From: Yu Watanabe Date: Fri, 22 Sep 2023 18:14:40 +0000 (+0900) Subject: sd-journal: also verify tail_entry_boot_id and friends in journal_file_verify_header() X-Git-Tag: v255-rc1~414^2~9 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6ea51363c8e39fb0924dda972a212936456a2b4f;p=thirdparty%2Fsystemd.git sd-journal: also verify tail_entry_boot_id and friends in journal_file_verify_header() Then, we can drop the redundant check in journal_file_read_tail_timestamp(). --- diff --git a/src/libsystemd/sd-journal/journal-file.c b/src/libsystemd/sd-journal/journal-file.c index ef860d228b9..638a6e1f9d6 100644 --- a/src/libsystemd/sd-journal/journal-file.c +++ b/src/libsystemd/sd-journal/journal-file.c @@ -623,10 +623,36 @@ static int journal_file_verify_header(JournalFile *f) { return -ENODATA; } - if (JOURNAL_HEADER_CONTAINS(f->header, tail_entry_offset)) - if (!offset_is_valid(le64toh(f->header->tail_entry_offset), header_size, tail_object_offset)) + if (JOURNAL_HEADER_CONTAINS(f->header, tail_entry_offset)) { + uint64_t offset = le64toh(f->header->tail_entry_offset); + + if (!offset_is_valid(offset, header_size, tail_object_offset)) return -ENODATA; + if (offset > 0) { + /* When there is an entry object, then these fields must be filled. */ + if (sd_id128_is_null(f->header->tail_entry_boot_id)) + return -ENODATA; + if (!VALID_REALTIME(le64toh(f->header->head_entry_realtime))) + return -ENODATA; + if (!VALID_REALTIME(le64toh(f->header->tail_entry_realtime))) + return -ENODATA; + if (!VALID_MONOTONIC(le64toh(f->header->tail_entry_realtime))) + return -ENODATA; + } else { + /* Otherwise, the fields must be zero. */ + if (JOURNAL_HEADER_TAIL_ENTRY_BOOT_ID(f->header) && + !sd_id128_is_null(f->header->tail_entry_boot_id)) + return -ENODATA; + if (f->header->head_entry_realtime != 0) + return -ENODATA; + if (f->header->tail_entry_realtime != 0) + return -ENODATA; + if (f->header->tail_entry_realtime != 0) + return -ENODATA; + } + } + /* Verify number of objects */ uint64_t n_objects = le64toh(f->header->n_objects); if (n_objects > arena_size / sizeof(ObjectHeader)) diff --git a/src/libsystemd/sd-journal/sd-journal.c b/src/libsystemd/sd-journal/sd-journal.c index 5e49311327a..718d45af0ef 100644 --- a/src/libsystemd/sd-journal/sd-journal.c +++ b/src/libsystemd/sd-journal/sd-journal.c @@ -2445,14 +2445,6 @@ static int journal_file_read_tail_timestamp(sd_journal *j, JournalFile *f) { mo = le64toh(f->header->tail_entry_monotonic); rt = le64toh(f->header->tail_entry_realtime); id = f->header->tail_entry_boot_id; - - /* Some superficial checking if what we read makes sense. Note that we only do this - * when reading the timestamps from the Header object, but not when reading them from - * the most recent entry object, because in that case journal_file_move_to_object() - * already validated them. */ - if (!VALID_MONOTONIC(mo) || !VALID_REALTIME(rt)) - return -ENODATA; - } else { /* Otherwise let's find the last entry manually (this possibly means traversing the * chain of entry arrays, till the end */