Coverity found two possible untrusted loop bounds, in unix_cb() and
inet_cb(), that were indeed possibly unterminated strings. These
were classified as medium. A third finding, marked high, was found
in kernel_cb(), which upon further investigation seems bogus.
This patch terminates the buffers received in unix_cb() and inet_cb()
but only changes to 0 from \0 termination in kernel_cb().
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Although hihgly unlikely, if the kernel log sequence number (seqno)
reaches the end of its MAX value (18446744073709551615) we allow for
dupes to handle the wrap-around back to zero (0) in the counter.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This patch fixes the problem with kernel messages being repeated when
syslogd is restarted at runtime. This is achieved by caching the last
seqno read from /dev/kmsg to /run/syslogd.cache. The latter is usually
a ram disk these days so it should be a fairly quick op.
Excessive updates are prevented by only caching after handling all
callbacks in the socket_poll() loop, and only updating the cache
if there has been any new kernel messages since last update.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
The timer_now() API, introduced in 2019, returns time relative to boot.
Useful for relative time comparisons, but when used for absolute time,
e.g. for log messages, it must be offset with boot_time.
This patch fixes issue #28, but also wall messages, which exhibits the
same problem.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
- drop hard-coded -s from syslogd command line
- allow options to be read from /etc/default/syslogd
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This should fix any lingering issues with logging with the wrong
timezone at boot. As long as syslogd gets HUP'ed after setting
the new timezone.
Improvements to this welcome, of course.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Follow-up to 22d26c5 to avoid hard-coding and instead using the
internal prefix variable, that can be changed/overridden by the
correct APIs.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
This patch fixes a bug in the kernel log priority parser introduced in
v2.2.0 with the new support for /dev/kmsg, replacing /proc/kmsg which
has another format for the log priority.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
When Linux CONFIG_LOG_BUF_SHIFT is set too low, or too many messages are
generated by the kernel, /dev/kmsg will overflow. This is signaled with
EPIPE to userspace. We can use the seqnos to figure out how many we've
lost, but seqnos are currently ignored.
> In case records get overwritten while /dev/kmsg is held open, or
> records get faster overwritten than they are read, the next read()
> will return -EPIPE and the current reading position gets updated to
> the next available record. The passed sequence numbers allow the log
> consumer to calculate the amount of lost messages.
-- https://lwn.net/Articles/490690/
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
With the new support for /dev/kmsg the tests can run on a system that
already has a syslog daemon, and still receive all kernel messages. We
want to ignore those in this (all?) tests and focus on the forwarding of
messages between two sysklogd.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>