszCAFile; +@@ -2277,7 +2280,12 @@ finalize_it: + if(pThis->bHaveSess) { + gnutls_deinit(pThis->sess); + pThis->bHaveSess = 0; ++ /* Free memory using gnutls api first*/ ++ gnutls_certificate_free_credentials(pThis->xcred); + pThis->xcred = NULL; ++ /* Free other memory */ ++ free(pThis->pszConnectHost); ++ pThis->pszConnectHost = NULL; + } + } + +-- +2.33.0 + diff --git a/backport-bugfix-prevent-pot.-segfault-when-switchung.patch b/backport-bugfix-prevent-pot.-segfault-when-switchung.patch new file mode 100644 index 0000000000000000000000000000000000000000..ed493d19cf06366085f0e0b4a4a745042cf91ad5 --- /dev/null +++ b/backport-bugfix-prevent-pot.-segfault-when-switchung.patch @@ -0,0 +1,57 @@ +From 1807410d18519520ed813dd4b9d2b2d34e583415 Mon Sep 17 00:00:00 2001 +From: Rainer Gerhards +Date: Sun, 30 Oct 2022 18:43:26 +0100 +Subject: [PATCH] [backport] bugfix: prevent pot. segfault when switchung to + queue emergency mode + +When switching to Disk queue emergency mode, we destructed the in-memory +queue object. Practice has shown that this MAY cause races during +destruction which themselfs can lead to segfault. For that reason, we +now keep the disk queueu object. This will keep some ressources, +including disk space, allocated. But we prefer that over a segfault. +After all, it only happens after a serious queue error when we are +already at the edge of hard problems. + +see also: https://github.com/rsyslog/rsyslog/issues/4963 + +--- + +Conflict:NA +Type:bugfix +Reference:https://github.com/rsyslog/rsyslog/commit/eaac48d0d23afe0146454cd9f5004ddcb47cc81b + +--- +--- + runtime/queue.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/runtime/queue.c b/runtime/queue.c +index b3fdd5101..856b4df25 100644 +--- a/runtime/queue.c ++++ b/runtime/queue.c +@@ -794,8 +794,12 @@ static rsRetVal qDelLinkedList(qqueue_t *pThis) + /* The following function is used to "save" ourself from being killed by + * a fatally failed disk queue. A fatal failure is, for example, if no + * data can be read or written. In that case, the disk support is disabled, +- * with all on-disk structures kept as-is as much as possible. Instead, the +- * queue is switched to direct mode, so that at least ++ * with all on-disk structures kept as-is as much as possible. However, ++ * we do not really stop or destruct the in-memory disk queue object. ++ * Practice has shown that this may cause races during destruction which ++ * themselfs can lead to segfault. So we prefer to was some ressources by ++ * keeping the queue active. ++ * Instead, the queue is switched to direct mode, so that at least + * some processing can happen. Of course, this may still have lots of + * undesired side-effects, but is probably better than aborting the + * syslogd. Note that this function *must* succeed in one way or another, as +@@ -808,7 +812,6 @@ queueSwitchToEmergencyMode(qqueue_t *pThis, rsRetVal initiatingError) + { + pThis->iQueueSize = 0; + pThis->nLogDeq = 0; +- qDestructDisk(pThis); /* free disk structures */ + + pThis->qType = QUEUETYPE_DIRECT; + pThis->qConstruct = qConstructDirect; +-- +2.12.3 + diff --git a/backport-core-bugfix-using-uuid-msg-prop-can-deadloc.patch b/backport-core-bugfix-using-uuid-msg-prop-can-deadloc.patch new file mode 100644 index 0000000000000000000000000000000000000000..33136d10d9a15d3da345f91de957649796cb53ea --- /dev/null +++ b/backport-core-bugfix-using-uuid-msg-prop-can-deadloc.patch @@ -0,0 +1,84 @@ +From deefc958c388995fac99c581284fb86eb9653ece Mon Sep 17 00:00:00 2001 +From: Rainer Gerhards +Date: Thu, 23 Mar 2023 10:58:32 +0100 +Subject: [PATCH] [backport] core/bugfix: using $uuid msg prop can deadlock + rsyslog on shutdown + +This problem can occur if a large number of threads is used and rsyslog +cannot shut down all queues etc within the regular time interval. In this +case, it cancels some threads. That can leave the mutex guarding libuuid +calls locked and thus prevents other, not yet cancelled threads from +progressing. Assuming pthread_mutex_lock() is not a cancellation point, +this will case these other threads to hang forever and thus create a +deadlock situation. + +closes https://github.com/rsyslog/rsyslog/issues/5104 + +--- + +Conflict:NA +Type:bugfix +Reference:https://github.com/rsyslog/rsyslog/commit/82687e14fbf3d854e8cc954efb9fb0efa69a28d2 + +--- +--- + runtime/msg.c | 19 ++++++++++++------- + 1 file changed, 12 insertions(+), 7 deletions(-) + +diff --git a/runtime/msg.c b/runtime/msg.c +index 73b7cec80..a3ddb8684 100644 +--- a/runtime/msg.c ++++ b/runtime/msg.c +@@ -7,7 +7,7 @@ + * of the "old" message code without any modifications. However, it + * helps to have things at the right place one we go to the meat of it. + * +- * Copyright 2007-2022 Rainer Gerhards and Adiscon GmbH. ++ * Copyright 2007-2023 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of the rsyslog runtime library. + * +@@ -1618,13 +1618,22 @@ msgSetPRI(smsg_t *const __restrict__ pMsg, syslog_pri_t pri) + /* note: libuuid seems not to be thread-safe, so we need + * to get some safeguards in place. + */ ++static pthread_mutex_t mutUUID = PTHREAD_MUTEX_INITIALIZER; ++ ++static void call_uuid_generate(uuid_t uuid) ++{ ++ pthread_mutex_lock(&mutUUID); ++ pthread_cleanup_push(mutexCancelCleanup, &mutUUID); ++ uuid_generate(uuid); ++ pthread_cleanup_pop(1); ++} ++ + static void msgSetUUID(smsg_t * const pM) + { + size_t lenRes = sizeof(uuid_t) * 2 + 1; + char hex_char [] = "0123456789ABCDEF"; + unsigned int byte_nbr; + uuid_t uuid; +- static pthread_mutex_t mutUUID = PTHREAD_MUTEX_INITIALIZER; + + dbgprintf("[MsgSetUUID] START, lenRes %llu\n", (long long unsigned) lenRes); + assert(pM != NULL); +@@ -1632,9 +1641,7 @@ static void msgSetUUID(smsg_t * const pM) + if((pM->pszUUID = (uchar*) malloc(lenRes)) == NULL) { + pM->pszUUID = (uchar *)""; + } else { +- pthread_mutex_lock(&mutUUID); +- uuid_generate(uuid); +- pthread_mutex_unlock(&mutUUID); ++ call_uuid_generate(uuid); + for (byte_nbr = 0; byte_nbr < sizeof (uuid_t); byte_nbr++) { + pM->pszUUID[byte_nbr * 2 + 0] = hex_char[uuid [byte_nbr] >> 4]; + pM->pszUUID[byte_nbr * 2 + 1] = hex_char[uuid [byte_nbr] & 15]; +@@ -5352,5 +5359,3 @@ BEGINObjClassInit(msg, 1, OBJ_IS_CORE_MODULE) + INIT_ATOMIC_HELPER_MUT(mutTrimCtr); + # endif + ENDObjClassInit(msg) +-/* vim:set ai: +- */ +-- +2.12.3 + diff --git a/backport-imjournal-add-second-fallback-to-_COMM.patch b/backport-imjournal-add-second-fallback-to-_COMM.patch new file mode 100644 index 0000000000000000000000000000000000000000..eba679ccbb47a70cb82f41ab30aee146aab7d9fd --- /dev/null +++ b/backport-imjournal-add-second-fallback-to-_COMM.patch @@ -0,0 +1,38 @@ +From 45900dd550e0aca724a4ec66c2833de3d27565e1 Mon Sep 17 00:00:00 2001 +From: alakatos +Date: Mon, 31 Oct 2022 14:40:12 +0100 +Subject: [PATCH] [backport] imjournal: add second fallback to _COMM + +If SYSLOG_IDENTIFIER is not present in the journal message, +then lookup the _COMM field, which stands for the name +of the process the journal entry originates from. This is +needed in order to be in compliance with the journalctl +output. + +--- + +Conflict:NA +Type:bugfix +Reference:https://github.com/rsyslog/rsyslog/commit/fb5ae30e6ac4dc584dd9c5463e27e7fc5e9060a4 + +--- +--- + plugins/imjournal/imjournal.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/plugins/imjournal/imjournal.c b/plugins/imjournal/imjournal.c +index 6fb3b7a07..4d9e59966 100644 +--- a/plugins/imjournal/imjournal.c ++++ b/plugins/imjournal/imjournal.c +@@ -453,6 +453,8 @@ readjournal(void) + /* Get message identifier, client pid and add ':' */ + if (journalGetData("SYSLOG_IDENTIFIER", &get, &length) >= 0) { + CHKiRet(sanitizeValue(((const char *)get) + 18, length - 18, &sys_iden)); ++ } else if (journalGetData("_COMM", &get, &length) >= 0) { ++ CHKiRet(sanitizeValue(((const char *)get) + 6, length - 6, &sys_iden)); + } else { + CHKmalloc(sys_iden = strdup("journal")); + } +-- +2.12.3 + diff --git a/rsyslog.spec b/rsyslog.spec index eb327a018f43cf67336ca5478611ad9bb42594a9..273aa0f90fabf1effbdcdf4d232febb77a776d32 100644 --- a/rsyslog.spec +++ b/rsyslog.spec @@ -7,7 +7,7 @@ Name: rsyslog Version: 8.2210.0 -Release: 2 +Release: 3 Summary: The rocket-fast system for log processing License: (GPLv3+ and ASL 2.0) URL: http://www.rsyslog.com/ @@ -35,6 +35,10 @@ Patch6000: backport-core-bugfix-local-hostname-invalid-if-no-global-config- Patch6001: backport-imtcp-bugfix-legacy-config-directives-did-no-longer-work.patch Patch6002: backport-core-bugfix-template-system-may-generate-invalid-json.patch Patch6003: backport-omprog-bugfix-invalid-status-handling-at-called-prog.patch +Patch6004: backport-imjournal-add-second-fallback-to-_COMM.patch +Patch6005: backport-bugfix-prevent-pot.-segfault-when-switchung.patch +Patch6006: backport-core-bugfix-using-uuid-msg-prop-can-deadloc.patch +Patch6007: backport-GNUTls-Driver-Fix-memory-leaks-in-gtlsInitC.patch BuildRequires: gcc autoconf automake bison dos2unix flex pkgconfig python3-docutils libtool BuildRequires: libgcrypt-devel libuuid-devel zlib-devel krb5-devel libnet-devel gnutls-devel @@ -509,6 +513,15 @@ done %{_mandir}/man1/rscryutil.1.gz %changelog +* Sun Jun 25 2023 linzhuorong - 8.2210.0-3 +- Type:NA +- ID:NA +- SUG:NA +- DESC: imjournal: add second fallback to _COMM + bugfix: prevent pot. segfault when switchung to + core/bugfix: using $uuid msg prop can deadlock rsyslog on shutdown + GNUTls Driver: Fix memory leaks in gtlsInitCred + * Tue Apr 4 2023 pengyi - 8.2210.0-2 - Type:bugfix - CVE:NA