1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
From 81a07263f1e522a376d3a30f96f51df3f2879f8a Mon Sep 17 00:00:00 2001
From: Laszlo Varady <laszlo.varady@protonmail.com>
Date: Sat, 20 Aug 2022 12:22:44 +0200
Subject: [PATCH 2/8] syslogformat: add bug reproducer test for non-zero terminated
input
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
CVE: CVE-2022-38725
Upstream-Status: Backport
[https://github.com/syslog-ng/syslog-ng/commit/81a07263f1e522a376d3a30f96f51df3f2879f8a]
Signed-off-by: László Várady <laszlo.varady@protonmail.com>
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
---
modules/syslogformat/CMakeLists.txt | 1 +
modules/syslogformat/Makefile.am | 2 +
modules/syslogformat/tests/CMakeLists.txt | 1 +
modules/syslogformat/tests/Makefile.am | 9 +++
.../syslogformat/tests/test_syslog_format.c | 72 +++++++++++++++++++
5 files changed, 85 insertions(+)
create mode 100644 modules/syslogformat/tests/CMakeLists.txt
create mode 100644 modules/syslogformat/tests/Makefile.am
create mode 100644 modules/syslogformat/tests/test_syslog_format.c
diff --git a/modules/syslogformat/CMakeLists.txt b/modules/syslogformat/CMakeLists.txt
index 94ee01aa2..64848efee 100644
--- a/modules/syslogformat/CMakeLists.txt
+++ b/modules/syslogformat/CMakeLists.txt
@@ -14,3 +14,4 @@ add_module(
SOURCES ${SYSLOGFORMAT_SOURCES}
)
+add_test_subdirectory(tests)
diff --git a/modules/syslogformat/Makefile.am b/modules/syslogformat/Makefile.am
index f13f88c1b..14cdf589d 100644
--- a/modules/syslogformat/Makefile.am
+++ b/modules/syslogformat/Makefile.am
@@ -31,3 +31,5 @@ modules_syslogformat_libsyslogformat_la_DEPENDENCIES = \
modules/syslogformat modules/syslogformat/ mod-syslogformat: \
modules/syslogformat/libsyslogformat.la
.PHONY: modules/syslogformat/ mod-syslogformat
+
+include modules/syslogformat/tests/Makefile.am
diff --git a/modules/syslogformat/tests/CMakeLists.txt b/modules/syslogformat/tests/CMakeLists.txt
new file mode 100644
index 000000000..2e45b7194
--- /dev/null
+++ b/modules/syslogformat/tests/CMakeLists.txt
@@ -0,0 +1 @@
+add_unit_test(CRITERION TARGET test_syslog_format DEPENDS syslogformat)
diff --git a/modules/syslogformat/tests/Makefile.am b/modules/syslogformat/tests/Makefile.am
new file mode 100644
index 000000000..7ee66a59c
--- /dev/null
+++ b/modules/syslogformat/tests/Makefile.am
@@ -0,0 +1,9 @@
+modules_syslogformat_tests_TESTS = \
+ modules/syslogformat/tests/test_syslog_format
+
+check_PROGRAMS += ${modules_syslogformat_tests_TESTS}
+
+EXTRA_DIST += modules/syslogformat/tests/CMakeLists.txt
+
+modules_syslogformat_tests_test_syslog_format_CFLAGS = $(TEST_CFLAGS) -I$(top_srcdir)/modules/syslogformat
+modules_syslogformat_tests_test_syslog_format_LDADD = $(TEST_LDADD) $(PREOPEN_SYSLOGFORMAT)
diff --git a/modules/syslogformat/tests/test_syslog_format.c b/modules/syslogformat/tests/test_syslog_format.c
new file mode 100644
index 000000000..b247fe3c5
--- /dev/null
+++ b/modules/syslogformat/tests/test_syslog_format.c
@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2022 One Identity
+ * Copyright (c) 2022 László Várady
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 as published
+ * by the Free Software Foundation, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ *
+ * As an additional exemption you are allowed to compile & link against the
+ * OpenSSL libraries as published by the OpenSSL project. See the file
+ * COPYING for details.
+ *
+ */
+
+#include <criterion/criterion.h>
+
+#include "apphook.h"
+#include "cfg.h"
+#include "syslog-format.h"
+#include "logmsg/logmsg.h"
+#include "msg-format.h"
+#include "scratch-buffers.h"
+
+#include <string.h>
+
+GlobalConfig *cfg;
+MsgFormatOptions parse_options;
+
+static void
+setup(void)
+{
+ app_startup();
+ syslog_format_init();
+
+ cfg = cfg_new_snippet();
+ msg_format_options_defaults(&parse_options);
+}
+
+static void
+teardown(void)
+{
+ scratch_buffers_explicit_gc();
+ app_shutdown();
+ cfg_free(cfg);
+}
+
+TestSuite(syslog_format, .init = setup, .fini = teardown);
+
+Test(syslog_format, parser_should_not_spin_on_non_zero_terminated_input, .timeout = 10)
+{
+ const gchar *data = "<182>2022-08-17T05:02:28.217 mymachine su: 'su root' failed for lonvick on /dev/pts/8";
+ /* chosen carefully to reproduce a bug */
+ gsize data_length = 27;
+
+ msg_format_options_init(&parse_options, cfg);
+ LogMessage *msg = msg_format_construct_message(&parse_options, (const guchar *) data, data_length);
+
+ gsize problem_position;
+ cr_assert(syslog_format_handler(&parse_options, msg, (const guchar *) data, data_length, &problem_position));
+
+ msg_format_options_destroy(&parse_options);
+ log_msg_unref(msg);
+}
--
2.34.1
|
