Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 674222 - <app-admin/syslog-ng-3.19.1: Use after free bug
Summary: <app-admin/syslog-ng-3.19.1: Use after free bug
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://www.openwall.com/lists/oss-se...
Whiteboard: B3 [noglsa]
Keywords:
: 684644 (view as bug list)
Depends on:
Blocks:
 
Reported: 2019-01-01 09:11 UTC by Hanno Böck
Modified: 2019-10-26 21:03 UTC (History)
4 users (show)

See Also:
Package list:
=app-admin/syslog-ng-3.22.1 =dev-libs/ivykis-0.42.4
Runtime testing required: ---
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2019-01-01 09:11:57 UTC 
syslog-ng 3.19.1 fixes a memory corruption / use after free bug:
https://www.openwall.com/lists/oss-security/2018/12/23/1

This is already in the tree, but not stabilized yet.
Comment 1 PetaMem R&D 2019-01-29 12:01:45 UTC 
JFYI: 3.19.1 doesn't compile here

lib/pragma-grammar.y: In function ‘pragma_parse’:
lib/pragma-grammar.y:420:5: error: expected expression at end of input
         : KW_VERSION ':' string_or_number               { configuration->parsed_version = __process_version_string($3); free($3); }
     ^
lib/pragma-grammar.y:420:5: error: expected declaration or statement at end of input
lib/pragma-grammar.y:420:5: error: expected declaration or statement at end of input
lib/pragma-grammar.y:420:5: error: expected declaration or statement at end of input
lib/pragma-grammar.c:2845:5: error: label ‘yyerrlab’ used but not defined
     goto yyerrlab;
     ^~~~
lib/pragma-grammar.y:412:5: error: label ‘yyacceptlab’ used but not defined
           stmt_and_eol                                  { if (yychar != YYEMPTY) { cfg_lexer_unput_token(lexer, &yylval); } PRAGMA_END(); YYACCEPT; }
     ^
lib/pragma-grammar.c:2762:9: error: label ‘yyabortlab’ used but not defined
         YYABORT;
         ^~~~~~~
lib/pragma-grammar.c:2744:11: error: label ‘yyexhaustedlab’ used but not defined
           goto yyexhaustedlab;
           ^~~~
make[2]: *** [Makefile:14385: lib/libsyslog_ng_la-pragma-grammar.lo] Error 1
make[2]: *** Waiting for unfinished jobs....


looks like a yacc/bison problem

# emerge --info
Portage 2.3.59 (python 2.7.15-final-0, default/linux/amd64/17.0/no-multilib, gcc-8.2.0, glibc-2.28-r5, 4.18.5-gentoo x86_64)
=================================================================
System uname: Linux-4.18.5-gentoo-x86_64-Intel-R-_Xeon-R-_CPU_X5672_@_3.20GHz-with-gentoo-2.6
KiB Mem:   148408604 total, 112410640 free
KiB Swap:          0 total,         0 free
Timestamp of repository gentoo: Mon, 28 Jan 2019 13:30:01 +0000
Head commit of repository gentoo: 6abc5adb65a7b44f2cc7ac05db093884f35ae27b
sh bash 5.0_p2
ld GNU ld (Gentoo 2.30 p3) 2.30.0
app-shells/bash:          5.0_p2::gentoo
dev-java/java-config:     2.2.0-r4::gentoo
dev-lang/perl:            5.28.0::gentoo
dev-lang/python:          2.7.15::gentoo, 3.6.6::gentoo
dev-util/cmake:           3.13.3::gentoo
dev-util/pkgconfig:       0.29.2::gentoo
sys-apps/baselayout:      2.6-r1::gentoo
sys-apps/openrc:          0.40.3::gentoo
sys-apps/sandbox:         2.15::gentoo
sys-devel/autoconf:       2.69-r4::gentoo
sys-devel/automake:       1.15.1-r2::gentoo, 1.16.1-r1::gentoo
sys-devel/binutils:       2.30-r3::gentoo, 2.31.1-r3::gentoo
sys-devel/gcc:            7.3.0-r4::gentoo, 7.4.0::gentoo, 8.2.0-r6::gentoo
sys-devel/gcc-config:     2.0::gentoo
sys-devel/libtool:        2.4.6-r5::gentoo
sys-devel/make:           4.2.1-r4::gentoo
sys-kernel/linux-headers: 4.20::gentoo (virtual/os-headers)
sys-libs/glibc:           2.28-r5::gentoo
Comment 2 Tomáš Mózes 2019-01-29 12:38:59 UTC 
(In reply to PetaMem R&D from comment #1)
> JFYI: 3.19.1 doesn't compile here
> 
> lib/pragma-grammar.y: In function ‘pragma_parse’:
> lib/pragma-grammar.y:420:5: error: expected expression at end of input
>          : KW_VERSION ':' string_or_number               {
> configuration->parsed_version = __process_version_string($3); free($3); }
>      ^
> lib/pragma-grammar.y:420:5: error: expected declaration or statement at end
> of input
> lib/pragma-grammar.y:420:5: error: expected declaration or statement at end
> of input
> lib/pragma-grammar.y:420:5: error: expected declaration or statement at end
> of input
> lib/pragma-grammar.c:2845:5: error: label ‘yyerrlab’ used but not defined
>      goto yyerrlab;
>      ^~~~
> lib/pragma-grammar.y:412:5: error: label ‘yyacceptlab’ used but not defined
>            stmt_and_eol                                  { if (yychar !=
> YYEMPTY) { cfg_lexer_unput_token(lexer, &yylval); } PRAGMA_END(); YYACCEPT; }
>      ^
> lib/pragma-grammar.c:2762:9: error: label ‘yyabortlab’ used but not defined
>          YYABORT;
>          ^~~~~~~
> lib/pragma-grammar.c:2744:11: error: label ‘yyexhaustedlab’ used but not
> defined
>            goto yyexhaustedlab;
>            ^~~~
> make[2]: *** [Makefile:14385: lib/libsyslog_ng_la-pragma-grammar.lo] Error 1
> make[2]: *** Waiting for unfinished jobs....
> 
> 
> looks like a yacc/bison problem

Please open a separate bug report and attach the full build log and full emerge --info output. Thanks.

I cannot reproduce on ~amd64 with latest bison.
Comment 3 Tomáš Mózes 2019-08-10 15:02:41 UTC 
*** Bug 684644 has been marked as a duplicate of this bug. ***
Comment 4 Tomáš Mózes 2019-08-10 15:22:06 UTC 
@whissi, ok to stabilize dev-libs/librdkafka on arm64?
Comment 5 Stabilization helper bot gentoo-dev 2019-08-10 16:01:38 UTC 
An automated check of this bug failed - repoman reported dependency errors (15 lines truncated): 

> dependency.bad app-admin/syslog-ng/syslog-ng-3.22.1.ebuild: DEPEND: arm64(default/linux/arm64/17.0) ['>=dev-libs/librdkafka-1.0.0:=']
> dependency.bad app-admin/syslog-ng/syslog-ng-3.22.1.ebuild: RDEPEND: arm64(default/linux/arm64/17.0) ['>=dev-libs/librdkafka-1.0.0:=']
> dependency.bad app-admin/syslog-ng/syslog-ng-3.22.1.ebuild: DEPEND: arm64(default/linux/arm64/17.0/desktop) ['>=dev-libs/librdkafka-1.0.0:=']
Comment 6 Stabilization helper bot gentoo-dev 2019-08-10 19:01:32 UTC 
An automated check of this bug failed - repoman reported dependency errors (15 lines truncated): 

> dependency.bad app-admin/syslog-ng/syslog-ng-3.22.1.ebuild: DEPEND: arm64(default/linux/arm64/17.0) ['>=dev-libs/librdkafka-1.0.0:=']
> dependency.bad app-admin/syslog-ng/syslog-ng-3.22.1.ebuild: RDEPEND: arm64(default/linux/arm64/17.0) ['>=dev-libs/librdkafka-1.0.0:=']
> dependency.bad app-admin/syslog-ng/syslog-ng-3.22.1.ebuild: DEPEND: arm64(default/linux/arm64/17.0/desktop) ['>=dev-libs/librdkafka-1.0.0:=']
Comment 7 Stabilization helper bot gentoo-dev 2019-08-10 20:01:32 UTC 
An automated check of this bug failed - repoman reported dependency errors (15 lines truncated): 

> dependency.bad app-admin/syslog-ng/syslog-ng-3.22.1.ebuild: DEPEND: arm64(default/linux/arm64/17.0) ['>=dev-libs/librdkafka-1.0.0:=']
> dependency.bad app-admin/syslog-ng/syslog-ng-3.22.1.ebuild: RDEPEND: arm64(default/linux/arm64/17.0) ['>=dev-libs/librdkafka-1.0.0:=']
> dependency.bad app-admin/syslog-ng/syslog-ng-3.22.1.ebuild: DEPEND: arm64(default/linux/arm64/17.0/desktop) ['>=dev-libs/librdkafka-1.0.0:=']
Comment 8 Aaron Bauman (RETIRED) gentoo-dev 2019-08-10 23:29:50 UTC 
arm64 stable
Comment 9 Thomas Deutschmann (RETIRED) gentoo-dev 2019-08-11 21:33:03 UTC 
x86 stable
Comment 10 Agostino Sarubbo gentoo-dev 2019-08-12 08:02:57 UTC 
amd64 stable
Comment 11 Agostino Sarubbo gentoo-dev 2019-08-13 10:31:08 UTC 
ppc stable
Comment 12 Agostino Sarubbo gentoo-dev 2019-08-13 10:32:46 UTC 
ppc64 stable
Comment 13 Agostino Sarubbo gentoo-dev 2019-08-13 10:33:49 UTC 
sparc stable
Comment 14 Agostino Sarubbo gentoo-dev 2019-08-13 10:34:35 UTC 
alpha stable
Comment 15 Agostino Sarubbo gentoo-dev 2019-08-13 10:35:13 UTC 
ia64 stable
Comment 16 Rolf Eike Beer archtester 2019-08-15 05:23:33 UTC 
hppa stable
Comment 17 Tomáš Mózes 2019-08-29 13:09:38 UTC 
arm ping
Comment 18 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-09-13 15:42:11 UTC 
arm stable
Comment 19 Thomas Deutschmann (RETIRED) gentoo-dev 2019-10-26 21:03:59 UTC 
GLSA Vote: No!

Repository is clean, all done!