← Back to branch summary

~ubuntu-branches/ubuntu/utopic/rsyslog/utopic

« back to all changes in this revision

Viewing changes to runtime/parser.c

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-10-09 13:01:54 UTC
  • Revision ID: package-import@ubuntu.com-20141009130154-r61ujzd0ufz92td7
Tags: 7.4.4-1ubuntu11
* SECURITY UPDATE: denial of service and possible code execution via
  invalid PRI value
  - debian/patches/CVE-2014-3634.patch: limit PRI values in
    grammar/rainerscript.h, plugins/imfile/imfile.c,
    plugins/imklog/imklog.c, plugins/imkmsg/imkmsg.c,
    plugins/imsolaris/imsolaris.c, plugins/imuxsock/imuxsock.c,
    runtime/msg.c, runtime/parser.c, runtime/rsyslog.h,
    runtime/srutils.c, runtime/syslogd-types.h, runtime/typedefs.h,
    tools/syslogd.c.
  - CVE-2014-3634
  - CVE-2014-3683

Show diffs side-by-side

added added

removed removed

Lines of Context:
runtime/parser.c
468
468
                        }
469
469
                        if(*msg == '>')
470
470
                                ++msg;
471
 
                        if(pri & ~(LOG_FACMASK|LOG_PRIMASK))
472
 
                                pri = DEFUPRI;
 
471
                        if(pri > LOG_MAXPRI)
 
472
                                pri = LOG_PRI_INVLD;
473
473
                }
474
 
                pMsg->iFacility = LOG_FAC(pri);
475
 
                pMsg->iSeverity = LOG_PRI(pri);
 
474
                pMsg->iFacility = pri2fac(pri);
 
475
                pMsg->iSeverity = pri2sev(pri);
476
476
                MsgSetAfterPRIOffs(pMsg, msg - pMsg->pszRawMsg);
477
477
        }
478
478
        RETiRet;