From owner-freebsd-security  Thu Aug 31 08:28:36 1995
Return-Path: security-owner
Received: (from majordom@localhost)
          by freefall.FreeBSD.org (8.6.11/8.6.6) id IAA09994
          for security-outgoing; Thu, 31 Aug 1995 08:28:36 -0700
Received: from time.cdrom.com (time.cdrom.com [192.216.222.226])
          by freefall.FreeBSD.org (8.6.11/8.6.6) with ESMTP id IAA09988
          for <security@freebsd.org>; Thu, 31 Aug 1995 08:28:30 -0700
Received: from localhost (localhost [127.0.0.1]) by time.cdrom.com (8.6.12/8.6.9) with SMTP id IAA10310 for <security@freebsd.org>; Thu, 31 Aug 1995 08:17:54 -0700
Prev-Resent: Thu, 31 Aug 1995 08:17:54 -0700
Prev-Resent: "security@freebsd.org "
Received: from freefall.FreeBSD.org (freefall.cdrom.com [192.216.222.4]) by time.cdrom.com (8.6.12/8.6.9) with ESMTP id IAA10285 for <jkh@time.cdrom.com>; Thu, 31 Aug 1995 08:11:16 -0700
Received: from tyrell.net (tyrell.net [198.175.8.2])
          by freefall.FreeBSD.org (8.6.11/8.6.6) with SMTP id IAA09746
          for <jkh@freefall.FreeBSD.org>; Thu, 31 Aug 1995 08:21:43 -0700
Received: from amgraf.UUCP by tyrell.net with UUCP id AA05527
  (5.65c/IDA-1.4.4 for jkh@freefall.FreeBSD.org); Thu, 31 Aug 1995 10:16:58 -0500
Received: by amgraf.com
	id AA14200; Thu, 31 Aug 95 09:33:56 -0500 (CDT)
From: huver@amgraf.com (Huver)
Reply-To: huver@amgraf.com
Message-Id: <9508311433.AA14200@amgraf.com>
To: jkh@freefall.FreeBSD.org
Subject: My goof-up to previous syslog.c changes
Date: Thu, 31 Aug 95 09:33:56 CDT
Resent-To: security@freebsd.org
Resent-Date: Thu, 31 Aug 1995 08:17:54 -0700
Resent-Message-ID: <10308.809882274@time.cdrom.com>
Resent-From: "Jordan K. Hubbard" <jkh@time.cdrom.com>
Sender: security-owner@freebsd.org
Precedence: bulk

This is most embarassing... a couple of years ago we changed our
snprintf() to always return number of bytes written, and have been using
our version since.  My previous changes to syslog() were based on that,
and totally forgot the fact that stock snprintf() can return "number of
bytes needed" which can exceed the buffer size.

Thusly the attached syslog.c is needed to use stock functions.  I
apologize for my goofs.

-huver  huver@amgraf.com
=========================================================================
/*
 * Copyright (c) 1983, 1988, 1993
 *	The Regents of the University of California.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *	This product includes software developed by the University of
 *	California, Berkeley and its contributors.
 * 4. Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#if defined(LIBC_SCCS) && !defined(lint)
static char sccsid[] = "@(#)syslog.c	8.4 (Berkeley) 3/18/94";
#endif /* LIBC_SCCS and not lint */

#include <sys/types.h>
#include <sys/socket.h>
#include <sys/syslog.h>
#include <sys/uio.h>
#include <netdb.h>

#include <errno.h>
#include <fcntl.h>
#include <paths.h>
#include <stdio.h>
#include <string.h>
#include <time.h>
#include <unistd.h>

#if __STDC__
#include <stdarg.h>
#else
#include <varargs.h>
#endif

static int	LogFile = -1;		/* fd for log */
static int	connected;		/* have done connect */
static int	LogStat = 0;		/* status bits, set by openlog() */
static const char *LogTag = NULL;	/* string to tag the entry with */
static int	LogFacility = LOG_USER;	/* default facility code */
static int	LogMask = 0xff;		/* mask of priorities to be logged */
extern char	*__progname;		/* Program name, from crt0. */

/*
 * syslog, vsyslog --
 *	print message on log file; output is intended for syslogd(8).
 */
void
#if __STDC__
syslog(int pri, const char *fmt, ...)
#else
syslog(pri, fmt, va_alist)
	int pri;
	char *fmt;
	va_dcl
#endif
{
	va_list ap;

#if __STDC__
	va_start(ap, fmt);
#else
	va_start(ap);
#endif
	vsyslog(pri, fmt, ap);
	va_end(ap);
}

void
vsyslog(pri, fmt, ap)
	int pri;
	register const char *fmt;
	va_list ap;
{
	register int cnt;
	register char ch, *p, *t;
	time_t now;
	int fd, saved_errno;
	char *stdp, tbuf[2048], fmt_cpy[1024];
	int tbuf_size, fcpy_len;

	/* set up to simplify calc a bit later */
	tbuf_size = sizeof(tbuf) - 1;

#define	INTERNALLOG	LOG_ERR|LOG_CONS|LOG_PERROR|LOG_PID
	/* Check for invalid bits. */
	if (pri & ~(LOG_PRIMASK|LOG_FACMASK)) {
		syslog(INTERNALLOG,
		    "syslog: unknown facility/priority: %x", pri);
		pri &= LOG_PRIMASK|LOG_FACMASK;
	}

	/* Check priority against setlogmask values. */
	if (!(LOG_MASK(LOG_PRI(pri)) & LogMask))
		return;

	saved_errno = errno;

	/* Set default facility if none specified. */
	if ((pri & LOG_FACMASK) == 0)
		pri |= LogFacility;

	/* Build the message. */
	(void)time(&now);
	fd = sprintf(tbuf, "<%d>", pri);
	p = tbuf + fd;
	tbuf_size -= fd;
	fd = strftime(p, tbuf_size, "%h %e %T ", localtime(&now));
	p += fd;
	tbuf_size -= fd;
	if (LogStat & LOG_PERROR)
		stdp = p;
	if (LogTag == NULL)
		LogTag = __progname;
	if (LogTag != NULL) {
		fd = snprintf(p, tbuf_size, "%s", LogTag);
		if (fd == EOF) tbuf_size = 0;
		else {
		  if (fd > tbuf_size) fd = tbuf_size;
		  p += fd;
		  tbuf_size -= fd;
		}
	}
	if (LogStat & LOG_PID) {
		fd = snprintf(p, tbuf_size, "[%d]", getpid());
		if (fd == EOF) tbuf_size = 0;
		else {
		  if (fd > tbuf_size) fd = tbuf_size;
		  p += fd;
		  tbuf_size -= fd;
		}
	}
	if (LogTag != NULL  &&  tbuf_size > 2) {
		*p++ = ':';
		*p++ = ' ';
	}

	/* Substitute error message for %m. */
	fcpy_len = sizeof(fmt_cpy);
	for (t = fmt_cpy; ch = *fmt; ++fmt)
		if (ch == '%' && fmt[1] == 'm') {
			++fmt;
			fd = snprintf(t, fcpy_len, "%s", strerror(saved_errno));
			if (fd != EOF  &&  fd <= fcpy_len) {
			  t += fd;
			  fcpy_len -= fd;
			}
		} else if (fcpy_len > 1) {
			*t++ = ch;
			fcpy_len--;
		}
	*t = '\0';
	fd = vsnprintf(p, tbuf_size, fmt_cpy, ap);
	if (fd != EOF  &&  fd <= tbuf_size) p += fd;
	else *p = '\0';
	cnt = p - tbuf;

	/* Output to stderr if requested. */
	if (LogStat & LOG_PERROR) {
		struct iovec iov[2];
		register struct iovec *v = iov;

		v->iov_base = stdp;
		v->iov_len = cnt - (stdp - tbuf);
		++v;
		v->iov_base = "\n";
		v->iov_len = 1;
		(void)writev(STDERR_FILENO, iov, 2);
	}

	/* Get connected, output the message to the local logger. */
	if (!connected)
		openlog(LogTag, LogStat | LOG_NDELAY, 0);
	if (send(LogFile, tbuf, cnt, 0) >= 0)
		return;

	/*
	 * Output the message to the console; don't worry about blocking,
	 * if console blocks everything will.  Make sure the error reported
	 * is the one from the syslogd failure.
	 */
	if (LogStat & LOG_CONS &&
	    (fd = open(_PATH_CONSOLE, O_WRONLY, 0)) >= 0) {
		p = index(tbuf, '>') + 1;
		(void)write(fd, p, cnt - (p - tbuf));
		(void)write(fd, "\r\n", 2);
		(void)close(fd);
	}
}

static struct sockaddr SyslogAddr;	/* AF_UNIX address of local logger */

void
openlog(ident, logstat, logfac)
	const char *ident;
	int logstat, logfac;
{
	if (ident != NULL)
		LogTag = ident;
	LogStat = logstat;
	if (logfac != 0 && (logfac &~ LOG_FACMASK) == 0)
		LogFacility = logfac;

	if (LogFile == -1) {
		SyslogAddr.sa_family = AF_UNIX;
		(void)strncpy(SyslogAddr.sa_data, _PATH_LOG,
		    sizeof(SyslogAddr.sa_data));
		if (LogStat & LOG_NDELAY) {
			if ((LogFile = socket(AF_UNIX, SOCK_DGRAM, 0)) == -1)
				return;
			(void)fcntl(LogFile, F_SETFD, 1);
		}
	}
	if (LogFile != -1 && !connected)
		if (connect(LogFile, &SyslogAddr, sizeof(SyslogAddr)) == -1) {
			(void)close(LogFile);
			LogFile = -1;
		} else
			connected = 1;
}

void
closelog()
{
	(void)close(LogFile);
	LogFile = -1;
	connected = 0;
}

/* setlogmask -- set the log mask level */
int
setlogmask(pmask)
	int pmask;
{
	int omask;

	omask = LogMask;
	if (pmask != 0)
		LogMask = pmask;
	return (omask);
}