On Mon, 2015-09-07 at 01:33 +0200, Michael Biebl wrote: > Hi Luca, > > thanks a lot for the patch. > > Am 07.09.2015 um 01:25 schrieb Luca Boccassi: > > Package: rsyslog > > Version: 8.12.0-1 > > Severity: wishlist > > Tags: patch > > > > Dear Maintainers, > > > > Please consider enabling the libczmq in/out plugins. A git format-patch > > that creates a new rsyslog-czmq package is attached. I tested it > > building 8.12.0-1 in a Sid chroot for i386 and amd64, and it builds and > > runs fine. > > By running, I assume you tested the rsyslog input and output modules? > > I don't have a ZeroMQ setup myself to test if the modules work > correctly. I'm fine to enable the modules as long as I have someone I > could poke if there issues with it.
Hi Michael, I ran it with auth and it was working, but I found an issue running without auth. It's a very trivial case of NULL-pointer dereference if the auth config parameter is not set. I've sent a PR upstream [1], and attached a quilt patch to fix it. With this patch and 2 simple python scripts I verified that both PUB/SUB and PULL/PUSH work without auth. I'm happy to provide assistance as best as I can as the maintainer of CZMQ, but I must say I am not a Rsyslog expert :-) Kind regards, Luca Boccassi [1] https://github.com/rsyslog/rsyslog/pull/512 From fb4985a41089b5ff948ef4f4445df484f26f831c Mon Sep 17 00:00:00 2001 From: Luca Boccassi <luca.bocca...@gmail.com> Date: Mon, 7 Sep 2015 01:36:08 +0100 Subject: [PATCH] Fix NULL pointer dereference in imczmq and omczmq --- ...-pointer-dereference-in-imczmq-and-omczmq.patch | 53 ++++++++++++++++++++++ debian/patches/series | 1 + 2 files changed, 54 insertions(+) create mode 100644 debian/patches/Fix-NULL-pointer-dereference-in-imczmq-and-omczmq.patch diff --git a/debian/patches/Fix-NULL-pointer-dereference-in-imczmq-and-omczmq.patch b/debian/patches/Fix-NULL-pointer-dereference-in-imczmq-and-omczmq.patch new file mode 100644 index 0000000..386d44f --- /dev/null +++ b/debian/patches/Fix-NULL-pointer-dereference-in-imczmq-and-omczmq.patch @@ -0,0 +1,53 @@ +From: Luca Boccassi <luca.bocca...@gmail.com> +Date: Mon, 7 Sep 2015 01:19:27 +0100 +Subject: Fix NULL pointer dereference in imczmq and omczmq + +--- + contrib/imczmq/imczmq.c | 4 ++-- + contrib/omczmq/omczmq.c | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/contrib/imczmq/imczmq.c b/contrib/imczmq/imczmq.c +index af12856..d5c44d2 100644 +--- a/contrib/imczmq/imczmq.c ++++ b/contrib/imczmq/imczmq.c +@@ -302,7 +302,7 @@ static rsRetVal addListener(instanceConf_t* iconf){ + DBGPRINTF("imczmq: authtype is: %s\n", iconf->authType); + + /* if we are a CURVE server */ +- if (!strcmp(iconf->authType, "CURVESERVER")) { ++ if ((iconf->authType != NULL) && (!strcmp(iconf->authType, "CURVESERVER"))) { + + iconf->is_server = true; + +@@ -329,7 +329,7 @@ static rsRetVal addListener(instanceConf_t* iconf){ + } + + /* if we are a CURVE client */ +- if (!strcmp(iconf->authType, "CURVECLIENT")) { ++ if ((iconf->authType != NULL) && (!strcmp(iconf->authType, "CURVECLIENT"))) { + DBGPRINTF("imczmq: we are a curve client...\n"); + + iconf->is_server = false; +diff --git a/contrib/omczmq/omczmq.c b/contrib/omczmq/omczmq.c +index 55cc188..891e772 100644 +--- a/contrib/omczmq/omczmq.c ++++ b/contrib/omczmq/omczmq.c +@@ -136,7 +136,7 @@ static rsRetVal initCZMQ(instanceData* pData) { + } + + /* if we are a CURVE server */ +- if (!strcmp(pData->authType, "CURVESERVER")) { ++ if ((pData->authType != NULL) && (!strcmp(pData->authType, "CURVESERVER"))) { + DBGPRINTF("omczmq: we are a curve server...\n"); + + is_server = true; +@@ -164,7 +164,7 @@ static rsRetVal initCZMQ(instanceData* pData) { + } + + /* if we are a CURVE client */ +- if (!strcmp(pData->authType, "CURVECLIENT")) { ++ if ((pData->authType != NULL) && (!strcmp(pData->authType, "CURVECLIENT"))) { + DBGPRINTF("omczmq: we are a curve client...\n"); + + is_server = false; diff --git a/debian/patches/series b/debian/patches/series index 1f10ecf..831ee7f 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,2 +1,3 @@ Don-t-create-a-database.patch Don-t-explicitly-link-tcpflood-against-lgcrypt.patch +Fix-NULL-pointer-dereference-in-imczmq-and-omczmq.patch -- 2.1.4
signature.asc
Description: This is a digitally signed message part
