Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Aborting during configuration loading #1065

Closed
ihrwein opened this issue May 26, 2016 · 0 comments · Fixed by #1069
Closed

Aborting during configuration loading #1065

ihrwein opened this issue May 26, 2016 · 0 comments · Fixed by #1069
Assignees
@bazsi

Comments

@ihrwein
Copy link
Contributor

ihrwein commented May 26, 2016

I found a nasty bug in the configuration loading process.

It can be reproduced by following these steps:

  1. start syslog-ng with the following (valid) configuration:

    @version: 3.8
@include "scl.conf"

log {
source {
  file("/tmp/a.txt");
};
destination {
  file("/tmp/a.txt");
};
};

  2. Replace the configuration with the following one:

    @version: 3.8
@include "scl.conf"

log {
source {
  # syntactically valid, but semantically invalid -> init() returns FALSE
  file("/tmp/a.txt" multi-line-prefix("a"));
};
destination {
  file("/tmp/a.txt");
  };
};

  3. Reload syslog-ng

    sbin/syslog-ng-ctl reload

Expected result:

[2016-05-26T15:29:21.460108] multi-line-prefix() and/or multi-line-garbage() specified but multi-line-mode() is not regexp based (prefix-garbage or prefix-suffix), please set multi-line-mode() properly;
[2016-05-26T15:29:21.460116] Error initializing message pipeline;
[2016-05-26T15:29:21.460123] Error initializing new configuration, reverting to old config;
[2016-05-26T15:29:21.460157] Unable to detect fully qualified hostname for localhost, use_fqdn() will use the short hostname;
[2016-05-26T15:29:21.460168] Compiling #unnamed sequence [log] at [/home/btibi/work/impl-deinit-for-native-parser/install/etc/syslog-ng.conf:15:2]
[2016-05-26T15:29:21.460176]   Compiling #anon-source0 sequence [source] at [/home/btibi/work/impl-deinit-for-native-parser/install/etc/syslog-ng.conf:15:2]
[2016-05-26T15:29:21.460183]     Compiling #unnamed junction [log] at [/home/btibi/work/impl-deinit-for-native-parser/install/etc/syslog-ng.conf:15:10]
[2016-05-26T15:29:21.460191]       Compiling #unnamed single [log] at [/home/btibi/work/impl-deinit-for-native-parser/install/etc/syslog-ng.conf:17:3]
[2016-05-26T15:29:21.460200] Error cloning pipe into its reference point, probably the element in question is not meant to be used in this situation; location='/home/btibi/work/impl-deinit-for-native-par$er/install/etc/syslog-ng.conf:17:3'
Quit (core dumped)

This problem can be reproduced with plugins whose init() method can return FALSE. affile and the "native" parsers are certainly affected. They are needed to trigger a config reverting.

We need an other plugin which cannot be cloned/clone() could fail. File destinations cannot be cloned, so they are perfect for this purpose.

What happens during the reproduction?

  1. original configuration is loaded, everything is fine
    1. PIF_INLINED flag is set on the LogPipe instances
  2. we replace the configuration
  3. syslog-ng is reloaded
    1. new configuration is created
    2. old configuration is deinitialized
    3. PIF_INLINED flag is still set on the LogPipe instance
    4. new configuration is initialized
      • it will fail, because the configuration is invalid
    5. new configuration is deinitialized
    6. old configuration is initialized
    7. we return with FALSE which will trigger a kill() call https://github.com/balabit/syslog-ng/blob/master/lib/mainloop.c#L217-L223

syslog-ng 3.8 is certainly affected and by looking at the code 3.6 and 3.7 as well.
bazsi added a commit that referenced this issue May 27, 2016
@bazsi
cfg-tree: fix a potential crash in reload logic
fedc543 
cfg_tree_compile() is not idempotent for at least two reasons:
  * it stores the pipes to be initialized in an array, which will grow
    for each cfg_tree_compile() calls
  * it uses PIF_INLINED to indicate if a LogPipe was pasted directly into
    the config rather than cloned

But cfg_tree_start() invokes cfg_tree_compile() unconditionally, which
means that if a config is initialized multiple times, cfg_tree_compile()
will accumulate cruft in its state.

Issue #1065 on github explains one case where syslog-ng crashes on reload:
#1065

This patch fixes this problem by guarding the compile function with
a variable, which ensures that the body of the function is executed only
once.

Signed-off-by: Balazs Scheidler <balazs.scheidler@balabit.com>
@bazsi bazsi mentioned this issue May 27, 2016
Merged
@bazsi bazsi self-assigned this May 27, 2016
@bazsi bazsi removed the in progress label May 31, 2016
@darxtrix darxtrix mentioned this issue Jun 15, 2016
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bazsi bazsi

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

cfg-tree: fix a potential crash in reload logic syslog-ng/syslog-ng
2 participants
@bazsi @ihrwein