From 4fb5e06a9720280708b4a20bd86fadbd5518f032 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 3 Nov 2022 11:16:18 +0100 Subject: [PATCH 1/2] logging: fix error handling sd_journal_sendv returns a negative errno, so negate it before usage. Signed-off-by: Giuseppe Scrivano --- src/ctr_logging.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ctr_logging.c b/src/ctr_logging.c index 3d9c46db..bcefe150 100644 --- a/src/ctr_logging.c +++ b/src/ctr_logging.c @@ -327,7 +327,7 @@ static int write_journald(int pipe, char *buf, ssize_t buflen) int err = sd_journal_sendv(bufv.iov, bufv.iovcnt); if (err < 0) { - pwarn(strerror(err)); + pwarn(strerror(-err)); return err; } From 955586b3c03df4a47483abdbaa4261106105dd87 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Thu, 3 Nov 2022 10:31:31 +0100 Subject: [PATCH 2/2] logging: do not read more that the buf size msg_len doesn't take into account NUL bytes that could be present in the buffer, while g_strdup_printf("MESSAGE=%s%s", partial_buf, buf) does and would stop writing the string once it finds a NUL byte. This would lead to read after the buffer end. Build the message string manually so that the calculated length reflects the buffer size. Closes: https://github.com/containers/conmon/issues/315 Signed-off-by: Giuseppe Scrivano --- src/ctr_logging.c | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/src/ctr_logging.c b/src/ctr_logging.c index bcefe150..5540ab2b 100644 --- a/src/ctr_logging.c +++ b/src/ctr_logging.c @@ -286,22 +286,18 @@ static int write_journald(int pipe, char *buf, ssize_t buflen) return 0; } - /* sd_journal_* doesn't have an option to specify the number of bytes to write in the message, and instead writes the - * entire string. Copying every line doesn't make very much sense, so instead we do this tmp_line_end - * hack to emulate separate strings. - */ - char tmp_line_end = buf[line_len]; - buf[line_len] = '\0'; - ssize_t msg_len = line_len + MESSAGE_EQ_LEN + *partial_buf_len; partial_buf[*partial_buf_len] = '\0'; - _cleanup_free_ char *message = g_strdup_printf("MESSAGE=%s%s", partial_buf, buf); + + _cleanup_free_ char *message = g_malloc(msg_len); + + memcpy(message, "MESSAGE=", MESSAGE_EQ_LEN); + memcpy(message + MESSAGE_EQ_LEN, partial_buf, *partial_buf_len); + memcpy(message + MESSAGE_EQ_LEN + *partial_buf_len, buf, line_len); + if (writev_buffer_append_segment(dev_null, &bufv, message, msg_len) < 0) return -1; - /* Restore state of the buffer */ - buf[line_len] = tmp_line_end; - if (writev_buffer_append_segment(dev_null, &bufv, container_id_full, cuuid_len + CID_FULL_EQ_LEN) < 0) return -1;