Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-38222

rsyslog crashes when legacy option "$ControlCharacterEscapePrefix #" is set.

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • rhel-9.6
    • rhel-9.4
    • rsyslog
    • rsyslog-8.2412.0-1.el9
    • None
    • Moderate
    • rhel-sst-security-special-projects
    • ssg_security
    • 20
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • Pass
    • None
    • x86_64
    • None

      What were you trying to do that didn't work?

      new rebased rsyslog crashes when legacy option "$ControlCharacterEscapePrefix #" is set.

      Please provide the package NVR for which bug is seen:

      rsyslog-8.2310.0-4.el9.x86_64

      Bug is not seen in:

      rsyslog-8.2102.0-117.el9

      How reproducible:

      always

      Steps to reproduce

      1. # echo "\$ControlCharacterEscapePrefix #" > /etc/rsyslog.d/crash.conf
      2. # systemctl restart rsyslog
      3. # systemctl status -l rsyslog

      Expected results

       

       ● rsyslog.service - System Logging Service
           Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; preset: enabled)
           Active: active (running) since Wed 2024-05-22 15:15:19 -03; 5s ago
             Docs: man:rsyslogd(8)
                   https://www.rsyslog.com/doc/
         Main PID: 43493 (rsyslogd)
            Tasks: 3 (limit: 11108)
           Memory: 2.7M
              CPU: 107ms
           CGroup: /system.slice/rsyslog.service
                   └─43493 /usr/sbin/rsyslogd -nMay 22 15:15:19 r93 systemd[1]: Starting System Logging Service...
      May 22 15:15:19 r93 systemd[1]: Started System Logging Service.
      

       

       

      Actual results

       

      × rsyslog.service - System Logging Service      Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; preset: enabled)      Active: failed (Result: core-dump) since Wed 2024-05-22 14:23:25 -03; 49min ago    Duration: 38.932s        Docs: man:rsyslogd(8)              https://www.rsyslog.com/doc/     Process: 43219 ExecStart=/usr/sbin/rsyslogd -n $SYSLOGD_OPTIONS (code=dumped, signal=SEGV)    Main PID: 43219 (code=dumped, signal=SEGV)         CPU: 33ms May 22 14:23:25 r93 systemd[1]: rsyslog.service: Scheduled restart job, restart counter is at 5. May 22 14:23:25 r93 systemd[1]: Stopped System Logging Service. May 22 14:23:25 r93 systemd[1]: rsyslog.service: Start request repeated too quickly. May 22 14:23:25 r93 systemd[1]: rsyslog.service: Failed with result 'core-dump'. May 22 14:23:25 r93 systemd[1]: Failed to start System Logging Service.  

       

      Additional backtrace:

      Core was generated by `/usr/sbin/rsyslogd -n'.
      Program terminated with signal SIGSEGV, Segmentation fault.
      #0  0x000055a7f904304b in setParserControlCharacterEscapePrefix (pVal=pVal@entry=0x0, pNewVal=0x23 <error: Cannot access memory at address 0x23>) at ../runtime/glbl.c:524
      524             loadConf->globals.parser.cCCEscapeChar = *pNewVal;
      (gdb) bt
      #0  0x000055a7f904304b in setParserControlCharacterEscapePrefix (pVal=pVal@entry=0x0, pNewVal=0x23 <error: Cannot access memory at address 0x23>) at ../runtime/glbl.c:524
      #1  0x000055a7f90735fb in doGetChar (pp=0x7ffe2e298d58, pSetHdlr=0x55a7f9043040 <setParserControlCharacterEscapePrefix>, pVal=0x0) at ../runtime/cfsysline.c:81
      #2  0x000055a7f9078bc2 in cslchCallHdlr (ppConfLine=0x7ffe2e298d58, pThis=<optimized out>) at ../runtime/cfsysline.c:782
      #3  processCfSysLineCommand (pCmdName=0x7ffe2e298dc0 "ControlCharacterEscapePrefix", p=0x7ffe2e298db8) at ../runtime/cfsysline.c:1022
      #4  0x000055a7f904a38f in cfsysline (p=<optimized out>) at ../runtime/conf.c:239
      #5  0x000055a7f9034512 in cnfDoCfsysline (ln=0x55a7fa4ee580 "$ControlCharacterEscapePrefix #") at ../runtime/rsconf.c:628
      #6  yylex () at ../grammar/lexer.l:434
      #7  0x000055a7f9036540 in yyparse () at ../grammar/grammar.c:1535
      #8  0x000055a7f904d375 in load (cnf=0x55a7f90ca828 <ourConf>, confFile=0x55a7f908bea7 "/etc/rsyslog.conf") at ../runtime/rsconf.c:1494
      #9  0x000055a7f902865b in initAll (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/rsyslog-8.2310.0-4.el9.x86_64/tools/rsyslogd.c:1636
      #10 0x000055a7f90222a0 in main (argc=2, argv=0x55a7f908b075) at /usr/src/debug/rsyslog-8.2310.0-4.el9.x86_64/tools/rsyslogd.c:2337
      
      (gdb) list
      519     }
      520
      521     static rsRetVal
      522     setParserControlCharacterEscapePrefix(void __attribute__((unused)) *pVal, uchar *pNewVal) {
      523             DEFiRet;
      524             loadConf->globals.parser.cCCEscapeChar = *pNewVal;
      525             RETiRet;
      526     }
      527
      528     static rsRetVal
      

       
       
       

              rh-ee-alakatos Attila Lakatos
              rhn-support-jgamba Juan Gamba
              Attila Lakatos Attila Lakatos
              Adam Prikryl Adam Prikryl
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: