-
Bug
-
Resolution: Unresolved
-
Minor
-
rhel-9.4
-
rsyslog-8.2412.0-1.el9
-
None
-
Moderate
-
rhel-sst-security-special-projects
-
ssg_security
-
20
-
None
-
False
-
-
None
-
None
-
Pass
-
None
-
-
x86_64
-
None
What were you trying to do that didn't work?
new rebased rsyslog crashes when legacy option "$ControlCharacterEscapePrefix #" is set.
Please provide the package NVR for which bug is seen:
rsyslog-8.2310.0-4.el9.x86_64
Bug is not seen in:
rsyslog-8.2102.0-117.el9
How reproducible:
always
Steps to reproduce
- # echo "\$ControlCharacterEscapePrefix #" > /etc/rsyslog.d/crash.conf
- # systemctl restart rsyslog
- # systemctl status -l rsyslog
Expected results
● rsyslog.service - System Logging Service Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; preset: enabled) Active: active (running) since Wed 2024-05-22 15:15:19 -03; 5s ago Docs: man:rsyslogd(8) https://www.rsyslog.com/doc/ Main PID: 43493 (rsyslogd) Tasks: 3 (limit: 11108) Memory: 2.7M CPU: 107ms CGroup: /system.slice/rsyslog.service └─43493 /usr/sbin/rsyslogd -nMay 22 15:15:19 r93 systemd[1]: Starting System Logging Service... May 22 15:15:19 r93 systemd[1]: Started System Logging Service.
Actual results
× rsyslog.service - System Logging Service Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; preset: enabled) Active: failed (Result: core-dump) since Wed 2024-05-22 14:23:25 -03; 49min ago Duration: 38.932s Docs: man:rsyslogd(8) https://www.rsyslog.com/doc/ Process: 43219 ExecStart=/usr/sbin/rsyslogd -n $SYSLOGD_OPTIONS (code=dumped, signal=SEGV) Main PID: 43219 (code=dumped, signal=SEGV) CPU: 33ms May 22 14:23:25 r93 systemd[1]: rsyslog.service: Scheduled restart job, restart counter is at 5. May 22 14:23:25 r93 systemd[1]: Stopped System Logging Service. May 22 14:23:25 r93 systemd[1]: rsyslog.service: Start request repeated too quickly. May 22 14:23:25 r93 systemd[1]: rsyslog.service: Failed with result 'core-dump'. May 22 14:23:25 r93 systemd[1]: Failed to start System Logging Service.
Additional backtrace:
Core was generated by `/usr/sbin/rsyslogd -n'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x000055a7f904304b in setParserControlCharacterEscapePrefix (pVal=pVal@entry=0x0, pNewVal=0x23 <error: Cannot access memory at address 0x23>) at ../runtime/glbl.c:524 524 loadConf->globals.parser.cCCEscapeChar = *pNewVal; (gdb) bt #0 0x000055a7f904304b in setParserControlCharacterEscapePrefix (pVal=pVal@entry=0x0, pNewVal=0x23 <error: Cannot access memory at address 0x23>) at ../runtime/glbl.c:524 #1 0x000055a7f90735fb in doGetChar (pp=0x7ffe2e298d58, pSetHdlr=0x55a7f9043040 <setParserControlCharacterEscapePrefix>, pVal=0x0) at ../runtime/cfsysline.c:81 #2 0x000055a7f9078bc2 in cslchCallHdlr (ppConfLine=0x7ffe2e298d58, pThis=<optimized out>) at ../runtime/cfsysline.c:782 #3 processCfSysLineCommand (pCmdName=0x7ffe2e298dc0 "ControlCharacterEscapePrefix", p=0x7ffe2e298db8) at ../runtime/cfsysline.c:1022 #4 0x000055a7f904a38f in cfsysline (p=<optimized out>) at ../runtime/conf.c:239 #5 0x000055a7f9034512 in cnfDoCfsysline (ln=0x55a7fa4ee580 "$ControlCharacterEscapePrefix #") at ../runtime/rsconf.c:628 #6 yylex () at ../grammar/lexer.l:434 #7 0x000055a7f9036540 in yyparse () at ../grammar/grammar.c:1535 #8 0x000055a7f904d375 in load (cnf=0x55a7f90ca828 <ourConf>, confFile=0x55a7f908bea7 "/etc/rsyslog.conf") at ../runtime/rsconf.c:1494 #9 0x000055a7f902865b in initAll (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/rsyslog-8.2310.0-4.el9.x86_64/tools/rsyslogd.c:1636 #10 0x000055a7f90222a0 in main (argc=2, argv=0x55a7f908b075) at /usr/src/debug/rsyslog-8.2310.0-4.el9.x86_64/tools/rsyslogd.c:2337 (gdb) list 519 } 520 521 static rsRetVal 522 setParserControlCharacterEscapePrefix(void __attribute__((unused)) *pVal, uchar *pNewVal) { 523 DEFiRet; 524 loadConf->globals.parser.cCCEscapeChar = *pNewVal; 525 RETiRet; 526 } 527 528 static rsRetVal
- links to