diff options
author | Martin Samuelsson <msamuelsson@storvix.eu> | 2023-05-27 13:33:45 +0200 |
---|---|---|
committer | Martin Samuelsson <msamuelsson@storvix.eu> | 2023-05-28 22:56:25 +0200 |
commit | 686214f80c5eab30e67e34890c332e0232ca5afa (patch) | |
tree | 4d0881f6a9286f1bbed8d566058655768fb5636a | |
parent | 6943c32fb862ec227bb8950095d288d12590ba9b (diff) | |
download | libsyslog-rs-686214f80c5eab30e67e34890c332e0232ca5afa.zip |
Avoid insecurely passing untrusted string to syslog()
With the second argument to syslog() being a format string, these
function calls obviously need an actual format string prior to the log
message.
Thanks to Alexander Hansen Færøy for noticing and pointing out this
embarrasing mistake.
-rw-r--r-- | libsyslog/CHANGELOG.md | 4 | ||||
-rw-r--r-- | libsyslog/src/syslog.rs | 16 |
2 files changed, 14 insertions, 6 deletions
diff --git a/libsyslog/CHANGELOG.md b/libsyslog/CHANGELOG.md index 599180d..0a0e2e7 100644 --- a/libsyslog/CHANGELOG.md +++ b/libsyslog/CHANGELOG.md @@ -8,6 +8,10 @@ adheres to [Semantic Versioning][semver]. ## Unreleased +### Fixed + + - Stop insecurely passing untrusted data syslog(). + ## 0.1.0 - 2023-02-24 Initial release. diff --git a/libsyslog/src/syslog.rs b/libsyslog/src/syslog.rs index 6b36147..2a4d856 100644 --- a/libsyslog/src/syslog.rs +++ b/libsyslog/src/syslog.rs @@ -76,13 +76,17 @@ impl log::Log for Syslog { fn log(&self, record: &Record) { if self.enabled(record.metadata()) { - if let Ok(msg) = CString::new(format!("{}", record.args())) { + if let (Ok(fmt), Ok(msg)) = ( CString::new("%s"), + CString::new(format!("{}", record.args()))) + { + let fmt_ptr = fmt.as_ptr(); + let msg_ptr = msg.as_ptr(); match record.level() { - Level::Debug => unsafe { syslog(LOG_DEBUG, msg.as_ptr()); } - Level::Error => unsafe { syslog(LOG_ERR, msg.as_ptr()); } - Level::Info => unsafe { syslog(LOG_INFO, msg.as_ptr()); } - Level::Warn => unsafe { syslog(LOG_WARNING, msg.as_ptr()); } - Level::Trace => unsafe { syslog(LOG_DEBUG, msg.as_ptr()); } + Level::Debug => unsafe { syslog(LOG_DEBUG, fmt_ptr, msg_ptr); } + Level::Error => unsafe { syslog(LOG_ERR, fmt_ptr, msg_ptr); } + Level::Info => unsafe { syslog(LOG_INFO, fmt_ptr, msg_ptr); } + Level::Warn => unsafe { syslog(LOG_WARNING, fmt_ptr, msg_ptr); } + Level::Trace => unsafe { syslog(LOG_DEBUG, fmt_ptr, msg_ptr); } } } } |