- Fix use after free on log-identity after a reload; Fixes #163.

2025-12-20 23:00:56 -05:00 · 2020-02-10 13:56:22 +01:00 · 2020-02-10 13:56:22 +01:00 · adda4f6ace
commit adda4f6ace
parent c316b1d7d5
5 changed files with 52 additions and 20 deletions
--- a/daemon/unbound.c
+++ b/daemon/unbound.c
@ -259,21 +259,10 @@ checkrlimits(struct config_file* cfg)
 #endif /* S_SPLINT_S */
 }

-/** set default logfile identity based on value from argv[0] at startup **/
-static void
-log_ident_set_fromdefault(struct config_file* cfg,
-	const char *log_default_identity)
-{
-	if(cfg->log_identity == NULL || cfg->log_identity[0] == 0)
-		log_ident_set(log_default_identity);
-	else
-		log_ident_set(cfg->log_identity);
-}
-
 /** set verbosity, check rlimits, cache settings */
 static void
 apply_settings(struct daemon* daemon, struct config_file* cfg,
-	int cmdline_verbose, int debug_mode, const char* log_default_identity)
+	int cmdline_verbose, int debug_mode)
 {
 	/* apply if they have changed */
 	verbosity = cmdline_verbose + cfg->verbosity;
@ -289,7 +278,7 @@ apply_settings(struct daemon* daemon, struct config_file* cfg,
 		log_warn("use-systemd and do-daemonize should not be enabled at the same time");
 	}

-	log_ident_set_fromdefault(cfg, log_default_identity);
+	log_ident_set_or_default(cfg->log_identity);
 }

 #ifdef HAVE_KILL
@ -639,11 +628,10 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
 * @param cmdline_verbose: verbosity resulting from commandline -v.
 *    These increase verbosity as specified in the config file.
 * @param debug_mode: if set, do not daemonize.
- * @param log_default_identity: Default identity to report in logs
 * @param need_pidfile: if false, no pidfile is checked or created.
 */
 static void 
-run_daemon(const char* cfgfile, int cmdline_verbose, int debug_mode, const char* log_default_identity, int need_pidfile)
+run_daemon(const char* cfgfile, int cmdline_verbose, int debug_mode, int need_pidfile)
 {
 	struct config_file* cfg = NULL;
 	struct daemon* daemon = NULL;
@ -667,7 +655,7 @@ run_daemon(const char* cfgfile, int cmdline_verbose, int debug_mode, const char*
 					"or unbound-checkconf", cfgfile);
 			log_warn("Continuing with default config settings");
 		}
-		apply_settings(daemon, cfg, cmdline_verbose, debug_mode, log_default_identity);
+		apply_settings(daemon, cfg, cmdline_verbose, debug_mode);
 		if(!done_setup)
 			config_lookup_uid(cfg);
 	
@ -733,6 +721,7 @@ main(int argc, char* argv[])

 	log_init(NULL, 0, NULL);
 	log_ident_default = strrchr(argv[0],'/')?strrchr(argv[0],'/')+1:argv[0];
+	log_ident_set_default(log_ident_default);
 	log_ident_set(log_ident_default);
 	/* parse the options */
 	while( (c=getopt(argc, argv, "c:dhpvw:V")) != -1) {
@ -783,7 +772,7 @@ main(int argc, char* argv[])
 		return 1;
 	}

-	run_daemon(cfgfile, cmdline_verbose, debug_mode, log_ident_default, need_pidfile);
+	run_daemon(cfgfile, cmdline_verbose, debug_mode, need_pidfile);
 	log_init(NULL, 0, NULL); /* close logfile */
 #ifndef unbound_testbound
 	if(log_get_lock()) {
--- a/doc/Changelog
+++ b/doc/Changelog
@ -1,5 +1,6 @@
 10 February 2020: George
 	- Document 'ub_result.was_ratelimited' in libunbound.
+	- Fix use after free on log-identity after a reload; Fixes #163.

 6 February 2020: George
 	- Fix num_reply_states and num_detached_states counting with
--- a/util/config_file.c
+++ b/util/config_file.c
@ -1404,7 +1404,10 @@ config_delete(struct config_file* cfg)
 	config_delstrlist(cfg->tls_session_ticket_keys.first);
 	free(cfg->tls_ciphers);
 	free(cfg->tls_ciphersuites);
+	if(cfg->log_identity) {
+		log_ident_revert_to_default();
 		free(cfg->log_identity);
+	}
 	config_del_strarray(cfg->ifs, cfg->num_ifs);
 	config_del_strarray(cfg->out_ifs, cfg->num_out_ifs);
 	config_delstubs(cfg->stubs);
--- a/util/log.c
+++ b/util/log.c
@ -74,6 +74,7 @@ static lock_basic_type log_lock;
 #endif
 /** the identity of this executable/process */
 static const char* ident="unbound";
+static const char* default_ident="unbound";
 #if defined(HAVE_SYSLOG_H) || defined(UB_ON_WINDOWS)
 /** are we using syslog(3) to log to */
 static int logging_to_syslog = 0;
@ -181,6 +182,26 @@ void log_ident_set(const char* id)
 	ident = id;
 }

+void log_ident_set_default(const char* id)
+{
+	default_ident = id;
+}
+
+void log_ident_revert_to_default()
+{
+	ident = default_ident;
+}
+
+void log_ident_set_or_default(const char* identity)
+	//const char* default_identity)
+{
+	if(identity == NULL || identity[0] == 0)
+		//log_ident_set(default_identity);
+		log_ident_set(default_ident);
+	else
+		log_ident_set(identity);
+}
+
 void log_set_time_asc(int use_asc)
 {
 	log_time_asc = use_asc;
--- a/util/log.h
+++ b/util/log.h
@ -112,6 +112,24 @@ int log_thread_get(void);
 */
 void log_ident_set(const char* id);

+/**
+ * Set default identity to print, default is 'unbound'.
+ * @param id: string to print. Name of executable.
+ */
+void log_ident_set_default(const char* id);
+
+/**
+ * Revert identity to print, back to the recorded default value.
+ */
+void log_ident_revert_to_default();
+
+/**
+ * Set identity to print if there is an identity, otherwise
+ * set the default.
+ * @param identity: the identity to set.
+ */
+void log_ident_set_or_default(const char* identity);
+
 /**
 * Set if the time value is printed ascii or decimal in log entries.
 * @param use_asc: if true, ascii is printed, otherwise decimal.