From: George Thessalonikefs Date: Mon, 10 Feb 2020 12:56:22 +0000 (+0100) Subject: - Fix use after free on log-identity after a reload; Fixes #163. X-Git-Tag: release-1.10.0rc1~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=adda4f6ace0318143c83c8cae5d8fcd78ec5c30c;p=thirdparty%2Funbound.git - Fix use after free on log-identity after a reload; Fixes #163. --- diff --git a/daemon/unbound.c b/daemon/unbound.c index beffb5700..af76fc84f 100644 --- a/daemon/unbound.c +++ b/daemon/unbound.c @@ -259,21 +259,10 @@ checkrlimits(struct config_file* cfg) #endif /* S_SPLINT_S */ } -/** set default logfile identity based on value from argv[0] at startup **/ -static void -log_ident_set_fromdefault(struct config_file* cfg, - const char *log_default_identity) -{ - if(cfg->log_identity == NULL || cfg->log_identity[0] == 0) - log_ident_set(log_default_identity); - else - log_ident_set(cfg->log_identity); -} - /** set verbosity, check rlimits, cache settings */ static void -apply_settings(struct daemon* daemon, struct config_file* cfg, - int cmdline_verbose, int debug_mode, const char* log_default_identity) +apply_settings(struct daemon* daemon, struct config_file* cfg, + int cmdline_verbose, int debug_mode) { /* apply if they have changed */ verbosity = cmdline_verbose + cfg->verbosity; @@ -289,7 +278,7 @@ apply_settings(struct daemon* daemon, struct config_file* cfg, log_warn("use-systemd and do-daemonize should not be enabled at the same time"); } - log_ident_set_fromdefault(cfg, log_default_identity); + log_ident_set_or_default(cfg->log_identity); } #ifdef HAVE_KILL @@ -639,11 +628,10 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode, * @param cmdline_verbose: verbosity resulting from commandline -v. * These increase verbosity as specified in the config file. * @param debug_mode: if set, do not daemonize. - * @param log_default_identity: Default identity to report in logs * @param need_pidfile: if false, no pidfile is checked or created. */ static void -run_daemon(const char* cfgfile, int cmdline_verbose, int debug_mode, const char* log_default_identity, int need_pidfile) +run_daemon(const char* cfgfile, int cmdline_verbose, int debug_mode, int need_pidfile) { struct config_file* cfg = NULL; struct daemon* daemon = NULL; @@ -667,7 +655,7 @@ run_daemon(const char* cfgfile, int cmdline_verbose, int debug_mode, const char* "or unbound-checkconf", cfgfile); log_warn("Continuing with default config settings"); } - apply_settings(daemon, cfg, cmdline_verbose, debug_mode, log_default_identity); + apply_settings(daemon, cfg, cmdline_verbose, debug_mode); if(!done_setup) config_lookup_uid(cfg); @@ -733,6 +721,7 @@ main(int argc, char* argv[]) log_init(NULL, 0, NULL); log_ident_default = strrchr(argv[0],'/')?strrchr(argv[0],'/')+1:argv[0]; + log_ident_set_default(log_ident_default); log_ident_set(log_ident_default); /* parse the options */ while( (c=getopt(argc, argv, "c:dhpvw:V")) != -1) { @@ -783,7 +772,7 @@ main(int argc, char* argv[]) return 1; } - run_daemon(cfgfile, cmdline_verbose, debug_mode, log_ident_default, need_pidfile); + run_daemon(cfgfile, cmdline_verbose, debug_mode, need_pidfile); log_init(NULL, 0, NULL); /* close logfile */ #ifndef unbound_testbound if(log_get_lock()) { diff --git a/doc/Changelog b/doc/Changelog index dc2856263..b4e9cb772 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,5 +1,6 @@ 10 February 2020: George - Document 'ub_result.was_ratelimited' in libunbound. + - Fix use after free on log-identity after a reload; Fixes #163. 6 February 2020: George - Fix num_reply_states and num_detached_states counting with diff --git a/util/config_file.c b/util/config_file.c index c7edba548..52ca5a184 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -1404,7 +1404,10 @@ config_delete(struct config_file* cfg) config_delstrlist(cfg->tls_session_ticket_keys.first); free(cfg->tls_ciphers); free(cfg->tls_ciphersuites); - free(cfg->log_identity); + if(cfg->log_identity) { + log_ident_revert_to_default(); + free(cfg->log_identity); + } config_del_strarray(cfg->ifs, cfg->num_ifs); config_del_strarray(cfg->out_ifs, cfg->num_out_ifs); config_delstubs(cfg->stubs); diff --git a/util/log.c b/util/log.c index 8499d8c0a..18d38e50c 100644 --- a/util/log.c +++ b/util/log.c @@ -74,6 +74,7 @@ static lock_basic_type log_lock; #endif /** the identity of this executable/process */ static const char* ident="unbound"; +static const char* default_ident="unbound"; #if defined(HAVE_SYSLOG_H) || defined(UB_ON_WINDOWS) /** are we using syslog(3) to log to */ static int logging_to_syslog = 0; @@ -181,6 +182,26 @@ void log_ident_set(const char* id) ident = id; } +void log_ident_set_default(const char* id) +{ + default_ident = id; +} + +void log_ident_revert_to_default() +{ + ident = default_ident; +} + +void log_ident_set_or_default(const char* identity) + //const char* default_identity) +{ + if(identity == NULL || identity[0] == 0) + //log_ident_set(default_identity); + log_ident_set(default_ident); + else + log_ident_set(identity); +} + void log_set_time_asc(int use_asc) { log_time_asc = use_asc; diff --git a/util/log.h b/util/log.h index 81d9d837d..098a850a5 100644 --- a/util/log.h +++ b/util/log.h @@ -107,11 +107,29 @@ void log_thread_set(int* num); int log_thread_get(void); /** - * Set identity to print, default is 'unbound'. + * Set identity to print, default is 'unbound'. * @param id: string to print. Name of executable. */ void log_ident_set(const char* id); +/** + * Set default identity to print, default is 'unbound'. + * @param id: string to print. Name of executable. + */ +void log_ident_set_default(const char* id); + +/** + * Revert identity to print, back to the recorded default value. + */ +void log_ident_revert_to_default(); + +/** + * Set identity to print if there is an identity, otherwise + * set the default. + * @param identity: the identity to set. + */ +void log_ident_set_or_default(const char* identity); + /** * Set if the time value is printed ascii or decimal in log entries. * @param use_asc: if true, ascii is printed, otherwise decimal.