BUG/MINOR: log: fix parse_log_message rfc5424 size check

In parse_log_message(), if log is rfc5424 compliant, p pointer
is incremented and size is not. However size is still used in further
checks as if p pointer was not incremented.

This could lead to logic error or buffer overflow if input buf is not
null-terminated.

Fixing this by making sure size is up to date where it is needed.

It could be backported up to 2.4.

diff --git a/src/log.c b/src/log.c
index 1fdcd815952c16b22249926feb0d60818b41165f..cf140cdd9930e535201e1bfd38b4c754e9f8b183 100644 (file)
--- a/src/log.c
+++ b/src/log.c
@@ -3234,6 +3234,7 @@ void parse_log_message(char *buf, size_t buflen, int *level, int *facility,
                 */
 
                p += 2;
+               *size -= 2;
                /* timestamp is NILVALUE '-' */
                if (*size > 2 && (p[0] == '-') && p[1] == ' ') {
                        metadata[LOG_META_TIME] = ist2(p, 1);