Project

General

Profile

Bug #6761

Bug #6481: Create a rudder variable containing all IP of agents

Bug #6507: rsyslog configuration should use IP based authorization

Rsyslog segfaults when adding AllowedSender directive

Added by Alexis MOUSSET almost 6 years ago. Updated almost 6 years ago.

Status:
Released
Priority:
N/A
Category:
System integration
Target version:
Severity:
User visibility:
Effort required:
Priority:

Description

Some versions of rsyslog segfaults when receiving logs from disallowed senders. It happens only on TCP.

  • Debian 7.8, rsyslogd 5.8.11:
    1211.272817363:7fee3be25700: New connect on NSD 0x21358d0.
    1211.272993772:7fee3be25700: centos-6-64.labo.normation.com is not an allowed sender
    1211.273005271:7fee3be25700: Called LogError, msg: TCP message from disallowed sender centos-6-64.labo.normation.com discarded
    1211.273021682:7fee3be25700: main Q: entry added, size now log 1, phys 1 entries
    1211.273033564:7fee3be25700: main Q: EnqueueMsg advised worker start
    Segmentation fault
    
  • SLES11SP3, rsyslogd 5.10.1:
    2401.750296435:7f8eaf075700: New connect on NSD 0x6bf2c0.
    2401.750464641:7f8eaf075700: agent1 is not an allowed sender
    2401.750472141:7f8eaf075700: Called LogError, msg: TCP message from disallowed sender agent1 discarded
    2401.750567629:7f8eaf075700: ZZZZ: pLocalHostIPIF used!
    rsyslogd: TCP message from disallowed sender agent1 discarded [try http://www.rsyslog.com/e/2063 ]
    2401.750581346:7f8eaf075700: main Q: entry added, size now log 1, phys 1 entries
    2401.750667404:7f8eaf075700: main Q: EnqueueMsg advised worker start
    Segmentation fault
    
  • Ubuntu 12.04, rsyslogd 5.8.6:
    5591.249910886:7fa8e09c4700: New connect on NSD 0x7fa8cc001640.
    5591.250299812:7fa8e09c4700: agent1 is not an allowed sender
    5591.250308374:7fa8e09c4700: Called LogError, msg: TCP message from disallowed sender agent1 discarded
    5591.250318337:7fa8e09c4700: MsgSetTAG in: len 14, pszBuf: rsyslogd-2063:
    5591.250321857:7fa8e09c4700: MsgSetTAG exit: pMsg->iLenTAG 14, pMsg->TAG.szBuf: rsyslogd-2063:
    5591.250327286:7fa8e09c4700: main Q: entry added, size now log 1, phys 1 entries
    5591.250337205:7fa8e09c4700: main Q: EnqueueMsg advised worker start
    Segmentation fault (core dumped)
    

It works well on:

  • CentOS 6, rsyslog-5.8.10-10.el6_6
Jun 16 06:52:31 server rsyslogd-2063: TCP message from disallowed sender agent1 discarded [try http://www.rsyslog.com/e/2063 ]
Jun 16 06:52:31 server rsyslogd-2063: TCP message from disallowed sender agent1 discarded [try http://www.rsyslog.com/e/2063 ]
Jun 16 06:52:31 server rsyslogd-2063: TCP message from disallowed sender agent1 discarded [try http://www.rsyslog.com/e/2063 ]

This version is older than debian's version, but has a patch called Prevent a segfault when tcpsrv fails to accept a session that seems to be a fix for this issue.

  • Ubuntu 14.04, rsyslogd 7.4.4
Jun 15 18:01:27 server rsyslogd-2063: TCP message from disallowed sender agent1 discarded [try http://www.rsyslog.com/e/2063 ]
Jun 15 18:01:27 server rsyslogd-2063: TCP message from disallowed sender agent1 discarded [try http://www.rsyslog.com/e/2063 ]
#1

Updated by Alexis MOUSSET almost 6 years ago

  • Category set to System integration
  • Target version set to 3.0.6
#2

Updated by Alexis MOUSSET almost 6 years ago

  • Parent task set to #6428
#3

Updated by Alexis MOUSSET almost 6 years ago

  • Assignee set to Vincent MEMBRÉ
#4

Updated by Vincent MEMBRÉ almost 6 years ago

  • Status changed from New to In progress
#5

Updated by Vincent MEMBRÉ almost 6 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Vincent MEMBRÉ to Benoît PECCATTE
  • Pull Request set to https://github.com/Normation/rudder-techniques/pull/696
#6

Updated by Alexis MOUSSET almost 6 years ago

  • Description updated (diff)
#7

Updated by Vincent MEMBRÉ almost 6 years ago

  • Parent task changed from #6428 to #6481
#8

Updated by Vincent MEMBRÉ almost 6 years ago

  • Parent task changed from #6481 to #6507
#9

Updated by Vincent MEMBRÉ almost 6 years ago

  • Status changed from Pending technical review to Pending release
  • % Done changed from 0 to 100
#11

Updated by Vincent MEMBRÉ almost 6 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 3.0.6 and 3.1.0~rc1 which were released on the 16th June 2015.

Also available in: Atom PDF