commit f67e047aa9cf27e3dd75f85bdffd87de22386fc9
from: Nikolay Shirokovskiy <nshirokovskiy@tarantool.org>
via: Vladimir Davydov <vdavydov@tarantool.org>
date: Tue Oct 15 07:47:22 2024 UTC

say: fix NULL pointer dereference in log_syslog_init

If opts.identity is NULL and strdup is failed we do NULL pointer
dereference when reporting the error. Let's just panic if strdup() failed.
While at it replace another strdup() with xstrdup() in this function. Our
current approach is to panic on runtime OOM.

Closes tarantool/security#128

NO_TEST=issue is not possible after the fix
NO_CHANGELOG=not reproducible
NO_DOC=bugfix

(cherry picked from commit 47b72f44986797466b95b9431a381dbef7dd64fd)

commit - 89b2760ef192a744e09a41a8af347aa148bbdf33
commit + f67e047aa9cf27e3dd75f85bdffd87de22386fc9
blob - 2963f8595c2e31d471a0c8c736947283a70cba25
blob + de8ac167b4c66fe2db14302f9de000f917da9148
--- src/lib/core/say.c
+++ src/lib/core/say.c
@@ -627,23 +627,12 @@ log_syslog_init(struct log *log, const char *init_str)
 		return -1;
 
 	log->syslog_server_type = opts.server_type;
-	if (log->syslog_server_type != SAY_SYSLOG_DEFAULT) {
-		log->path = strdup(opts.server_path);
-		if (log->path == NULL) {
-			diag_set(OutOfMemory, strlen(opts.server_path),
-				 "malloc", "server address");
-			return -1;
-		}
-	}
-	if (opts.identity == NULL)
-		log->syslog_ident = strdup("tarantool");
+	if (log->syslog_server_type != SAY_SYSLOG_DEFAULT)
+		log->path = xstrdup(opts.server_path);
+	if (opts.identity == NULL)
+		log->syslog_ident = xstrdup("tarantool");
 	else
-		log->syslog_ident = strdup(opts.identity);
-	if (log->syslog_ident == NULL) {
-		diag_set(OutOfMemory, strlen(opts.identity), "malloc",
-		         "log->syslog_ident");
-		return -1;
-	}
+		log->syslog_ident = xstrdup(opts.identity);
 
 	if (opts.facility == syslog_facility_MAX)
 		log->syslog_facility = SYSLOG_LOCAL7;