journal-remote: set a limit on the number of fields in a message

Existing use of E2BIG is replaced with ENOBUFS (entry too long), and E2BIG is reused for the new error condition (too many fields). This matches the change done for systemd-journald, hence forming the second part of the fix for CVE-2018-16865 (https://bugzilla.redhat.com/show_bug.cgi?id=1653861).
author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2018-12-07 10:48:10 +0100
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2019-01-09 23:44:17 +0100
commit: ef4d6abe7c7fab6cbff975b32e76b09feee56074 (patch)
tree: a0b35f676645c254dba01a4642f6aca22e38122f /src/journal-remote
parent: 7fdb237f5473cb8fc2129e57e8a0039526dcb4fd (diff)
download: systemd-ef4d6abe7c7fab6cbff975b32e76b09feee56074.tar.gz
2 files changed, 8 insertions, 2 deletions
diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c
index 8543dbac39..802c3ea608 100644
--- a/src/journal-remote/journal-remote-main.c
+++ b/src/journal-remote/journal-remote-main.c
@@ -222,9 +222,12 @@ static int process_http_upload(
                 if (r == -EAGAIN)
                         break;
                 if (r < 0) {
-                        if (r == -E2BIG)
-                                log_warning_errno(r, "Entry is too above maximum of %u, aborting connection %p.",
+                        if (r == -ENOBUFS)
+                                log_warning_errno(r, "Entry is above the maximum of %u, aborting connection %p.",
                                                   DATA_SIZE_MAX, connection);
+                        else if (r == -E2BIG)
+                                log_warning_errno(r, "Entry with more fields than the maximum of %u, aborting connection %p.",
+                                                  ENTRY_FIELD_COUNT_MAX, connection);
                         else
                                 log_warning_errno(r, "Failed to process data, aborting connection %p: %m",
                                                   connection);
diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c
index 3c0916c438..1da32c5f85 100644
--- a/src/journal-remote/journal-remote.c
+++ b/src/journal-remote/journal-remote.c
@@ -407,6 +407,9 @@ int journal_remote_handle_raw_source(
                 log_debug("%zu active sources remaining", s->active);
                 return 0;
         } else if (r == -E2BIG) {
+                log_notice("Entry with too many fields, skipped");
+                return 1;
+        } else if (r == -ENOBUFS) {
                 log_notice("Entry too big, skipped");
                 return 1;
         } else if (r == -EAGAIN) {
author	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2018-12-07 10:48:10 +0100
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2019-01-09 23:44:17 +0100
commit	ef4d6abe7c7fab6cbff975b32e76b09feee56074 (patch)
tree	a0b35f676645c254dba01a4642f6aca22e38122f /src/journal-remote
parent	7fdb237f5473cb8fc2129e57e8a0039526dcb4fd (diff)
download	systemd-ef4d6abe7c7fab6cbff975b32e76b09feee56074.tar.gz