Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

out_gelf: fix crash after missing short_message key #10102

Open
wants to merge 1 commit into
base: 3.2
Choose a base branch
from
Open

out_gelf: fix crash after missing short_message key #10102

wants to merge 1 commit into from

Conversation

bpetermannS11
Copy link
Contributor

Backport this fix for 3.2

Fix for an illegal free in the gelf output plugin when it handled a message lacking the short_message key.
In cb_gelf_flush: if the input doesn't contain the short_message key flb_msgpack_to_gelf will fail and return NULL. The variable s is not initialized, but still flb_sds_destroy(s) is called which may unexpectedly free some arbitrary pointer.
Fixed by initializing s.

Fixes #10086

Enter [N/A] in the box, if an item is not applicable to your change.

Testing
Before we can approve your change; please submit the following in a comment:

  • Example configuration file for the change
  • Debug log output from testing the change
  • Attached Valgrind output that shows no leaks or memory corruption was found

If this is a change to packaging of containers or native binaries then please confirm it works for all targets.

  • Run local packaging test showing all targets (including any new ones) build.
  • Set ok-package-test label to test for all targets (requires maintainer to do).

Documentation

  • Documentation required for this feature

Backporting

  • Backport to latest stable release.

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

@bpetermannS11
out_gelf: fix crash after missing short_message key
b454439 
Fix for an illegal free in the gelf output plugin when it handled
a message lacking the short_message key.
In `cb_gelf_flush`: if the input doesn't contain the short_message key
`flb_msgpack_to_gelf` will fail and return NULL. The variable `s` is
not initialized, but still `flb_sds_destroy(s)` is called which
may unexpectedly free some arbitrary pointer.
Fixed by initializing `s`.

Fixes fluent#10086
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@edsiper edsiper Awaiting requested review from edsiper edsiper is a code owner

@leonardo-albertovich leonardo-albertovich Awaiting requested review from leonardo-albertovich leonardo-albertovich is a code owner

@fujimotos fujimotos Awaiting requested review from fujimotos fujimotos is a code owner

@koleini koleini Awaiting requested review from koleini koleini is a code owner

At least 0 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
docs-required
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@bpetermannS11